They could have easily crammed the Steam Deck full of stuff to make it hard to use for piracy - locking down everything, making it usable only to play games you legitimately own, force you to go through who knows what hoops in order to play games on it. That’s what Nintendo or Apple or most other companies do.
But they didn’t, because they realized they didn’t have to. It’s 100% possible to put pirated games on the Steam Deck - in fact, it’s as easy as it could reasonably be. You copy it over, you wire it up to Steam, if it’s a non-Linux game you set it up with Proton or whatever else you want to use to run it, bam. You can now run it in Steam just as easily as a normal Steam game (usually.) If you want something similar to cloud saves you can even set up SyncThing for that.
But all of that is a lot of work, and after all that you still don’t have automatic updates, and some games won’t run this way for one reason or another even though they’ll run if you own them (usually, I assume, because of Steam Deck specific tweaks or install stuff that are only used when you’re running them on the Deck via the normal method.) Some of this you can work around but it’s even more hoops.
Whereas if you own a game it’s just push a button and play. They made legitimately owning a game more convenient than piracy, and they did it without relying on DRM or anything that restricts or annoys legitimate users at all - even if a game has a DRM-free GOG version, owning it on Steam will still make it easier to play on the Steam Deck.


And what exactly is that NFT, as distinct from the media it’s linked to, useful for? Aside from simply saying that it is unique and one can have ownership of it.
Cryptographic licence verification so you can play the game, say for example to use online services. Allows you to trade that licence to other people directly, no third party involvement to facilitate the trade. The game would pick it up and work. Anyone could download the game files but they only work if you own the game either by buying off someone directly or an official publisher
Any such verification depends on some other party to verify it. If the game requires online services, then the verification is dependent on the online services; the verification can’t stand alone. But we already have existing systems for that without the need for NFTs.
On the other hand, if the game is a standalone game that doesn’t require connecting to online services, then if the game can be made to run on one computer it can be made to run on another computer. No matter how you choose to assign ownership, you can’t get around this. Videogames are fundamentally data, and data can be copied.
Besides…inventing a new NFT-based DRM? No matter how you do it, it’s not going to be as convenient as simply not having DRM. A DRM-free game is one that anyone can just pick up and it’ll work, too. You’re proposing a “solution” that doesn’t offer anything new, while opening up other cans of worms along the way.
Also, we already have peer to peer game trades/sales anyway, and we’ve had these, long before NFTs were a thing.