Well, the onus is on the wider tech community to hold each of the vendors to account for what they do and don't do.
There's a delicate balance of trust and cooperation between site owners, vendors, and CAs, where each can make demands and has to serve to a degree each of the others. In situations where this trust is broken by one party, the other two will often move to reject them.
An example of this is a CA being rejected by a vendor after they issue invalid certificates, but on the flip side, a vendor simply throwing a tantrum over a bad domain and pulling trust will leave them as the only browser that "doesn't work" with some number of sites, and that reflects badly on them and they will see fewer people use their products (imagine if only Mozilla ended up rejecting LE certs!).
There's a delicate balance of trust and cooperation between site owners, vendors, and CAs, where each can make demands and has to serve to a degree each of the others. In situations where this trust is broken by one party, the other two will often move to reject them.
An example of this is a CA being rejected by a vendor after they issue invalid certificates, but on the flip side, a vendor simply throwing a tantrum over a bad domain and pulling trust will leave them as the only browser that "doesn't work" with some number of sites, and that reflects badly on them and they will see fewer people use their products (imagine if only Mozilla ended up rejecting LE certs!).