Just about all certificate authorities are trusted by billions of people a day to encrypt their data. Almost all of CAs are privately held companies, the only way they are trusted is by being audited by a third party. For info about the inclusion process see https://www.ccadb.org/ and https://wiki.mozilla.org/CA/Information_Checklist
LetsEncrypt is an example of a non-profit open source based CA.