On an open source architecture, many eyes hypothetically leave few places for malicious action to hide. This is not always 100% foolproof, but it seems to work out pretty well most of the time.
On a closed source architecture, this sort of thing is generally safeguarded by contract and law. Company can get away with it once, but if the law and contracts were properly crafted there will be fines and jail time that discourages them from doing it again.
On a closed source architecture, this sort of thing is generally safeguarded by contract and law. Company can get away with it once, but if the law and contracts were properly crafted there will be fines and jail time that discourages them from doing it again.