CAs use their private keys to sign website operators' public keys. They don't know the website operators' private keys. Therefore, the only way a rogue CA could intercept traffic is by issuing fake certificates with keys controlled by the attacker, which is what CT aims to detect.
Of course, CT doesn't prevent website operators from sharing their private keys with third parties, but the discussion here is about CAs, not website operators.
As I understand it, if you come across a certificate signed by a CA that claims to follow CT, but isn't in the CT logs, it's a fairly major red flag - at the very least, the certificate has been mis-issued. If the third party _does_ log it in certificate transparency, a site owner can check if any certificates have been issued that they did not ask for.
Question for those with a fuller understanding: How can a browser verify this without leaking knowledge about every SSL certificate (and thus a significant percentage of browsing history) they have seen?
When issuing the certificate, the CA submits a pre-certificate to the CT logs, and the final certificate includes a cryptographic proof that the certificate was included in the log. The browser can check that proof without needing to query a 3rd party.
If a CA residing in the US began misusing their certificate to MITM TLS connections, I would fully expect Chrome and Firefox to block them too.
> How do we known that they don't share their private keys with the US government?
Certificate Transparency: https://www.certificate-transparency.org/what-is-ct