By the time they’re about to go belly up, companies no longer have the resources to ensure they comb through the code to remove the parts licensed from 3rd parties, and the liquidators see all assets as something to sell in order to cover whatever loans the company got.
In an ideal world, consumers would never buy a non-open sourced car, or phone, or IoT device.
In the real world, regulators need to force companies to give consumers at least some basic way to control the products they buy.
Not really an option, when the data is being used for billing purposes (which phone, used what services, and when).
The US has no laws forcing data retention like the EU, but it would take something like anonymous micro transactions in order to have a working billing system, without collecting the data (and it being available to law enforcement).