The manufacturers think they can do it safely. They even have multinational conferences where they get together and the 2 guys from every company who would rather travel than work sit around and agree with each other that they have put in enough safety checks to protect their customers.
The problem is, most people can't mentally scale risk up to millions of copies. The basic engineer's metric is: "I tried it on my test rig as many ways as I can think of and nothing ever failed." Put this guy in a "world class" test facility with all the best toys money can buy and he'll write you all kinds of analyses "proving" that their accelerated degradation models guarantee a trillion hour MTBF. Problem is: when you put a million imperfect copies of a thing into the real world, with a million different people operating them in thousands of different use cases in hundreds of different environments, the "world class" test facility becomes a myopic little ivory tower by comparison.
One of the answers is "post market surveillance" - but that's expensive, politically unpopular, and logistically difficult to implement, though it is getting cheaper and easier, I don't think it's getting any more politically acceptable. Personally, I feel that the commercial arm of the corporations have corrupted the good in onboard diagnostics, putting up a little "feed my mechanics' and dealers' families" light on your dashboard that comes on for every little problem, but still managing to let you get stranded by the side of the road with little to no warning Why would I ever trust such a system to "phone home" with data about my driving habits?