...
Your CA may incidentally yield the power on such client devices of your own user base to inspect their web or other traffic (if you actively abuse it and modify your IT infrastructure to enable this). We do not endorse or encourage this in any way.
Having your own trusted root CA in client devices also makes the protection of the private key to this CA an objective of paramount importance.
...