I'm using chrome in an environment that is employing transparent TLS inspect. There is a private CA that issues the certificates and is available in the trusted authorities store. When I visit mail.google.com I don't receive a warning. I would expect to receive a warning since the certificate issuer does not match the static pinset (https://github.com/chromium/chromium/blob/master/net/http/transport_security_state_static.json).
Why can I connect to google.com without a warning (e.g. pinset failure)? This is concerning to me as there is multitude of CA, any of which can potentially issue a certificate for, say, google.com.
Does certificate transparency remedy this issue?