I was addressing the law because you repeatedly made the nonsensical claim that Let's Encrypt was exposing themselves to legal liability in refusing to issue to domains who were listed on Google's Safe Browsing list. That's a legal issue, and has nothing to do with integrity or ethics, nor with your peculiar concept of "civilized standards". But if you're as concerned with integrity and ethics as you claim to be, you'd do well to avoid blanket statements that attorneys in general don't care about those issues.
If you're conceding that you were completely wrong on the legal question, and you're now wanting to shift the question to more nebulous issues like integrity, ethics, and civilized standards, fine. In that case, as I see it, there are two key questions: (1) is it any of the CA's business who's getting the cert, as long as they can demonstrate domain control/ownership? (2) If it's proper for the CA to refuse to issue to phishing/malware sites, what level of care should they use in making that determination?
On the first question, I tend to believe that a CA should issue (at least at the DV level, which is what we're dealing with here) to anyone who can demonstrate domain ownership/control. I think the LE folks agree, conceptually, as they described in the blog post I already linked to. But they're also aware that way too many users put way too much trust in that little padlock--look here for a recent thread with this exact problem. So, at least for the time being, they're taking some effort to block phishing and malware sites. If you'd like to further discuss that policy decision, there's an existing thread for that purpose here, and further discussion would probably better go there.
On the second question, if we accept that it's at least acceptable for the CA to refuse to issue to phishing/malware sites, the remaining question is what they should do to identify such sites. Is it acceptable to rely on a generally-reliable third party, or must LE confirm each blacklisted site on their own? I believe it's perfectly acceptable ("ethical", if you prefer) to rely on a third party, if that third party is generally reliable in making that determination. "Generally reliable" doesn't mean perfect. A fairly low rate of false positives, combined with an effective method for affected sites to contest their listing, would be necessary to consider the third party "generally reliable" in my view. And to the best of my knowledge, both of those conditions are true of Google's Safe Browsing list.
You refer to "the values of the society that shall not consider anyone malicious without evidences brought up in the courts of law", but there is no such value in this or any other society. And in this particular case, that would be entirely impractical. In the first place, it would be ridiculously expensive, as a separate court case would need to be filed for each domain proposed to be blacklisted. This takes an attorney's time (which costs money), and (at a minimum) a filing fee with the court, which is typically hundreds of dollars for each case. You then need to figure out how to serve the opposing party. You're looking at thousands of dollars before you even get to the point of a court hearing evidence. And that's for each domain. In the second place, it would take several months, at a minimum, before a court would hear any evidence of anything.