alt Hacker NewsDo you understand what transit encryption is? The point of TLS is the ISP can't inspect the traffic.
They can of course refuse to carry all encrypted traffic, but 1) stenography exists, so have fun writing DPI filters to detect suspicious noise in the note velocities of MIDI data; 2) turns out the free market didn't adopt HTTPS just to hide drug dealers -- I don't know if you heard, but there's this itty bitty thing called e-commerce, and unless you want people's credit card numbers flying in cleartext left right and center, it is better the padlook stays on.
Now what they can do is mandate their own root CA be installed on all the devices in the country, a tactic actually adopted by real regimes like Russia and Kazakhstan. Unfortunately, so far all they could do is beg and plead over SMS and refuse connections to the online government portal without the CA, while Mozilla and even Google blacklisted their certs.
If certificate transparency becomes universal, now the browser won't even connect until the feds politely check their little spy op into an immutable ledger. So the only remaining point of failure is the browser itself, but by that point it might as well send a clear copy on its own.
I know very well and I absolutely am not advocating for removing TLS. I am only saying that there is no need for them to remove it as IsP's can already access your traffic if needed through a lawful intercept. These are part of ISP certification. You're very naive if you believe there is no way for the ISP to view your traffic just because you're over an Https connection.
The ISP has "Intercept Access Points" withing their infra that will just clone you're data. Without you knowing. This is a feature. Turned on with a warrant always I'm sure.
Making my point of your ISP not being there to defend your privacy. It's not their mandate. Their mandate is to provide an internet service to you, and a mechanism to intercept to law enforcement.
Nobody is talking about passing around plain text over the wire here.