That “usually” is doing a ton of work. I remember Vodafone injecting scripts into webpages many years ago. While trying to find a source, I bumped into other shenanigans.
That’s not a valid defence, it’s moving the goalposts and whataboutism. ISPs shouldn’t be bad actors at all and they have the ability to do the most harm.
Maybe if they live in a high income country with relatively strong consumer protections and are using their home ISP. But quite a lot of the internet is very much not that.
In some places and on some networks, MiTMing http traffic for undesirable use-cases is routine.
ISP's are usually serious businesses with reputations and don't hack their own customers.