[MichaelGG]

Think about how it'd have to work. By including a "compromised" cert that any company can get use, and that every Windows customer trusts, the CA system would be entirely destroyed. Microsoft wouldn't do that - it makes zero sense. Cisco might have something that having a CA for makes easier, but including a MITM cert in every Windows install is not close to reality.

[e12e]

I'm not so sure. Before the "encryption fad" most traffic would go unencrypted to a Cisco device (router, switch, proxy, vpn concentrator (the inside of the network)) anyway.

As far as I know, The US has almost non-existent privacy laws when it comes to what corporations are allowed to do/demand to do to their employees through contracts wrt. traffic on company equipment.

Forcefully and silently intercepting traffic on employee networks would AFAIK be illegal in most of Europe.