Will using https mitigate the problem? Even with https, ISP will still know the IP address you are accessing, so - they probably know that I'm accessing forum.mrmoneymustache.com. But they won't know exactly what I'm posting, etc.
Similarly, they may know that I'm accessing Cigna/Aetna/UNH, etc. websites but they won't see the the web pages I'm seeing, since they are encrypted.
Am I right?
So... it depends on how the ISP plans to "watch" you.
I have a theory on what the ISPs are planning to do. I used to work at an ISP and I am purely basing this on trends I was seeing. I am sure actual implementation will vary from ISP to ISP.
I see a couple of ways to go about this:
method 1. Install DPI boxes everywhere in the network. Watch all traffic. Gather statistics. Spam people with ads based on origin IP/traffic content.
method 2. Just monitor DNS lookups. Gather statistics based on origin IP. Spam people with ads based on origin IP/destination domain.
Pros (from the ISP point of view)
method 1. You will get a pretty good idea of what everyone does, not matter what the protocol. For encrypted protocols (like https) you will minimally get the destination, which will give you general things like "user is interested in finance."
method 2. This is dreadfully easy. Not only is it easy, the data is already being collected. No hardware to buy. Sell existing data you have laying about. ISPs are probably already gathering data on non-existing domains and redirecting you to a search engine (which gives them money). [Aside: this is a bad, bad thing from a technical point of view, but pretty much all of them do it.]
Cons (from ISP point of view)
method 1. This can be terribly expensive. There is lots of hardware to buy. Depending on network architecture, you may have to have them all over the place. And where I came from, these invisible "just a bump in the wire" type machines are very suspect. Any time you have a problem and have a mystery box in the middle of things that "doesn't do anything"... you are ALWAYS suspicious this box is actually interfering.
method 2. Not as detailed data. (But probably "good enough").
---
My semi educated guess is ISPs will use the DNS method (method 2). If so, switching your DNS server from the ISPs DNS server to some other DNS server will likely take you off of their radar.
---
Aside: More than "ISP is watching" ... I'm concerned with how they're planning on spamming me with ads. If they plan on wrapping every http window in a frame that has ads to the side: This would be absolutely horrible. They'll screw up formatting and likely just break stuff in general. I think they will fail at this. If they are just going to add context to the search page they return for DNS lookup failures... that's at least not as invasive. I'm really curious how they think they will successfully use the data.