I'm lucky. I'm on Mediacom here in the Midwest, and as far as I can tell, no caps (I'm sure I hit over well over 200GB last month with re-downloading games to the wife's new computer, and lots of MLB and Netflix streaming, plus, uh, other things). However, Mediacom does use DPI (deep packet inspection) to serve-up it's own advertisements in some websites I frequent (that, or mlb.com uses THE WORST ad service I've ever seen). Who knows what else they might be doing with that technology. I guess it's a tradeoff, get screwed by your ISP for using the service you paid for, or have your ISP spy on you for it's own profit. However, until my web browser starts saying my web certificates are signed by "Mediacom Intermediary Certificate Signing Company", I'll assume my HTTPS traffic is safe.