My ISP does that (XS4ALL, the Netherlands). Of course they can't know everything but if they receive abuse reports, notice your IP got blacklisted for spam or some honeypot network got a whiff of your IP address running malware variant XYZ, they put your IP address in quarantine (only 80 and 443 outgoing I think, or maybe only to the ISP's own website or something) and ask what's going on.

I can tell you they're a real pain to convince to unblock you when you are 17 and have been a bad netizen. Which is a good thing.