The issue to me is if the so-called "upstream" actually stores all the raw SSL data, and how fast it's decrypted. This is apart from any corporate cooperation, except for the Mark Klein AT&T splitter variety. (Unless of course Google, Facebook, etc are handing over their private SSL keys.)