I'm sure somebody will probably point out to me why this is a terrible idea, but I have thought that ISPs probably can detect traffic known to be coming to/from bot networks and then send a letter of warning to the customer. They can do it for supposedly illegal file sharing, so why not do something helpful and let customers know that fishy traffic is coming from their system?
I don't mean they should be able to shut you off or anything, but I personally wouldn't mind a notification letting me know that I may have been hacked.
They are allowed to look into the traffic only as much as they need to in order to maintain quality service. They notice stuff like botnets and piracy because both of these activities have the potential to generate abnormal amounts of traffic. Another reason they are likely to notice these things is because a third party will often notify them about the activity. They would have to monitor your connection/activity in a way that's highly unethical and possibly illegal in order to detect anything that isn't overly noisy.
That makes sense. I'd imagine though that it shows up on the ISP's radar when major DoS attacks happen. It seems like they could set up alarms for such things. Maybe it could be an opt-in thing.
I don't mean they should be able to shut you off or anything, but I personally wouldn't mind a notification letting me know that I may have been hacked.