Here's a scary thought: How do we know every ISP isn't doing this, it would be undetectable if they only injected these on certain domains e.g. facebook, google. However I don't see how much more tracking ability that would grant over IP tracking.