Such interception is widespread on corporate networks, since there is no way to properly proxy https traffic otherwise (and before you argue users are "entitled" to full network access without corporate supervision, access to physical corporate sites is protected by human guards, that, on a secure place, can ask you to show what's in your bags and check your are not leaving with sensitive material, so why the hell do all those "security" researchers expect people to be allowed to open a crypto tunnel freely and outsource the very same documents outside without any check?)
It is a great failure of the IT security community to have refused to acknowledge such basic needs, making it impossible to configure browsers so users are aware of the kind of checks they may be subjected to (that they may agree with or not, they could choose not to connect on corporate premises if they refuse the inspection on a properly designed system). So, instead, everyone is silently MITM-ing connexions by injecting its own root certificates behind the user's back (and please note it is *not* possible to restrict what those certificates can do in most browsers, so instead of authorising a certificate to connect to the known proxy only you're authorising it to do anything. The idiotic end-to-end no-compromise crypto mantra only produced systematic crypto breakage behind user's backs).
And that's just one kind of institution, various places (schools, prisons, etc) also require some filtering of what's going in and out.
Prisons excepted people can do whatever they want with their private smartphone, just not on a computer that does not belong to them.