IANAL.
I originally thought this was breaking 18 U.S.C. Chapter 119, 2510 to 2522 (?), but no.
*IF* they only alter the answer of their own DNS servers to their clients, when the client has made a request to said DNS servers, then they're probably in the clear. There is two communications: one from the client (C) to the Bell server (B), then one from B to the authoritative server (S). S then answer NXDOMAIN to B, which then returns a completely different information to C. So they're not intercepting anything.
OTOH, *IF* they hijack all the port 53 requests to the outside world (which I doubt), then it's very likely 2511(1)(a) and (d) applies. They still could argue under 2511(2)(a)(i) that it's "necessary"...
Then again, IANAL.
OTOH, even if it's legal, it's still absolutely wrong.