1) They were open about it from day 1.
2) They do not intercept and inspect connections with certain types of sites(banking, healthcare, etc.) and YES I have verified this.
3) They have obviously limited the ports being intercepted(kind of pointless) because I can establish HTTPS connections to servers using non-standard ports without the normally required certificate. This also means that I can tunnel all of my internet activity via SSH through my home server when I choose to.