A better analogy would be FedEx selling your incoming and outgoing addresses and package weights to third parties, not necessarily the contents of your packages.

Why not the contents? What happens when most content is not over a secure connection such e.g. Over HTTP? Could they not inspect the content?

It sure seems like they could. For most people most of the internet is still insecure.

Yeah, the closer analogy would be FedEx selling information about content of your packages unless they are shipped in some kind of locked strong box.

They can and do. I recall instances where some ISPs even went so far as to inject advertising HTML directly into pages sent over HTTP.

Why not HTTPS? There are ways to do MITM proxing that re-encrypt traffic. As a customer, you just need to install their CA certificate.

Or slightly worse, they could get browser vendors to include their CA (or pass legislation to force this).

What prevents this from happening?

In mobile, where the carrier controls everything (the network, the OS) it's not unlikely this is already happening.

I know for me personally I already assume anything over a non-HTTPS or non-secured protocol will be received and possibly read by anyone and everyone.

You forgot "and changed". Injected ads, injected JavaScript, replaced ads... This has been occurring, and without protections against it, it will continue to occur.

More like your landlord selling the keys to your apartment, but you still have the key to a series of safes inside. Everyone can get a lot of your stuff and probably watch you poop, but hopefully those safes are built well enough to keep everyone out of your valuables.

Only if every package and letter I sent was securely sealed so they couldn't get in.