Over the past 3 months, I've had two instances when I visited stackoverflow.com only to discover myself logged in as a completely different user. This seems to have happened to others as well. In that question, the answerer writes:
your ISP illegaly responded to your request(s) with content it had previously requested on behalf of a different user
And indeed, that user is sharing the same ISP with me. There's no doubt there's some very serious privacy issue here – specifically, I was able to access that user's account page and see his personal details (such as e-mail), and if it happens one way, I wouldn't be surprised if that user is occasionally logged-in as me and can see my personal details.
That answer, however, writes that my ISP is doing something illegal. Is my ISP actually doing something wrong here, or is such "overzealous" caching permissible under whatever protocols govern this? Is it ultimately the website's (stackoverflow's) fault for not supporting encryption (https) for displaying sensitive pages with sensitive user information?
And if my ISP is indeed in the wrong here, is there any way I can produce some sort of incriminating report next time it happens, so I will have something concrete to send them to complain, or send the press if they ignore me? I should note that during the two times it had happened, subsequent requests did not always fix the situation, the "returning bad page" thing seemed to have lasted a few minutes.