ISPs don't emphasize privacy in their marketing, but some large ISPs claim they protect it [0], although their claims are pretty dubious[0][1].
I think your logic holds up, but it's not quite as definitive as you say. VPNs are not the straightforward privacy upgrade that HTTPS is. (I don't think you were trying to imply otherwise.)
I think the picture improves if you choose more carefully. Choosing an established VPN that has a no-log policy and has been audited seems much better, because now multiple companies are putting their reputation on the line. On the other hand, I think a relatively unknown company that's reselling someone else's VPN and hoping to cash in on the "VPN = privacy" is only a slight upgrade over a major ISP.
I think your logic holds up, but it's not quite as definitive as you say. VPNs are not the straightforward privacy upgrade that HTTPS is. (I don't think you were trying to imply otherwise.)
I think the picture improves if you choose more carefully. Choosing an established VPN that has a no-log policy and has been audited seems much better, because now multiple companies are putting their reputation on the line. On the other hand, I think a relatively unknown company that's reselling someone else's VPN and hoping to cash in on the "VPN = privacy" is only a slight upgrade over a major ISP.
[0]: https://www.latimes.com/business/story/2021-11-12/column-int... [1]: https://www.ftc.gov/system/files/documents/reports/look-what...