If they want to determine your political leanings your browsing history is enough.
With a fee, this requirement could then be waived.
Dystopian but technically possible.
Gogo didn't require installing a root cert, but they DID issue forged certificates to MitM connections to *.google.com (and others).
Also, remember "Superfish"? Their root cert was pre-installed by Lenovo.