I'm sure it's well established practice, and the courts would find it legal, but it seems like fraud. My computer says "I want to connect to my bank, are you my bank?" and the corporate firewall says "yes, I am your bank".
It's not your computer. It's the company's computer and they installed the root certificate on it. For any non-provisioned machine you'd get a certificate error because the corporate-issued certificates are signed by the corporate CA that isn't browser-approved by default.
