But for many users, their downstream organization is their ISP. From my point of view, any caching by them is malicious. I didn't send my request to the IP of their caching server, I sent it to the IP of the site I'm trying to reach. Redirecting my request to their cache is a MITM attack.
If my employer wants to use caching, they can install a cert for their proxy on my machine (or require me to do so), so it's not a problem - although it is more technically complex.