This is a weakness of the way https works that has always worried me. Anyone with a root certificate can intercept traffic.

Kazakhstan actually announced they intended this back in 2015/2016 when they submitted request to Mozilla for root inclusion.
* Add Root Certification Authority of the Republic of Kazakhstan (root.gov.kz) [bugzilla.mozilla.org]
At that time there was sufficient public outcry from internal organisations as well as external that it was shelved. Until things quieted down...

Regarding current event: MITM on all HTTPS traffic in Kazakhstan [bugzilla.mozilla.org].

From Vice Minister: Installing a “security certificate” is a matter for users [rus.azattyq.org], a RFE/RL (Radio Free Europe / Radio Liberty) site, 19-July-2019. Quotes via Google translate:

An official in Nur-Sultan on Friday, July 19, against the background of large-scale criticism on the Web, assured journalists that users do not have to install the “security certificate” distributed by the authorities to access the Internet. Vice-Minister of Digital Development, Innovation and Aerospace Industry of Kazakhstan Ablaykhan Ospanov said that the norm obliging operators to provide users with the ability to install a technical safety certificate on their devices is in the law on communications.

Over the past few days, users of a number of Kazakhstani mobile operators received messages proposing to install a special certificate in order to avoid “problems with access to certain Internet resources”. The operators explained this recommendation as “measures to prevent cyber attacks”. The call to install a government-issued certificate "for each device" caused outrage among users.

....

Earlier this month, a local cybersecurity group issued reports of "major incidents" related to the possible leakage of personal data of Kazakhstanis, including the discovery of an unknown database "with full information of 11 million people" on the Web. Last week, local media reported that a number of Kazakhstani resources were subjected to “hacker attacks”. It was also reported that the passwords of dozens of users could fall into the hands of third parties as a result of the appearance on the Network of a site that duplicates the Internet banking site.

Mobile operators 'proposals for installing a “trusted QazNet certificate” were also preceded by an extensive advertising campaign in the Kazakhstan segment of the Network of selected Kazakhstan-based Internet resources, the appearance of which critics described as the authorities' desire to further regulate the Internet space.

If it's not corporations it's governments, six of one half dozen of the other, brothers of a feather...

to protect its citizens

Funny, I just this moment put up a wholly unrelated post under the title “you keep using that word” ...

Improve your personal security by letting us watch you fam!

I wonder how many countries will follow...