The user may not be aware they have this tracking technology on their phone. The toolkit may be some app developer integrating a 3rd party library for analytics. Banking apps, loyalty apps, phone companies, games, utilities... they all can rely on 3rd parties for proximity services.
In fact, I was going to mention an app, Exodus, that can reveal these trackers and in scanning my phone, I found 2!. The first is home assistant, which is understandable, but the second is a Health app my doctor office uses! Man, that irks me!
First of all, the ISP controls cable modem firmware. They have all the settings and manage the device. You don't get much control there.
As for your question, I'd say no, for 2 reasons. First, designing that capability is expensive and modems are built for cheap reliability. Second, any hardware to spy is more useful installed in a data center accessible to their user base. There is not much point installing unnecessary tech to one endpoint.
As for router, they are beefier CPU-wise. AT&T has in the past prevented users from changing DNS settings and that could lead to lots of tasty data. Deep packet inspection is becoming more prevalent in home routers as is integration with other technologies. (EERO devices for example).
Make sure to fire up a VPN or something when you need.