Interception? An analysis.
TalkTalk have modified their network so as to make URLs available (to themselves, so they can do things with them). The exception for traffic data in RIPA ss.2(5) does not apply, as parts of URLs are considered to be content, not traffic data (generally speaking the parts after the third slash, but see RIPA ss.2(9)).
TalkTalk's action therefore falls under ss.2(2) of RIPA, and is thus interception. I don't think there is much doubt or wiggle room there, if any.
Next, is it lawful interception, or not? TalkTalk are perhaps in a better position than Phorm were, as they can argue that their action is lawful under RIPA ss.3(3), like virus or spam filtering of emails.
However unlike virus and spam filtering of emails, TalkTalk's action was not necessary, nor was it done, to protect the service - the web would still work fine [*] without it, while email would, or so it's argued, fail entirely if spam and virus filtering wasn't done.
TalkTalk's action would be made lawful by ss.3(3) if it was done "for purposes connected with the provision or operation of th[e telecommunications] service".
I think instead it was done in order to provide an extra service on top of the basic telecomms service, and thus s.3(3) does not apply - it only applies to the basic message-passing service (passing bits), see the definition of "telecommunications service" in ss.2(1).
So, in my opinion, yes, it's interception and yes, it's a criminal offense under RIPA ss.1(1).
[*] for some TalkTalk value of "fine" ... :(