It is completely messed up, I agree. Some legal commentators on that situation were mentioning the different between ISPs and subscribers - subscribers would be liable, ISPs wouldn't.. but under the recent acts they would have to pass on the details of their own subscribers.
Of course, that's talking about authorised use (which I guess is implicit if the wifi is unsecured/you give login details). Unauthorised use is already illegal (and has been upheld in court) so I guess it'd be a matter of forensic evidence if you were to put forward the argument of being a victim of crime (unauthorised use of network) instead of acting illegally. Should be relatively easy to tell from examination.