Well it looks like big brother is clamping down, the unfortunate owner of a wi-fi network in Germany has been fined €100 by a German court because his network was not secured and a third party downloaded copyright material from it.
Personally as its a technical product and not everyone is tech savvy I feel it should be the service provider or the manufacturer that has the responsibility to ensure adequate security to meet legal obligations for domestic products ie anything sold to the public or provided as part of their broadband service. I know most service providers routers are secured these days but it doesn't go far enough with the compromises that are out there. Enterprise products are entirely different as you expect them to be installed by a technically competent person.
Read more here