Liability for unsecured Wi-Fi
The operator of a Wi-Fi network is considered by the law as Internet provider. The Austrian law does not demand providers to generally observe the Internet traffic. The ECJ now confirmed this view.
Who knows about abuse, has to act on it
If the WLAN provider is informed - e.g. due to a written warning of a lawyer - that strangers who connected with his WLAN violate copyrights via his network, he has to take steps against it and to make sure that no one else can abuse his network.
Otherwise he can be accused of intentionally supporting the copyright infringement as he tolerates them. He is therefore liable for being a so called "abettor" to those persons abusing his network and he might face an injunction suit.
Verdict of the ECJ
The ECJ made a decision about this matter in the year 2016 (Case C-484/14). In this case, the question was whether a shopkeeper who provides free and unsecured WiFi, is liable for copyright infringements committed by a third party. To be precise, a foreign person had offered a music album for download via the free Wifi without the knowledge of the shopkeeper. The ECJ decided that the shopkeeper is not responsible for the copyright infringements of the user, but that he can be requested to secure his network with a password in order to prevent violations of the law.
Situation in Austria
There is no verdict by the Austrian Supreme Court regarding copyright violations via WLAN.
The requirements of the existing case law, however, are clear: One supports the infringements of others conciously if one knows the factual circumstances and tolerates the infringement or does not act on the given indications correctly. Whoever is informed or otherwise aware of strangers using his WLAN to provide a file-sharing platform, but does not act on it, is liable for conciously supporting copyright violations.
However, if the provider secures his WLAN with all possible measures that are "state-of-the-art", he is on the safe side (this would include a WPA2 encryption as well as a strong password). He then took all reasonable steps to prevent abuse.
Even if technically adept hackers would still find a way into the network - the common user won't be able to do so.
Letter from the lawyer
If the provider of a secured WLAN receives a written warning by a lawyer, it should be enough to change the password, check the security measures and answer to the lawyer that he uses the best possible encryption and took all reasonable steps to secure the network.
If, on the contrary, someone provides an unsecured ("open") WLAN, he should immediately react to indications of infringements by co-users or a request to secure it with a password and set up a state-of-the-art encryption. Otherwise he risks to be liable as an abettor to the trespasser.