CNET News.com: "According to a new proposal being considered by a suburb of New York City, any business or home office with an open wireless connection but no separate server to fend off Internet attacks would be violating the law."
IMHO this is a bad law, because you're punishing people for not having the technical savy to lockdown their own networks. You should not use a law to force people to secure their wireless networks, you should use education. This is like creating a law to send people to jail for not locking their doors.
I am not sure, but how does this law address 'HotSpots'. For example, coffee shops that offer free unsecurce WIFI to their customers. They would be now breaking that law if it passed, because these businesses generally don't enable encryption.
Enabling WEP/WAP encryption is not very difficult on a SOHO broadband wireless router with built-in WAP (Wireless Access Point). Although, most people have a 'plug it in go' mentality, and thats how these broadband routers are designed.