I think I know the answer but not having any legal training nor the ability to decipher much of the legal mumbo jumbo out there I'd thought I'd pose this question.
A student accommodation block has wired internet access (cat5 socket on the wall), they want to introduce wifi so every third bedroom or so will have an AP.
To my mind the provider of the internet access (i.e. whoever owns/administers the proxy delivering the internet access) is the one liable to maintain records of who used the internet. Everyone accessing the proxy needs their own unique username. Obviously you can't lock it down to mac address but then again you can't be 100% sure that the mac address always relates to one user - several students could use the one laptop etc.
Regards
Gavin