I'm reposting here as this seems a more relevant discussion.
I'm the guy who asked about regulatory. I still need to understand how the security works and end-user devices get on to the network.
I see a BIG problem if there is a situation where TTN does allow anonymous access as then the network can be misused and gateway operators could be liable for traffic passing through their systems.
In the UK if you operate a network open to the public - you can be classified as a Public Electronic Communications Network (under the Communications Act 2003), this is what telcos/ISPs are regulated under. Though there are no longer licensed telecommunications companies, if you're a PECN you have obligations under the Comms Act (whether you like it or not, and ignorance is no excuse under the law).
If I have a say Arduino node I guess somewhere I have to register an end-point and that is an application somewhere. If that access is controlled, then you have at least control of which devices can connect and which cant. If anyone can register an application with TTN and then just use their devices and TTN will let them through that's where it becomes scary.
As an (devils advocate) example. I go to some maker event and buy some (say Arduino LoRa) nodes for cash and connect them to bombs placed strategically around a city, they register to an app that I have built on a platform hosted in another country (or some dubious free hosting service somewhere that doesn't require identity checking).
When all the devices register, I know they're on the network and can then send them back a command to detonate.
When the security services come looking they find bits of LoRa kit and want to trace it back to TTN. Security services then ask for ALL kit involved in TTN so they can do forensic analysis ... I realise this is a worst case scenario, but ...
Also with the IP Bill being rushed into law (in the UK) at the moment, police/etc can ask for logs, connection records etc. TTN is a comms network, so would need to comply ... well at least gateway operators in the UK.
There's another issue that ISPs that provide the actual Internet connection to the gateways may have T&Cs against running networks on top of theirs.
Also the UK Government is pushing through the IP Bill
http://www.publications.parliament.uk/pa/bills/cbill/2015-2016/0143/16143.pdf