No, it's not a grey area. The "public accessibility" of a URL may serve as evidence that you had no criminal intent (because you didn't have to "jimmy the lock" to get in), but if you then do things with that access, you're criminally liable.