"Depending on putting devices on 1918 for security is dangerous. " - Simon J. Lyall.
Agreed. RFC 1918 is a good idea, it's not the law, and with that ISP's are not required to do anything about 1918 addr's if they choose not to. We receive a disturbingly large amount of traffic sourced from the 1918 space destined for our network coming from one of our normally respectable Tier 1 ISP's (three letter acronym, starts with 'M', ends with 'CI'). This is particularly irritating since we pay for burstable service; nice that we are paying for illegitimate traffic to come down our pipes. Their answer to this issue was: our routers can't handle the additional load that filtering 1918 traffic would cause. That's odd, I didn't think routing to Null0 (or equivalent) was all that taxing, I don't want an ACL, I want it gone in the cheapest, fastest way possible. With that it our (the global collective, not just my company) responsibility to prevent RFC 1918 traffic from entering our exiting our border; makes for an interesting definition of "private address space."
