Yes, and no...
As long as the web site you are accessing uses secure hyperlink protocol (i.e. the website is of the form https//... and you should see a little lock symbol at the bottom of your web browser window), which means the site is using SSL encryption and anyone who manages to intercept your data would not be able to read it (unless they work for the NSA perhaps). But if the web site is a plain old
http://... then beware - do not enter any passwords, credit card numbers, etc on such sites. If you browse email using a web site access, chances are that when you enter your password it's on an encrypted page, but after that the actual emails are not, so beware! Some services are better about this than others. And finally, any instant messaging that you do is completely open.
Here's a nice article for more complete inforrmation:
Coffee shop WiFi for dummies