Australian Privacy Considerations for AI Tools
Status: 🟩 COMPLETE 🟦 LIVING Tags: privacy, Australia, Privacy-Act, APPs, AI-compliance, data-sovereignty, OAIC
Overview
When you or your organisation uses AI tools — ChatGPT, Claude, Gemini, Canva AI, Copilot, and hundreds of others — you are sending data to overseas companies and their servers. For Australians, this has specific legal, ethical, and practical implications under Australian privacy law.
This entry explains what Australian privacy law says about AI tools, what obligations organisations have, and what individuals should know.
The core legal framework
Privacy Act 1988 (Cth)
Australia’s primary privacy legislation. It applies to:
- Australian Government agencies
- Private sector organisations with annual turnover above $3 million
- Some organisations below that threshold (health service providers, political parties, etc.)
The Privacy Act sets out 13 Australian Privacy Principles (APPs) that govern how personal information is collected, used, stored, and disclosed.
Key APPs relevant to AI:
| APP | What it requires |
|---|---|
| APP 1 | Have a clear, published privacy policy |
| APP 3 | Collect personal information only if reasonably necessary; tell people you’re collecting it |
| APP 5 | Tell people at time of collection: who you are, what the info will be used for, where it goes |
| APP 6 | Only use or disclose personal information for the purpose it was collected for (or a directly related purpose) |
| APP 8 | Before sending personal information overseas, ensure the recipient meets Australian privacy standards OR get consent |
| APP 11 | Take reasonable steps to protect personal information from misuse, interference, and unauthorised access |
| APP 12 | Give people access to their personal information when they ask |
| APP 13 | Correct personal information when inaccurate |
APP 8 — The cross-border disclosure rule
APP 8 is the most directly relevant to using overseas AI tools. Before disclosing personal information to an overseas recipient (like OpenAI’s servers in the US, or Google’s servers), an organisation must either:
- Ensure the recipient complies with the APPs (or a similar standard) — through contractual obligations (a data processing agreement), AND
- Be satisfied the overseas recipient will handle it appropriately, OR
- Get the individual’s informed consent for overseas disclosure
Practical implication: If you’re a business sending employee, customer, or client data through an AI tool, you need either a Data Processing Agreement with the AI provider or individual consent. For most major providers (OpenAI, Anthropic, Google, Microsoft), enterprise plans include DPAs that address APP 8. Free consumer plans may not.
Sensitive information — heightened protection
The Privacy Act defines sensitive information as requiring stricter protections. This includes:
- Health information
- Racial or ethnic origin
- Political opinions
- Religious beliefs or affiliations
- Sexual orientation or behaviour
- Criminal record
For AI tools: If you’re putting any of this into an AI (medical case notes into ChatGPT, religious preference data into a CRM with AI, client health data into an AI document tool), the heightened obligations apply.
What “personal information” means for AI
Personal information is broadly defined in the Privacy Act as “information or an opinion about an identified individual, or an individual who is reasonably identifiable.”
This includes:
- Names and contact details
- Employment information
- Financial information
- Location data
- IP addresses (in many cases)
- Device identifiers
- Content of communications (emails, messages)
- Behavioural data
For AI tools: If you type a customer’s name, email, or details into an AI prompt, you are disclosing personal information to the AI provider. If you upload a document containing personal information, you are disclosing that information.
What organisations must do
For consumer/free AI tool use by employees
If your employees are using free-tier ChatGPT, Gemini, or other tools with company data:
- You likely have no DPA with the AI provider — APP 8 compliance is questionable
- You should have an AI use policy for employees that prohibits putting personal information (client data, employee data) into free-tier AI tools
- Implement technical controls where possible
For enterprise AI tool use
If your organisation has an enterprise contract with an AI provider:
- Ensure the contract includes a DPA that covers APP 8 obligations
- The DPA should require the overseas processor to protect information to comparable standards
- Check what data the AI provider uses for training — most enterprise contracts opt you out of training use
For building AI-powered products
If you’re building a product that uses AI to process user data:
- Your privacy policy must disclose AI data processing
- You must have a DPA with your AI provider
- Users’ rights under the Privacy Act (access, correction) still apply to their data
- You are responsible for the AI’s use of data even though you don’t control the AI
The Privacy Act reform — what’s changing
The Privacy Act has been under review since 2020, with the Australian Government accepting many recommendations from the Australian Privacy Act Review Report (2022). Key changes being implemented:
Automated decision-making transparency (under consideration/development)
Requirement to notify individuals when significant decisions about them are made using automated processes (including AI) — and to provide information about how the AI made that decision. This is modelled on GDPR Article 22 and would significantly affect AI deployments in HR, finance, insurance, and government.
Right to object to automated decision-making
Proposed right for individuals to object to solely automated decisions that significantly affect them, and request human review.
Small business threshold
Consideration of lowering or removing the $3M threshold, potentially bringing many more small businesses under the Act.
Statutory tort for serious privacy invasions
A new avenue to sue for serious privacy breaches — relevant to AI-generated deepfakes and other serious privacy violations.
Status: As of mid-2026, legislative amendments are progressing through Parliament. Check OAIC (Office of the Australian Information Commissioner) for current status.
Specific AI scenarios and their privacy implications
Scenario 1: Using ChatGPT to draft client emails
The issue: You paste client names, project details, or financial information into ChatGPT to draft an email. Privacy analysis: You’re disclosing personal information to OpenAI (a US company). Without an enterprise contract, this may not comply with APP 8. What to do: Either use an enterprise version of ChatGPT (with DPA), anonymise the prompt (no real names), or use a model running locally (Ollama + Llama — see open-weights-vs-closed).
Scenario 2: Uploading medical records to an AI for summarisation
The issue: This involves sensitive health information — the most protected category under the Privacy Act. Privacy analysis: Requires explicit patient consent, a DPA with the AI provider specifically covering health data, and the provider must meet Australian health privacy standards. In some states, state health privacy legislation also applies (e.g., Health Records Act 2001 Vic). What to do: Use AI tools specifically designed for healthcare (Hippocratic AI with a proper enterprise agreement, or AI with specific healthcare compliance — or handle data only in Australian-based infrastructure with appropriate certification).
Scenario 3: Automated AI screening of job applications
The issue: AI reads CVs, scores candidates, recommends who to interview. Privacy analysis: This is automated decision-making about individuals based on their personal information. The proposed reforms (when legislated) would require disclosure to candidates that AI is used. Currently, APP 3 requires that candidates are told how their data will be used — which should include disclosure of AI screening. What to do: Disclose AI use in the job application process. Maintain human oversight of final decisions. Document the AI’s role. Have a complaints process.
Scenario 4: Customer service AI chatbot
The issue: Your website chatbot (powered by Intercom Fin, Tidio, or another AI tool) collects customer queries — some of which may contain personal information. Privacy analysis: You are collecting personal information via the chatbot. Your privacy policy must disclose this. The data flows to your AI provider. What to do: Update your privacy policy to disclose AI chat processing. Ensure your AI provider has a DPA. Don’t use AI chat for collecting sensitive information without additional safeguards.
The OAIC’s position on AI
The Office of the Australian Information Commissioner (OAIC) has published guidance on AI and privacy, including:
- Guidance Note: Privacy and AI (2023) — sets out OAIC’s expectations for Privacy Act compliance when using AI
- Position that Privacy by Design should be applied to AI systems
- That organisations should conduct Privacy Impact Assessments (PIAs) for AI systems that handle significant amounts of personal information
- That individuals should be told when AI is used to make or influence decisions about them
The OAIC has commenced investigations into companies’ AI practices and can issue civil penalty applications (up to $50 million for organisations under the post-2022 reforms).
Chinese AI tools and the Privacy Act
Chinese AI tools (DeepSeek, Qwen, Doubao, etc.) raise additional privacy concerns beyond standard overseas disclosure:
- Data may be accessible to the Chinese government under the PRC’s National Intelligence Law — a legal compulsion the Privacy Act cannot adequately address
- Chinese companies cannot be subject to Australian privacy enforcement in the same way as companies with Australian presence
- Australian Privacy Principle 8 requires that overseas recipients meet comparable standards — Chinese data security law does not provide comparable standards to Australian privacy law
- This is a concrete reason, not just a geopolitical preference, why the encyclopedia recommends against Chinese AI tools for any data involving personal information
See vendors-chinese-avoid for the full reasoning.
Practical checklist for Australian organisations
Before deploying AI tools that handle personal information:
☐ Identify what personal information flows into the AI (names, emails, health info, financial data?)
☐ Check if the AI provider has an enterprise DPA covering Australian privacy law equivalence (APP 8)
☐ Update your privacy policy to disclose AI tool use and overseas data transfers
☐ Check if sensitive information is involved — if yes, heightened obligations; may need explicit consent
☐ For government agencies: Apply the Australian Government’s AI use framework and associated privacy obligations
☐ Conduct a Privacy Impact Assessment for high-risk AI deployments (mandatory for some; strongly recommended for others)
☐ Implement an internal AI use policy for employees — what AI tools can be used, for what data
☐ For automated decision-making: Prepare for incoming legislative requirements around disclosure and human oversight
Gotchas
- The $3M threshold means many small businesses think Privacy Act doesn’t apply to them. Even if the Act doesn’t directly apply, the reforms are narrowing this exemption. And state laws, industry codes, and contractual obligations may still impose privacy requirements.
- “Enterprise” ≠ automatically compliant. Even an enterprise ChatGPT contract needs to be checked — does the DPA specifically address Australian privacy law and APP 8?
- Employees using personal free AI accounts at work are a significant risk. If they paste customer data into their personal Claude or ChatGPT account, the organisation can still be held responsible.
- AI training on your data varies by provider and plan. Microsoft Copilot enterprise doesn’t train on your data. ChatGPT free may. Always verify current terms — they change.
- Health information is especially sensitive. Don’t send health information through AI tools without specific clinical AI providers that have appropriate health data handling agreements.
- AI tools are not “anonymous” just because you don’t enter a name. Context around an individual (their employer, their medical condition, their location) can make them identifiable even without a name.
See also
- privacy-and-data-training — does the AI train on what you type?
- vendors-chinese-avoid — why Chinese AI has additional privacy concerns
- open-weights-vs-closed — local AI as a privacy-preserving alternative
- eu-ai-act — GDPR and EU AI Act (higher standard; some Australian businesses must comply)
- hippocratic-ai — healthcare AI with appropriate privacy safeguards
Sources
- Privacy Act 1988 (Cth) — legislation.gov.au
- Australian Privacy Principles — oaic.gov.au/privacy/australian-privacy-principles
- OAIC Guidance Note: Privacy and Artificial Intelligence (2023) — oaic.gov.au
- Attorney-General’s Department — Privacy Act Review Report (2022)
- Privacy Legislation Amendment (Enhancing Online Privacy and Other Measures) Bill discussions (2023–2025)
- Office of the Australian Information Commissioner — enforcement decisions and guidance
- Health Records Act 2001 (Vic); Health Records and Information Privacy Act 2002 (NSW)
- ACSC (Australian Cyber Security Centre) — AI security guidance