Australian Privacy Considerations for AI Tools

Status: 🟩 COMPLETE 🟦 LIVING Tags: privacy, Australia, Privacy-Act, APPs, AI-compliance, data-sovereignty, OAIC


Overview

When you or your organisation uses AI tools — ChatGPT, Claude, Gemini, Canva AI, Copilot, and hundreds of others — you are sending data to overseas companies and their servers. For Australians, this has specific legal, ethical, and practical implications under Australian privacy law.

This entry explains what Australian privacy law says about AI tools, what obligations organisations have, and what individuals should know.


Privacy Act 1988 (Cth)

Australia’s primary privacy legislation. It applies to:

  • Australian Government agencies
  • Private sector organisations with annual turnover above $3 million
  • Some organisations below that threshold (health service providers, political parties, etc.)

The Privacy Act sets out 13 Australian Privacy Principles (APPs) that govern how personal information is collected, used, stored, and disclosed.

Key APPs relevant to AI:

APPWhat it requires
APP 1Have a clear, published privacy policy
APP 3Collect personal information only if reasonably necessary; tell people you’re collecting it
APP 5Tell people at time of collection: who you are, what the info will be used for, where it goes
APP 6Only use or disclose personal information for the purpose it was collected for (or a directly related purpose)
APP 8Before sending personal information overseas, ensure the recipient meets Australian privacy standards OR get consent
APP 11Take reasonable steps to protect personal information from misuse, interference, and unauthorised access
APP 12Give people access to their personal information when they ask
APP 13Correct personal information when inaccurate

APP 8 — The cross-border disclosure rule

APP 8 is the most directly relevant to using overseas AI tools. Before disclosing personal information to an overseas recipient (like OpenAI’s servers in the US, or Google’s servers), an organisation must either:

  1. Ensure the recipient complies with the APPs (or a similar standard) — through contractual obligations (a data processing agreement), AND
  2. Be satisfied the overseas recipient will handle it appropriately, OR
  3. Get the individual’s informed consent for overseas disclosure

Practical implication: If you’re a business sending employee, customer, or client data through an AI tool, you need either a Data Processing Agreement with the AI provider or individual consent. For most major providers (OpenAI, Anthropic, Google, Microsoft), enterprise plans include DPAs that address APP 8. Free consumer plans may not.

Sensitive information — heightened protection

The Privacy Act defines sensitive information as requiring stricter protections. This includes:

  • Health information
  • Racial or ethnic origin
  • Political opinions
  • Religious beliefs or affiliations
  • Sexual orientation or behaviour
  • Criminal record

For AI tools: If you’re putting any of this into an AI (medical case notes into ChatGPT, religious preference data into a CRM with AI, client health data into an AI document tool), the heightened obligations apply.


What “personal information” means for AI

Personal information is broadly defined in the Privacy Act as “information or an opinion about an identified individual, or an individual who is reasonably identifiable.”

This includes:

  • Names and contact details
  • Employment information
  • Financial information
  • Location data
  • IP addresses (in many cases)
  • Device identifiers
  • Content of communications (emails, messages)
  • Behavioural data

For AI tools: If you type a customer’s name, email, or details into an AI prompt, you are disclosing personal information to the AI provider. If you upload a document containing personal information, you are disclosing that information.


What organisations must do

For consumer/free AI tool use by employees

If your employees are using free-tier ChatGPT, Gemini, or other tools with company data:

  • You likely have no DPA with the AI provider — APP 8 compliance is questionable
  • You should have an AI use policy for employees that prohibits putting personal information (client data, employee data) into free-tier AI tools
  • Implement technical controls where possible

For enterprise AI tool use

If your organisation has an enterprise contract with an AI provider:

  • Ensure the contract includes a DPA that covers APP 8 obligations
  • The DPA should require the overseas processor to protect information to comparable standards
  • Check what data the AI provider uses for training — most enterprise contracts opt you out of training use

For building AI-powered products

If you’re building a product that uses AI to process user data:

  • Your privacy policy must disclose AI data processing
  • You must have a DPA with your AI provider
  • Users’ rights under the Privacy Act (access, correction) still apply to their data
  • You are responsible for the AI’s use of data even though you don’t control the AI

The Privacy Act reform — what’s changing

The Privacy Act has been under review since 2020, with the Australian Government accepting many recommendations from the Australian Privacy Act Review Report (2022). Key changes being implemented:

Automated decision-making transparency (under consideration/development)

Requirement to notify individuals when significant decisions about them are made using automated processes (including AI) — and to provide information about how the AI made that decision. This is modelled on GDPR Article 22 and would significantly affect AI deployments in HR, finance, insurance, and government.

Right to object to automated decision-making

Proposed right for individuals to object to solely automated decisions that significantly affect them, and request human review.

Small business threshold

Consideration of lowering or removing the $3M threshold, potentially bringing many more small businesses under the Act.

Statutory tort for serious privacy invasions

A new avenue to sue for serious privacy breaches — relevant to AI-generated deepfakes and other serious privacy violations.

Status: As of mid-2026, legislative amendments are progressing through Parliament. Check OAIC (Office of the Australian Information Commissioner) for current status.


Specific AI scenarios and their privacy implications

Scenario 1: Using ChatGPT to draft client emails

The issue: You paste client names, project details, or financial information into ChatGPT to draft an email. Privacy analysis: You’re disclosing personal information to OpenAI (a US company). Without an enterprise contract, this may not comply with APP 8. What to do: Either use an enterprise version of ChatGPT (with DPA), anonymise the prompt (no real names), or use a model running locally (Ollama + Llama — see open-weights-vs-closed).

Scenario 2: Uploading medical records to an AI for summarisation

The issue: This involves sensitive health information — the most protected category under the Privacy Act. Privacy analysis: Requires explicit patient consent, a DPA with the AI provider specifically covering health data, and the provider must meet Australian health privacy standards. In some states, state health privacy legislation also applies (e.g., Health Records Act 2001 Vic). What to do: Use AI tools specifically designed for healthcare (Hippocratic AI with a proper enterprise agreement, or AI with specific healthcare compliance — or handle data only in Australian-based infrastructure with appropriate certification).

Scenario 3: Automated AI screening of job applications

The issue: AI reads CVs, scores candidates, recommends who to interview. Privacy analysis: This is automated decision-making about individuals based on their personal information. The proposed reforms (when legislated) would require disclosure to candidates that AI is used. Currently, APP 3 requires that candidates are told how their data will be used — which should include disclosure of AI screening. What to do: Disclose AI use in the job application process. Maintain human oversight of final decisions. Document the AI’s role. Have a complaints process.

Scenario 4: Customer service AI chatbot

The issue: Your website chatbot (powered by Intercom Fin, Tidio, or another AI tool) collects customer queries — some of which may contain personal information. Privacy analysis: You are collecting personal information via the chatbot. Your privacy policy must disclose this. The data flows to your AI provider. What to do: Update your privacy policy to disclose AI chat processing. Ensure your AI provider has a DPA. Don’t use AI chat for collecting sensitive information without additional safeguards.


The OAIC’s position on AI

The Office of the Australian Information Commissioner (OAIC) has published guidance on AI and privacy, including:

  • Guidance Note: Privacy and AI (2023) — sets out OAIC’s expectations for Privacy Act compliance when using AI
  • Position that Privacy by Design should be applied to AI systems
  • That organisations should conduct Privacy Impact Assessments (PIAs) for AI systems that handle significant amounts of personal information
  • That individuals should be told when AI is used to make or influence decisions about them

The OAIC has commenced investigations into companies’ AI practices and can issue civil penalty applications (up to $50 million for organisations under the post-2022 reforms).


Chinese AI tools and the Privacy Act

Chinese AI tools (DeepSeek, Qwen, Doubao, etc.) raise additional privacy concerns beyond standard overseas disclosure:

  • Data may be accessible to the Chinese government under the PRC’s National Intelligence Law — a legal compulsion the Privacy Act cannot adequately address
  • Chinese companies cannot be subject to Australian privacy enforcement in the same way as companies with Australian presence
  • Australian Privacy Principle 8 requires that overseas recipients meet comparable standards — Chinese data security law does not provide comparable standards to Australian privacy law
  • This is a concrete reason, not just a geopolitical preference, why the encyclopedia recommends against Chinese AI tools for any data involving personal information

See vendors-chinese-avoid for the full reasoning.


Practical checklist for Australian organisations

Before deploying AI tools that handle personal information:

Identify what personal information flows into the AI (names, emails, health info, financial data?)

Check if the AI provider has an enterprise DPA covering Australian privacy law equivalence (APP 8)

Update your privacy policy to disclose AI tool use and overseas data transfers

Check if sensitive information is involved — if yes, heightened obligations; may need explicit consent

For government agencies: Apply the Australian Government’s AI use framework and associated privacy obligations

Conduct a Privacy Impact Assessment for high-risk AI deployments (mandatory for some; strongly recommended for others)

Implement an internal AI use policy for employees — what AI tools can be used, for what data

For automated decision-making: Prepare for incoming legislative requirements around disclosure and human oversight


Gotchas

  • The $3M threshold means many small businesses think Privacy Act doesn’t apply to them. Even if the Act doesn’t directly apply, the reforms are narrowing this exemption. And state laws, industry codes, and contractual obligations may still impose privacy requirements.
  • “Enterprise” ≠ automatically compliant. Even an enterprise ChatGPT contract needs to be checked — does the DPA specifically address Australian privacy law and APP 8?
  • Employees using personal free AI accounts at work are a significant risk. If they paste customer data into their personal Claude or ChatGPT account, the organisation can still be held responsible.
  • AI training on your data varies by provider and plan. Microsoft Copilot enterprise doesn’t train on your data. ChatGPT free may. Always verify current terms — they change.
  • Health information is especially sensitive. Don’t send health information through AI tools without specific clinical AI providers that have appropriate health data handling agreements.
  • AI tools are not “anonymous” just because you don’t enter a name. Context around an individual (their employer, their medical condition, their location) can make them identifiable even without a name.

See also


Sources

  • Privacy Act 1988 (Cth) — legislation.gov.au
  • Australian Privacy Principles — oaic.gov.au/privacy/australian-privacy-principles
  • OAIC Guidance Note: Privacy and Artificial Intelligence (2023) — oaic.gov.au
  • Attorney-General’s Department — Privacy Act Review Report (2022)
  • Privacy Legislation Amendment (Enhancing Online Privacy and Other Measures) Bill discussions (2023–2025)
  • Office of the Australian Information Commissioner — enforcement decisions and guidance
  • Health Records Act 2001 (Vic); Health Records and Information Privacy Act 2002 (NSW)
  • ACSC (Australian Cyber Security Centre) — AI security guidance