Australia’s Privacy Regulator Issues Warning on AI Privacy Risks and Releases Guidance

The Office of the Australian Information Commissioner (OAIC) has issued a stern warning to businesses about the privacy risks associated with using artificial intelligence (AI). In a recent release, the OAIC provided guidance on how Australia’s privacy laws apply to businesses utilizing AI technology, whether through commercially available products or by training their own AI models.

Privacy commissioner Carly Kind emphasized the importance of businesses considering privacy risks when implementing AI, stating that it is a top concern for the industry. She stressed that AI products should not be used simply because they are available, and that businesses must prioritize privacy best practices to build and maintain trust.

The OAIC’s guides aim to clarify how existing privacy laws apply to AI and make compliance easier for businesses. Kind highlighted the expectation from both the public and the OAIC for organizations to take a cautious approach, assess risks, and prioritize privacy considerations when using AI. The regulator has already investigated several businesses, including Clearview AI, Kmart, Bunnings, and I-MED, for their use of AI technology and handling of personal information.

Kind also called for reforms to the Privacy Act, including a positive obligation on businesses to handle personal information fairly and reasonably, to better protect Australians’ privacy in the age of AI. She emphasized the need for privacy reform as technology continues to evolve and challenge individuals’ control over their personal information.

As businesses navigate the use of AI, the OAIC’s guidance serves as a reminder of the importance of prioritizing privacy and complying with existing laws to ensure the trust and protection of personal information.