AI for Business·6 Jul·22 min

Australian Data Privacy and Your AI Tools: What to Check Before You Sign Up

Australian privacy laws apply to AI tools now. Learn what to check before using ChatGPT, Claude or Gemini with client data to stay compliant and avoid liability

Australian Data Privacy and Your AI Tools: What to Check Before You Sign Up

Article at a glance

Before you paste client data into ChatGPT or other AI tools, Australian privacy law requires you to check what happens to that information. This guide explains which existing laws apply to AI tools, what due diligence you must complete before signing up, and where liability sits when things go wrong. You'll learn practical steps to assess AI platforms against Australian privacy requirements.

Introduction

You’re about to paste client emails into ChatGPT, or feed a contract into Claude, or ask Gemini to draft a quote. The tool doesn’t warn you. It doesn’t ask if the data’s sensitive. It just accepts the input and starts training.

Australia doesn’t have AI-specific legislation yet, but existing privacy laws already apply to everything you type into these tools. The Office of the Australian Information Commissioner published guidance in October 2024 with a blunt recommendation: don’t enter personal information — and especially not sensitive information — into publicly available AI platforms. The privacy risks are significant and complex, and most small businesses haven’t done the due diligence.

The gap between what these tools let you do and what Australian law expects you to check first is wide. This guide walks through what to verify before you sign up, what your obligations are once you’re using the tool, and where the real liability sits.

Why Australian Privacy Law Matters for Your AI Tool Choices

Australia doesn’t have an AI Act. Instead, you’re covered by the Privacy Act 1988, Consumer Law, and anti-discrimination rules — all of which already apply to how companies use AI.

The December 2025 National AI Plan confirmed the government’s approach: existing laws enforced by sector regulators, backed by voluntary guidance and a new AI Safety Institute. No standalone AI legislation is coming. The Voluntary AI Safety Standard and its 10 guardrails (published October 2025) are exactly that — voluntary. They don’t create new legal obligations.

But the old laws still bite. Privacy laws require organisations to protect personal information and destroy or de-identify data they no longer need. Consumer Law prohibits misleading conduct, which covers deceptive deepfakes or dodgy AI outputs. Anti-discrimination laws apply if an AI system excludes someone based on a protected attribute.

From December 2026, new Privacy Act amendments kick in: organisations must disclose in their privacy policies what personal information feeds automated decisions and what those decisions actually do. The OAIC is finalising formal guidance on automated decision-making transparency by September 2026.

Real Consequences: What Happens When Organisations Get It Wrong

The OAIC found Bunnings and Kmart breached the Privacy Act when they deployed facial recognition technology in stores. Both retailers failed to meet consent and transparency requirements — customers weren’t properly informed, and the collection wasn’t reasonable in the circumstances.

The determinations weren’t theoretical. They carried public scrutiny, reputational damage, and formal findings that the retailers had violated Australian privacy law. For Bunnings and Kmart, that meant front-page coverage and a regulatory black mark.

Privacy violations don’t stay quiet. The OAIC publishes determinations, and Australian media reports them. If your organisation gets it wrong — collecting more data than you need, failing to secure it properly, or using AI tools without checking where the information goes — you’re exposed to the same enforcement action and the same public attention.

Understanding Your Obligations Under Australian Privacy Law

The Privacy Act 1988 and Australian Privacy Principles (APPs)

The Privacy Act 1988 governs how organisations collect, store, use and disclose your personal information — and that includes when they feed it into AI tools. The 13 Australian Privacy Principles (APPs) apply to any organisation covered by the Act, whether the AI product is hosted in Sydney or San Francisco.

If you’re using a commercially available AI platform, the OAIC’s October 2024 guidance is blunt: don’t enter personal information, especially sensitive information, into publicly available AI platforms. The privacy risks are significant and complex. The regulator isn’t being precious — they’ve already found Bunnings and Kmart in breach of the Privacy Act for facial recognition use that failed consent and transparency requirements.

From 10 December 2026, new obligations kick in under APP 1.7, 1.8 and 1.9. Organisations must disclose in their privacy policies the types of personal information used in substantially automated decisions and the nature of decisions made by computer programs. If you’re signing up for an AI service that makes decisions about people (hiring tools, credit scoring, customer segmentation), check whether the provider’s privacy policy addresses automated decision-making. If it doesn’t, that’s a red flag.

New Automated Decision-Making Transparency Rules (From December 2026)

From 10 December 2026, any organisation covered by the Privacy Act must disclose in its privacy policy the types of personal information it feeds into automated decision-making systems and the kinds of decisions those systems make. That’s the new APP 1.7, 1.8, and 1.9 obligations — transparency requirements for decisions made “solely or significantly by computer programs,” according to Safe AI Australia.

If you’re using an AI tool to screen job applicants, score credit applications, or route customer complaints, you’ll need to spell that out. Not in a footnote. In the privacy policy itself.

The OAIC published an issues paper in May 2026 and closed consultation in June. Formal guidance is expected by September 2026, three months before the rules take effect. Until then, the obligation exists but the detail on what counts as “substantially automated” and how much disclosure is enough remains open to interpretation.

Data Minimisation and Retention: Why Less Is More

Australian privacy law requires organisations to destroy or de-identify personal information they no longer need. That’s not a nice-to-have — it’s a legal obligation under the Privacy Act.

When you’re choosing an AI tool, this matters. A lot of platforms store your prompts, outputs, and usage data indefinitely unless you opt out (or pay for a business tier). Some use that data to retrain their models. Some keep it in perpetuity “for service improvement.”

Ask before you sign up: does the tool delete your data after a set period, or does it sit in their training corpus forever? Can you request deletion? Is there a retention schedule, or is it “we’ll keep it as long as we want”?

The OAIC’s October 2024 guidance on commercially available AI products recommends organisations avoid entering personal information — especially sensitive information — into public AI platforms, citing “significant and complex privacy risks.”

Translation: if the tool doesn’t commit to data minimisation, don’t feed it anything you’d care about losing control of.

Understanding Your Obligations Under Australian Privacy Law — Australian Data Privacy and Your AI Tools: What to Check Before You Sign Up

The OAIC’s Warning: Why You Shouldn’t Put Personal Data Into Public AI Platforms

What Counts as ‘Publicly Available’ AI?

The line sits between who trains on your input and what they promise in writing.

Public AI tools — free ChatGPT, Google’s Gemini, the standard Claude interface — let the provider use your prompts to improve the model unless you opt out (and sometimes even then, for safety checks). You’re trading convenience for control. Enterprise accounts flip that: ChatGPT Team, Google Workspace with Gemini, Claude for Work. These come with data processing agreements that contractually prevent training on your inputs. You pay for the wall.

The OAIC’s October 2024 guidance is blunt: don’t put personal information, especially sensitive information, into publicly available AI platforms. The privacy risks are significant and complex. If you’re pasting client names, financials, or anything covered by the Privacy Act, you need the enterprise tier and a signed agreement that spells out data handling. Free tools don’t give you that lever.

The Risks of Training Data and Data Retention

Public AI platforms can use your inputs to train future models, store data indefinitely, and share it in ways you didn’t expect. The OAIC recommends organisations don’t enter personal information — and particularly sensitive information — into publicly available AI platforms, due to the significant and complex privacy risks involved.

What happens to your data? Most free AI tools don’t guarantee your prompts stay private. Some retain chat history for months or years. Others feed anonymised inputs back into training datasets. A few offer opt-outs buried in account settings, but default behaviour is retention.

Your obligations under Australian privacy law. Privacy laws require steps that are reasonable in the circumstances to protect personal information and impose data minimisation obligations to destroy or deidentify information no longer needed. If you’re putting client names, financial details, or health information into ChatGPT’s free tier, you’re likely breaching those obligations.

Before you paste anything sensitive, check the platform’s data handling policy. Look for commitments on retention windows, training exclusions, and deletion rights. If the policy is vague or silent, assume the worst.

Essential Privacy Checks Before You Sign Up for Any AI Tool

Does the Vendor Offer a Data Processing Agreement (DPA)?

A Data Processing Agreement is a contract that spells out how a vendor handles your data — where it’s stored, who gets access, and what happens when you want it deleted. If you’re feeding customer names, email addresses, or any personal information into an AI tool, Australian privacy law requires you to take reasonable steps to protect it. A DPA is how you prove you did.

What to look for in a DPA:

  • Data location. Does the vendor store data in Australia, or does it move offshore? Cross-border data flows trigger extra obligations under the Privacy Act.
  • Sub-processors. Most AI vendors don’t run their own infrastructure — they use AWS, Google Cloud, or third-party model providers. The DPA should list who else touches your data.
  • Deletion rights. You need a clear process to delete data when you’re done with it. Privacy laws impose data minimisation obligations — if you don’t need it anymore, destroy or deidentify it.

If a vendor won’t sign a DPA, that’s a red flag. It means they’re not set up to handle personal information responsibly, and you’re carrying the compliance risk.

Where Is Your Data Stored and Processed?

Most consumer AI platforms store and process your data in the United States, which means Australian privacy protections don’t follow it there. Under Australian Privacy Principle 8, organisations must tell you when they’re sending personal information overseas and which countries will receive it.

Check the vendor’s privacy policy for two things: where your data is stored (look for “data residency” or “data location”), and whether they offer Australian hosting. Some enterprise tools let you choose Australian data centres. Most free consumer tools don’t.

If the policy says “we may transfer data to our service providers globally” without naming countries, that’s a red flag. You’re entitled to know where your information goes before you hand it over.

Will Your Data Be Used for Training or Improvement?

Most consumer AI tools reserve the right to train on your inputs unless you explicitly opt out. Enterprise plans usually guarantee your data stays private, but free and standard tiers rarely do.

Check the provider’s terms for phrases like “we may use your data to improve our services” or “inputs may be used for model training.” That’s your cue to look for an opt-out setting. OpenAI, for example, lets ChatGPT Plus and Team users disable training via account settings. Free users don’t get that option.

Enterprise contracts typically include data processing addendums that prohibit training on customer data. If you’re paying for a business tier, confirm this in writing before you upload anything sensitive. Consumer plans assume you’re fine with your prompts feeding the next model version.

The OAIC recommends organisations avoid entering personal information into publicly available AI platforms due to significant privacy risks. If you’re handling customer data or anything covered by the Privacy Act, treat free-tier tools as public forums. Assume everything you type could end up in a training set unless the provider explicitly says otherwise.

What Security and Access Controls Are in Place?

Privacy laws require steps that are reasonable in the circumstances to protect personal information. That’s the baseline. What counts as reasonable depends on the sensitivity of the data and the size of the breach if something goes wrong.

Look for encryption in transit and at rest. Check whether the provider logs who accessed your data and when. SOC 2 Type II or ISO 27001 certification signals that someone external has audited their controls. Ask about incident response procedures — not whether they have a plan, but how fast they’ll tell you if your data leaks.

Most enterprise AI tools publish a security page. Read it. If they don’t have one, that’s your answer.

Can You Delete or Export Your Data?

Australian privacy law requires organisations to destroy or deidentify personal information they no longer need. That applies to your prompts, uploaded files, and any training data the vendor holds.

Before you sign up, check the vendor’s data retention policy. How long do they keep your inputs? Can you request deletion when you close your account? Some platforms let you export conversation history or uploaded documents; others don’t. If the tool doesn’t publish a clear retention schedule or deletion process, ask before you hand over anything sensitive.

The OAIC recommends organisations conduct a Privacy Impact Assessment before using AI products — and that includes checking whether you can get your data back or wipe it on exit. If the vendor won’t commit to deletion on contract termination, that’s a red flag.

Conducting a Privacy Impact Assessment (PIA) for AI Tools

When Is a PIA Required?

A Privacy Impact Assessment is best practice for any AI project that touches personal information — and it’s mandatory for Australian government agencies under the Privacy Act when a project is likely to have a significant privacy impact. For private-sector organisations, the OAIC strongly recommends conducting a PIA before adopting AI tools, even if it’s not legally required.

When does a PIA move from ‘good idea’ to ‘you really need one’? When you’re handling sensitive information (health records, financial data, anything about children), building profiles or scoring people, or making automated decisions that affect someone’s access to services, credit, employment, or benefits. If the AI is doing more than drafting emails — if it’s assessing, ranking, or deciding — run the assessment.

The OAIC’s October 2024 guidance makes the stakes clear: organisations that skip this step and get it wrong face regulatory action, as Bunnings and Kmart discovered when their facial recognition systems breached the Privacy Act.

Key Questions to Answer in Your PIA

A Privacy Impact Assessment isn’t a compliance checkbox — it’s the document that forces you to name what could go wrong before it does. The OAIC recommends organisations conduct a PIA before adopting AI products, and the questions below are the ones that matter.

What personal information will be processed? List everything: names, email addresses, customer records, employee data, uploaded documents. If you’re feeding client files into Claude or ChatGPT, that’s personal information. If your team is pasting support tickets into Gemini, same deal. Be specific about categories and volume.

How will it be processed, and by whom? Map the flow. Who collects it? Where does it go? Does the AI provider store it, train on it, or pass it to subprocessors offshore? Check the vendor’s data processing agreement. If they won’t tell you where your data lives or who touches it, that’s your answer.

What are the privacy risks? Think breach, misuse, re-identification, and unintended disclosure. If you’re uploading sensitive information to a public AI platform, the OAIC’s October 2024 guidance is blunt: don’t. The risk is significant and complex. If you must, document why the business need outweighs the exposure.

What mitigations are in place? Encryption, access controls, data minimisation, retention limits. Privacy laws require steps that are reasonable in the circumstances to protect personal information and impose obligations to destroy or deidentify information no longer needed. Write down what you’ve done, not what you plan to do.

Is consent required? Depends on the use case. If you’re collecting personal information for a new purpose — say, analysing customer sentiment with an AI tool — you likely need fresh consent unless an exception applies. If the AI makes decisions about individuals (credit, hiring, access), transparency obligations kick in. From December 2026, APP entities must disclose in their privacy policies the types of personal information used in substantially automated decisions.

Are there cross-border transfers? Most commercial AI platforms route data through the US or other jurisdictions. That’s a cross-border disclosure under the Privacy Act. You need to confirm the recipient is subject to substantially similar protections, or take reasonable steps to ensure compliance. If the vendor’s terms are vague, push back or walk.

Beyond Privacy: Other Australian Laws That Apply to AI Tools

Misleading and Deceptive Conduct (Australian Consumer Law)

Australian Consumer Law prohibits misleading and deceptive conduct — and that applies to AI outputs. If your tool generates a deepfake, a false product claim, or misleading content that reaches customers or the public, you carry the liability, not the vendor.

Check the vendor’s acceptable use policy before you sign up. Most platforms ban deepfakes, impersonation, and false advertising, but enforcement varies. If the tool allows it and you publish it, the law still applies to you.

Set your own governance rules. Who approves AI-generated marketing copy? Who fact-checks outputs before they go live? A quick internal checklist — “Did a human verify this claim?” — catches most problems before they become legal ones.

Anti-Discrimination and Bias in AI Outputs

Anti-discrimination laws already cover AI. If a tool screens job applicants and filters out more women than men, or if a credit-scoring model disproportionately rejects applicants from certain postcodes, you’re on the hook under existing federal and state protections.

The government’s guidance makes this explicit: anti-discrimination laws apply if AI outputs exclude or disproportionately affect individuals or groups based on protected attributes (age, gender, race, disability). The tool doesn’t need to be intentionally biased. Disproportionate impact is enough.

What does this mean before you sign up?
Ask the vendor how they test for bias. What datasets trained the model? Do they publish fairness audits? If the answer is vague or missing, that’s a red flag — you’re importing someone else’s risk into your business.

Most Australian SMEs don’t have the resources to audit a model themselves. So vendor transparency is the only practical lever you have. If they can’t explain how they measure fairness across protected groups, walk away.

Voluntary Guidance: The AI6 Essential Practices and What They Mean for Tool Selection

What Are the AI6 Essential Practices?

The National AI Centre published its Guidance for AI Adoption in October 2025, setting out six essential practices (known as the AI6) for organisations using AI in Australia. The guidance is voluntary and doesn’t create new legal obligations, but it matters because directors are expected to understand both the risks and the laws that already apply to their AI use.

The six practices cover accountability, risk management, transparency, fairness, privacy, and security. They’re designed to sit alongside existing Australian law — privacy obligations, consumer protections, anti-discrimination rules — not replace them.

What does this mean for small businesses? If you’re a director or decision-maker, you can’t outsource the responsibility to understand what your AI tools are doing. The law already applies. Privacy rules require you to protect personal information and destroy or de-identify data you don’t need. Consumer law catches misleading AI outputs, including deepfakes. Anti-discrimination law applies if your AI excludes people based on protected attributes.

The AI6 is the government’s view on what good practice looks like. It’s not mandatory, but it’s the benchmark regulators will use when things go wrong.

How Voluntary Standards Influence Vendor Expectations

The Voluntary AI Safety Standard and its 10 guardrails don’t create legal obligations, but they do something more useful: they signal which vendors take governance seriously. When you’re comparing AI tools, look for providers who reference the October 2025 Guidance for AI Adoption or align their documentation with its 6 essential practices. That’s not marketing fluff — it’s a shorthand for “we’ve thought about the risks and built controls around them.”

Most Australian businesses won’t publish a full compliance matrix, but you can spot alignment in how they talk about data handling, model accuracy, and transparency. A vendor who mentions privacy impact assessments, data minimisation, or automated decision-making disclosures is probably working from the same playbook the government expects directors to understand. The standard is voluntary, but the underlying laws it maps to (Privacy Act, Australian Consumer Law, anti-discrimination protections) are not.

Practical Steps: Your AI Tool Privacy Checklist

Questions to Ask Vendors Before You Sign

Most vendors won’t volunteer the details that matter. You need to ask directly.

Does your Data Processing Agreement (DPA) commit in writing that my data won’t train your models?

If they say “it depends on your plan” or point you to a general privacy policy, that’s not good enough. You want a signed DPA that explicitly excludes training use. The OAIC recommends organisations avoid entering personal information into publicly available AI platforms because of the complex privacy risks involved — a proper DPA is how you move from “publicly available” to “contractually protected.”

Where is my data stored, and does it stay in Australia?

Data residency matters under the Privacy Act. If your customer data crosses borders, you’re responsible for what happens to it. Ask for specific server locations and whether the vendor offers Australia-only hosting. Some tools route everything through US or EU infrastructure by default.

What compliance certifications do you hold — SOC 2, ISO 27001, or Australian equivalents?

These aren’t just paperwork. They signal that the vendor submits to regular third-party audits. No certifications usually means no formal security program.

Can you provide evidence of penetration testing and vulnerability management?

Ask when they last ran a pentest and whether they’ll share a summary. If they’ve never done one, walk.

Building Internal Governance and Policies

Directors must understand both the risks and the laws that apply to their organisation’s AI use — that’s not optional, and it’s not delegable. The October 2025 Guidance for AI Adoption makes this clear: governance starts at the top.

What does an internal AI policy actually need?
At minimum: what tools staff can use, what data they can feed in, and what happens when something goes wrong. The OAIC recommends organisations avoid entering personal information — especially sensitive information — into publicly available AI platforms, due to the significant and complex privacy risks involved. Your policy should say that plainly.

Who needs training?
Everyone who touches the tools. Not a one-hour compliance tick-box. Real scenarios: what happens if a staff member pastes a customer list into ChatGPT to draft an email? What if they upload a contract for summarising? Training works when it answers the questions people actually have at their desks.

How do you monitor what’s happening?
Logging matters. Track which tools are in use, what data is moving through them, and whether staff are following the rules you set. The Voluntary AI Safety Standard is voluntary, but the Privacy Act isn’t. If your organisation makes decisions significantly or solely by computer program, you’ll need to disclose that in your privacy policy from 10 December 2026 under the new APP 1.7, 1.8 and 1.9 obligations.

Governance isn’t a document you write once. It’s the system that catches problems before they become breaches.

Staying Ahead: Upcoming Changes to Watch

Three regulatory milestones are coming in the next 18 months, and they’ll change what you need to disclose when you use AI with customer data.

The OAIC is working toward registering the Children’s Online Privacy Code by December 2026. If your business collects data from under-18s (or might, even accidentally), this code will set stricter rules around consent and transparency. The exposure draft closed for public consultation in June 2026, so the final version is locked in now.

Also landing in December 2026: new Privacy Act obligations (APP 1.7, 1.8, and 1.9) that require you to disclose in your privacy policy what personal information feeds automated decisions and what kinds of decisions your systems make. If you’re using AI to filter job applications, approve refunds, or flag fraud, you’ll need to spell that out.

The OAIC’s formal guidance on automated decision-making transparency is expected by September 2026. That’ll clarify how much detail “disclosure” actually means in practice.

And the bigger question mark: mandatory guardrails for high-risk AI. The government proposed them in 2024 but hasn’t legislated them yet. If they do arrive, expect compliance requirements for AI used in hiring, credit, or health decisions.

The Weekly AI Brief

Practical AI, distilled.

A short read every week — the few things worth your time, and nothing that isn’t.