Australia AI Ethics Framework

Australia's approach to AI governance has evolved significantly from the initial voluntary AI Ethics Principles published in 2019 to the comprehensive framework now being developed. The Australian Government released eight AI Ethics Principles as a voluntary framework and has since been working on mandatory guardrails for high-risk AI settings.

The eight voluntary AI Ethics Principles are: (1) Human, societal, and environmental wellbeing; (2) Human-centred values; (3) Fairness; (4) Privacy protection and security; (5) Reliability and safety; (6) Transparency and explainability; (7) Contestability; and (8) Accountability.

In September 2024, the Australian Government released its interim response to the Safe and Responsible AI consultation, announcing mandatory guardrails for AI in high-risk settings. This marked a significant shift from a purely voluntary approach to one that combines voluntary principles with binding requirements for the highest-risk applications.

The proposed mandatory guardrails for high-risk AI include requirements for testing and transparency, maintaining human oversight, protecting against harmful or misleading AI outputs, and ensuring appropriate accountability. The definition of "high-risk" is expected to align broadly with international approaches while reflecting Australia's specific regulatory context.

Australia's Privacy Act 1988 is currently under significant reform, with proposed amendments that will strengthen protections for automated decision-making using personal information. The Privacy Act Review (Attorney-General's Report, 2023) recommended introducing a right for individuals to request meaningful information about how automated decisions are made and to request human review of significant automated decisions.

The Australian Human Rights Commission has also been active in the AI governance space, publishing a report on human rights and technology that recommended specific protections against AI-related discrimination and bias. The Commission's work has influenced the development of the broader governance framework.

ASIC (Australian Securities and Investments Commission) and APRA (Australian Prudential Regulation Authority) have published expectations for AI governance in financial services, including requirements for model risk management, board accountability, and consumer protection in AI-driven financial products.

The Office of the Australian Information Commissioner (OAIC) has provided guidance on the intersection of AI and privacy law, emphasising that existing privacy obligations apply to AI systems processing personal information and that organisations should adopt privacy by design approaches for AI development.

For organisations operating in Australia, compliance currently requires adherence to existing laws (Privacy Act, anti-discrimination legislation, consumer law) as they apply to AI, voluntary adoption of the AI Ethics Principles, and preparation for the incoming mandatory guardrails for high-risk AI. The timeline for mandatory requirements is expected to crystallise through 2025-2026.