Privacy compliance is in ‘catch-up mode’ on AI, lawyers warn
Australia’s privacy chief says AI privacy laws are “clear cut". Lawyers speaking with Capital Brief say businesses are still confused.
Almost two years after OpenAI’s launch of ChatGPT, businesses are still rushing to integrate AI into their operations, often with limited understanding of privacy law requirements — especially regarding consumer data.
The use of anonymised data to train AI models sparked fresh debate last month when Crikey reported that radiology giant I-MED had transferred medical imagery data to startup Harrison.ai in 2019. This raised concerns among legal experts, who cited regulatory uncertainties and potential grey areas in national privacy laws.
Shortly after, the Office of the Australian Information Commissioner (OAIC) issued guidance for developers and businesses using AI technology. Privacy Commissioner Carly Kind told Capital Brief that it’s “relatively clear-cut when the Privacy Act does apply and when it doesn’t".
But lawyers speaking with Capital Brief say out of date privacy policies and a lack of understanding around anonymised data are still causing issues for companies seeking to build AI into their business models.
