Katherine Armytage
Katherine has a highly regarded and dynamic practice in information law, with a particular focus on privacy and data protection.
View profileThe European Parliament has voted in favour of the Artificial Intelligence Act (AI Act), the world’s first comprehensive legal framework on artificial intelligence (AI).

The AI Act, which is expected to become EU law in May 2024, will set a global benchmark for AI regulation. While Australia does not yet have any publicly available plans to implement corresponding legislation, Australian Government agencies wanting to explore and use AI tools should still ensure that their planned use cases are consistent with the fundamental legal and ethical principles relevant to AI which are reflected in the AI Act. This will assist to ensure that robust technical, risk and governance controls are in place to continue protecting the rights and personal information of Australians.
The AI Act is designed to regulate the use of AI in the EU, with the aim of ‘promoting the uptake of human centric and trustworthy artificial intelligence, while ensuring a high level of protection of health, safety, fundamental rights enshrined in the Charter, including democracy, rule of law and environmental protection against harmful effects of artificial intelligence systems in the Union and supporting innovation.
The AI Act will achieve its aims in a number of ways, including by:
For example, the following AI practices will be prohibited:
It is clear that the AI Act has been developed to be a foundational piece of legislation that will guide the EU to use AI in a measured, ethical and privacy-compliant manner.
The Australian Government is continuing to take a coordinated approach to AI, noting the fast emergency of AI technology, and the need to regulate AI appropriately. For example, there is work being undertaken by Data and Digital Ministers across Australia to develop an initial framework for assuring AI used by governments, which aligns with the AI Ethics Principles and includes common assurance processes.
This focus on AI is reflective of the Australian community’s divergent attitudes to emerging technologies like AI – while some Australians certainly appreciate that the introduction of AI will streamline services and programs, thus delivering economic benefits, many Australians are cautious about the use of AI in decision-making, and otherwise have concerns about the privacy and security risks associated with AI technology.
Although there is currently no formal specific regulation of AI in Australia, Australian Government agencies wanting to explore and use AI tools should ensure that their planned use cases are consistent with the fundamental legal and ethical principles relevant to AI. This will include ensuring that robust technical, risk and governance controls are in place to continue protecting the personal information of Australians. For example, in the most recent Community Attitudes to Privacy Survey (commissioned by the Office of the Australian Information Commissioner (OAIC)):
If your agency is considering implementing AI tools, you should consider first conducting a foundational privacy impact assessment (PIA) or otherwise obtaining foundational privacy advice to guide your agency in ensuring that its use of AI tools is not only compliant with the Privacy Act 1988 (Cth), but is also consistent with ethical principles and the expectations of the Australian community.
For example, we anticipate that this PIA or advice would consider, amongst other things:
If you would like to discuss or have questions about any of the above, please contact us.
Katherine has a highly regarded and dynamic practice in information law, with a particular focus on privacy and data protection.
View profileIndi provides high‑quality privacy, FOI, probity and procurement advice to Australian Government clients, including PIAs for complex ICT systems and Privacy Act guidance.
View profileKeep up to date with our legal insights and events
Sign upOAIC determinations clarify privacy obligations for organisations using tracking pixels.
Targeted changes are now in place for approvals, strategic assessments, information sharing and advisory processes.
The Court addressed the proper approach to assessing both economic and cultural loss.
In June, the Attorney-General tabled the Australian Law Reform Commission’s Final Report...
Partner
Canberra