Legal Insights

The new national plan for Australia’s AI-enabled future

• 09 December 2025 • 8 min read

Introduction 

On 2 December 2025, the Commonwealth Government released its National AI Plan.

The Plan sets out the Government’s vision for an AI-enabled future, which seeks to capture the economic opportunities and productivity gains of AI, whilst simultaneously ensuring that benefits are equitably shared and that AI is used safely, ethically and responsibly. 

The National AI Plan comes at a critical time, as AI development and deployment continues at pace across the board. Critically, the Plan highlights the benefits and opportunities of AI as a tool for achieving productivity gains and ensuring that Australia remains competitive in an evolving global market. 

The Plan also draws together and summarises a number of government-led initiatives which are currently underway in the AI space, including a number of existing legal and regulatory frameworks and related reviews. However, while the Plan recognises the need to ensure that appropriate legal and regulatory frameworks are in place, including by adapting existing laws where necessary, it does not recommend the implementation of dedicated legislation to regulate the use of AI at the current time.

Australia’s National AI Plan: A summary

The Plan is broadly anchored in three key goals, with multiple actions identified against each one. 

Those goals are: 

  • to capture the opportunities that AI offers;
  • to equitably share the benefits that AI offers; and
  • to ensure the safe and responsible implementation of AI.
  • 1. Capturing the opportunities

    Identified priorities include:

    1. investing in world-leading digital and physical infrastructure such as computer infrastructure, digital connectivity, and data centres;
    2. attracting investment in data centres, including development of a set of national data centre principles that will provide a uniform set of baseline expectations, intended to provide clarity for investors and operators;
    3. investing in Australian AI capabilities (including ensuring that the Australian Public Service is able to utilise sovereign AI solutions – in turn delivering efficient services to the public); and
    4. exploring how high value government datasets can be used for pilot AI cases and attracting investment in AI.
  • 2. Ensuring the equitable distribution of AI-derived benefits

    Identified priorities include:

    1. supporting and upskilling Australians through AI-use education;
    2. driving and scaling the adoption of AI including in the Australian Public Service; and
    3. providing guidance to businesses seeking to safely and effectively adopt AI, including through the recently released Guidance for AI Adoption.
  • 3. Safe and responsible implementation

    Identified priorities include:

    1. ensuring robust legal, regulatory and ethical frameworks which protect rights and mitigate the harms and risks of using AI;
    2. promoting safe and responsible practices by businesses in adopting AI; and
    3. integrating with and shaping international AI norms and standards.

AI specific legislative reform is unlikely (for now…) 

Although tailored and sector-specific regulatory reform relating to AI is already occurring, the Plan proposes a cautious, incremental approach with respect to uplifting existing legal and regulatory frameworks. 

The Plan notes that Australia’s existing legal and regulatory frameworks are largely technology-neutral and therefore fit-for-purpose. However, it proposes that targeted reforms or new laws should be enacted as necessary to respond to emerging risks. 

This approach builds upon and aligns with existing guidance released by the Government to date, including a number of the regulatory approaches proposed in the Government’s proposal paper for the introduction of mandatory guardrails for AI in high-risk settings which was published in September 2024. 

Those approaches suggested relying on existing legislative and regulatory frameworks with selective amendments to various relevant legislation, instead of introducing a broad cross-economy AI law (as the European Union has done with its landmark AI Act).

The Government has now confirmed that it will not proceed with previous proposals for the introduction of the mandatory AI guardrails that were the subject of consultation last year. 

However, the Government has noted that the feedback on those proposals informed development of the National AI Plan.

As noted in the National AI Plan, the current focus is instead on undertaking targeted legislative and regulatory reviews which address specific harms and risks. 

Some of the areas in which significant reforms or reviews are already underway include:

  • 1. Consumer Law:

    The Commonwealth Government will consult with the States and Territories on opportunities to clarify existing rules and progress what appear to be minor clarifying and technical changes identified by the Department of Treasury’s Review of AI and the Australian Consumer Law which was published in October this year. This review otherwise noted that the Australian Consumer Law is broadly capable of adapting to AI products and services without significant amendment. 

  • 2. Privacy Law:

    The Attorney-General’s Department is continuing its work to develop a modernised and clear Privacy Act 1988 (Cth). Following an initial wave of reforms (Tranche 1) to the Privacy Act, ‘Tranche 2’ of the reforms has yet to be enacted and no timeframe has been given as to the end date of the Attorney-General’s work mentioned in the Plan. It therefore remains to be seen if the Attorney-General’s Department will hold back enacting ‘Tranche 2’ of the reforms to the Privacy Act 1988 (Cth) to account for further legislative reforms or actions, including those that arise out of the National AI Plan.  

  • 3. Review of AI regulation in healthcare and medical devices:

    We have previously explored how AI will have implications on the life sciences and healthcare sector, and the Government is similarly exploring how AI will have an impact on healthcare regulation through its Safe and Responsible AI in Healthcare Legislation and Regulation Review. The TGA has also published guidance on the regulation of AI for medical devices used for the diagnosis, prevention, monitoring, prediction, prognosis, treatment, or alleviation of disease, injury or disability. 

  • 4. Review of copyright laws in an AI context:

    The Attorney-General’s Department is undertaking consultation with stakeholders through the Copyright and AI Reference Group on possible updates to copyright laws. However, the Government has recently provided assurance to Australian creatives by ruling out a text and data mining exception to Australian copyright laws. 

  • 5. AI Security:

    The Department of Home Affairs, the National Intelligence Community and law enforcement agencies are continuing efforts to mitigate serious risks, including threats to Australia’s critical infrastructure. The Department of Home Affairs is contributing to the uplift of the security of critical infrastructure regulatory framework (as an example, the Critical Infrastructure Security Centre issued a factsheet on AI in critical infrastructure earlier this year in June, and the Department has also recently published a policy advisory on OFFICIAL information use with generative AI under the Protective Security Policy Framework). 

  • 6. Reducing online harms:

    The Government will look to restrict harmful apps (e.g. ‘nudify’ tools) and algorithmic biases. The Government will also continue to address AI-related risks through enforceable industry codes under the Online Safety Act 2021 (Cth). 

Additional steps to ensure the safe use of AI

In addition to the above legislative and regulatory reviews, the Commonwealth Government has established an AI Safety Institute and has also published guidance developed by the National AI Centre. 

1. Support for responsible AI adoption: we have previously highlighted some quick tips and helpful tricks in navigating the National AI Centre’s Guidance for AI Adoption. The National AI Centre has also published guidance, such as the ‘Being Clear about AI-generated content guide’ which provides advice to businesses on how they can improve trust by signalling when AI has been used to generate content. 

Guidance on the use of AI has also been published by various Commonwealth regulators and agencies including ASIC, the Australian Prudential Regulation Authority, the Department of Education, and the Digital Transformation Agency

2. AI Safety Institute: The AI Safety Institute was established last month, to engage with relevant stakeholders and focus on upstream AI risks (that is, ways in which the AI system is trained and built which could create or amplify harm), and downstream AI harms (that is, the real world effects people may experience when an AI system is used). 

Key takeaways

The new National AI Plan highlights the substantial opportunities offered by safe and informed AI adoption. However, it is essential for business owners and government agencies to understand how AI is being introduced into their technology environments, to ensure that their personnel are appropriately trained in the use of AI and to understand when and how to mitigate associated risks. 

It is also essential to keep pace with the ways that existing laws and regulatory systems, for areas such as trade practices and consumer protection, privacy and copyright, and sectors such as health and education, are being modified in response to AI. 

We recommend that you:

  • be familiar with the AI tools relevant to your business or organisation, noting that some AI functionality may already be utilised by your service providers, or available to you in your business solutions;
  • review the efficacy of AI in your particular setting, and ensure that any adoption strategy is properly planned and carried out;
  • understand the different types of AI utilised in existing and new tools, especially in ICT solutions, and ensure that you know what sort of AI functionality could pose a risk to your operations;
  • ensure that your procurement strategies, evaluations and decisions incorporate consideration of AI (e.g. ask questions, and identify any AI risks as well as benefits);
  • engage with technology vendors on an AI-informed basis, especially in relation to the allocation of risk, use and ownership of data, intellectual property rights and the ability to retrieve or recover your data if you terminate an engagement;
  • ensure that you properly review AI provisions in all contracts, and frame them to offer an acceptable approach to AI – an acceptable approach may focus on information access to achieve transparency, or it may focus on express mitigation of output quality and liability risks;
  • understand how AI might affect your legislative, policy and governance obligations, to ensure that you remain compliant, noting that legislative and regulatory reforms will be progressively rolled out in the coming months and years. As various review and consultation processes are initiated, keeping up to date with such reforms is crucial. Additionally, consider any guidance published by relevant Commonwealth (and State/Territory) agencies, as this will be relevant to understanding how these agencies (and the regulators) will view and address the risks and harms of AI;
  • recognise that AI does not remove responsibility for business outputs or decisions, and ensure that this important principle is not lost in the excitement of AI – for example, existing laws of negligence, defamation, intellectual property, misrepresentation and consumer protections apply equally to goods and services created with the assistance of AI, and most AI providers seek to limit their exposure to any liability that might arise from the use of their products or reliance on outputs;
  • if you are regulated by the Privacy Act 1988 (Cth), consider whether your use of AI needs to be disclosed publicly within your APP1 Privacy Policy (with effect from 10 December 2026) if it is used to make a decision which could reasonably be expected to significantly affect the rights or interests of an individual (for example, using AI to make or support administrative decisions, decisions regarding recruitment or insurance premiums);
  • consider what training is needed for your staff, and engage with your ICT vendors to find out about options for training; and
  • if you work at a government agency, understand how to mitigate risks involved in procuring AI and in using AI to deliver government services.

Given how quickly the landscape is changing, it is also essential to ensure that you are keeping pace with the legal and regulatory landscape which applies to you. Although there is currently no proposal to enact laws that specifically regulate AI, the Government has made it clear that this is an evolving space. The Plan states:

We will respond to emerging risks including bias, privacy breaches, disinformation and cyber threats. If more regulation is needed to address bad actors or broader harms, the government will not hesitate to intervene.

Our national team has experience advising across the range of legal, compliance and governance aspects of AI. From procurement and implementation to ongoing governance, we are here to support you wherever you are on your AI adoption journey.

Reach out to us as you navigate the new National AI Plan and for assistance with developing or uplifting your own internal governance and policy documents, procuring and implementing AI systems and solutions, or for tailored training sessions. 

Ooma Khurana

Ooma advises public and private sector clients in information technology, consumer markets and telecommunications sectors, particularly in relation to regulatory compliance and technology.

View profile

Caroline Atkins

Caroline is a leading procurement, technology and intellectual property lawyer renowned for her experience and expertise working with the Commonwealth Government.

View profile

Anthony Willis

Anthony is recognised as one of Australia's leading government lawyers, with expertise in commercial, regulatory, governance, and technology matters.

View profile

Darrell Choong

Darrell has experience in advising both private and public sector clients on technology-driven and commercial initiatives.

View profile

Recent articles

Online Access