The Australian Government’s interim response to the “Safe and responsible AI in Australia” discussion paper flags a risk-based approach to AI governance in Australia including a mix of voluntary AI safety standards, voluntary labelling and watermarking for generative AI and the development of mandatory guardrails with a particular focus on high-risk and frontier AI applications.

2023 has been a big year in Australia for developments in artificial intelligence (AI). We have pulled together the main announcements, key insights and regulatory themes to emerge this year and recommendations for risk management that will be of interest to Australian companies engaging with AI technologies into 2024 and beyond.

2023 has ended with a flurry of activity from Australian authorities and regulators that provides deep insights into Australia’s current and emerging cyber threat environment and will heavily influence the development of Australia’s cyber policy in the years to come. We have pulled together key insights, important trends in the cyber threat landscape and recommendations for cyber risk management that should be of interest to all Australian businesses and directors moving into 2024 and beyond.

On 20 November 2023, Australia’s eSafety Commissioner (“eSafety”) released drafts of two new industry standards under the Online Safety Act 2021 (Cth) (OSA) for public consultation.
The Standards cover providers of:
• Relevant electronic services, which cover a wide category of services that allow end-users to communicate online (including email, SMS, MMS, chat, instant messaging, various online games and dating services).
• Designated internet services, which cover a broad range of websites and apps not otherwise captured by the RES Standard or the industry codes that have been registered by eSafety under the OSA.

The Australian Government has released its much-anticipated response to the Commonwealth Attorney-General Department’s report on its review of the Privacy Act 1988 (Cth). The Report recommended wholesale amendments to Australia’s principal privacy legislation and contained 116 proposals for consideration by the government.

On 22 July 2023, the Competition and Consumer (Consumer Data Right) Amendment Rules (No. 1) 2023commenced. The amending rules enhance the existing Consumer Data Right (CDR) regime for business consumers by improving access to and use of CDR data for businesses and enabling more participants in the CDR regime to use third-party service providers.

Regulatory developments in relation to online content continue at pace. Australia’s classification regime for films and computer games is set to be revamped. Meanwhile, new regulatory powers to combat misinformation and disinformation are proposed.

From 9 November 2023, the unfair terms regime will change so that significant penalties may apply for breaches of the UCT regime. As a result, businesses need to look again at their standard terms for unfair terms risks.

The eSafety Commissioner has issued a decision on proposed industry codes of practice under Australian online safety laws, which has significant implications for all companies operating online services in Australia.

The Commonwealth Attorney-General’s Department has released its long-awaited report on its review of the Privacy Act 1988 (Cth), which proposes widespread amendments to Australia’s flagship privacy legislation. Stakeholders have until 31 March 2023 to provide feedback to the government on the proposals.