Australia

Is there a specific enacted legislation regulating AI in your jurisdiction?

No 

Is there a proposed legislation regulating AI in your jurisdiction?

In September 2024, the Australian Government put forward a proposed set of "mandatory guardrails" for use of AI in high-risk settings, but no proposed legislation to give effect to those proposed guardrails has yet been made public.

Are there any guidelines/ codes of conduct/ recommendations / reports / policies in connection with AI in your jurisdiction?

Yes, at the same time the Australian Government released the proposed mandatory guardrails it published the "Voluntary AI Safety Standard". which largely mirrors the proposed mandatory guardrails and is focused on providing guidance to organisations looking at implementing AI models and systems.

The Australian Government's "Policy for the Responsible Use of AI in Government" imposes requirements on federal government agencies and bodies, including a requirement for agencies to publish transparency statements that detail their AI usage and governance arrangements. 

The US National Security Agency’s Artificial Intelligence Security Center (NSA AISC), alongside the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), New Zealand’s National Cyber Security Centre (NCSC-NZ), and the United Kingdom’s National Cyber Security Centre (NCSC-UK), have jointly released new guidance on securing data throughout the AI lifecycle.

This guidance highlights key threats such as data poisoning, supply chain vulnerabilities, and "data drift"—a phenomenon where the statistical properties of input data evolve over time, causing the data to diverge from its original form.

To address these risks, the guidance outlines mitigation strategies focused on robust data management, data quality testing, and continuous monitoring of AI system inputs and outputs.

Any additional relevant news regarding AI / or anticipated future changes (e.g. white papers, policy statements about AI regulation)?

The Senate Select Committee on Adopting Artificial Intelligence delivered its final report in November 2024, which in combination with the proposed mandatory guardrails, indicated that the Australian Government is continuing to move towards a mandatory regulatory framework for high-risk AI applications, although the Government has repeatedly stated it wants to allow lower risk AI usage  to "flourish largely unimpeded".

On 16 April 2025, Australia's Industry Minister, Ed Husic, has affirmed the federal government's commitment to finalising a risk-based regulatory framework for artificial intelligence, despite recent shifts in approach in the US and EU. He stated that, if re-elected in the May 2025 election , a re-elected Labor government would prioritise the introduction of mandatory safeguards for the use of AI in high-risk contexts. We note that the Labor government was re-elected in May.

At the AFR AI Summit on 3 June 2025, Australian Industry Minister Tim Ayres underscored the vital importance of digital technology and artificial intelligence in driving Australia's future economic growth, productivity, and international competitiveness. He:

1. Reaffirmed the government’s dedication to the “Future Made in Australia” initiative, which aims to capitalise on the country’s strengths—such as political stability, strategic location, and clean energy resources—to attract global investment and support the development of high-value industries.
   
   
2. Stressed the need for Australia to be an active participant in the creation and implementation of AI technologies, rather than merely adopting solutions developed elsewhere, in order to bolster national resilience and ensure inclusive economic benefits.
   
   
3. Emphasised the role of cross-sector collaboration—among government, industry, research institutions, and unions—in managing AI-related risks, setting effective standards, and ensuring that technological advancement translates into better jobs, fair wages, and greater social equity.
   
   
4. Called for a principled, inclusive AI policy approach that supports domestic capability-building, values stakeholder engagement, and builds on existing initiatives, with a balanced focus on seizing opportunity while ensuring responsible governance.

On 13 June 2025, Australia Treasurer pushed back on union demands to regulate AI at work as it was reported that, in his media interview with the Australian Financial Review, Australian Treasurer Jim Chalmers has rejected union calls for immediate regulation of AI in Australian workplaces, saying that “[r]egulation will matter but we are overwhelmingly focused on capabilities and opportunities, not just guardrails".

Is AI specifically addressed in IP laws? Are there any guidelines / soft laws relating to AI? 

No, Australian copyright and patent laws do not currently expressly address AI (including whether AU can be an author of works, who 'owns' AI-generated outputs or addressing the legalities of using copyright works as part of the training of general purpose AI models). 

In April 2022, the Federal Court of Australia found in Thaler v Commissioner of Patents that AI could not be an 'inventor' for the purposes of a patent application made under the Patents Act 1990. 

Is AI specifically addressed in data protection laws? Are there any guidelines / soft laws relating to AI?

In December 2024, the Australian Parliament passed the Privacy and Other Legislation Amendment Bill 2024, which among other amendments, adds a requirement for privacy policies to contain information about substantially automated decisions which significantly affect individuals’ rights or interests (including the kinds of decisions and kinds of personal information used). These requirements come into effect in December 2026. 

Otherwise, there are currently no AI-specific requirements in Australian data protection laws.

The Australian Government in October 2024 released guidance on: 

1. privacy considerations for businesses when selecting and using AI products; and
   
2. privacy considerations for developers to take into account when developing and training generative AI models. 

Who are the competent AI supervisory authorities in your jurisdiction? 

Australia does not have a single AI regulator, but multiple agencies oversee AI-related risks:

• The Office of the Information Commissioner (OAIC) has a regulatory role under the Privacy Act 1988 (Cth) in respect of use of personal information as part of AI; 
  
• The Australian Competition & Consumer Commission monitors AI’s impact on competition and consumer protection; 
  
• The Australian Human Rights Commission addresses discrimination and fairness; 
  
• The Department of Industry is currently responsible for developing policy around implementation and regulation of AI; 
  
• The Australian Signals Directorate handles AI-related cybersecurity. 

A dedicated AI regulatory framework is under consideration. 

Are there any publicly known enforcement actions in relation to AI?

In October 2021, the OAIC determined that Clearview AI breached Australian privacy laws by collecting facial images without consent. This finding related to the scraping of biometric material (in the form of photographs of people's faces) from the internet, rather than any other aspects of the development, implementation or use of AI models.

In February 2025, the Australian government banned the use of DeepSeek on all federal devices due to national security concerns. 

Are there any other sector specific laws or guideline / soft laws (e.g. finance, healthcare etc.) where AI is specifically addressed?

• Online Safety Act 2021 (Cth), Internet Search Engine Services Online Safety Code (Class 1A and 1B Material) Industry Standard 2024 and Online Safety (Designated Internet Services – Class 1A and 1B Material) Industry Standard 2024: The standards made under the OSA impose requirements on entities operating search services and social media services (respectively) to ensure that AI functionality integrated within those platforms are not used to generate “synthetic” versions of Class 1A and 1B material (i.e., specific types of violent and sexually explicit material).

• Therapeutic Goods Administration Act 1989 (Cth) and Therapeutic Goods (Medical Devices) Regulations 2002: Guidance on software-based medical devices (issued in September 2024) emphasises that software developers must understand and demonstrate the sources and quality of text inputs used to train and test models, as well as how that data is relevant/appropriate for Australian populations.

• Corporations Act 2001 (Cth): Regulatory Guide 255 under the Act relates to digital advice and requires AFS licensees to maintain risk management systems (including testing & monitoring algorithms), and ensure human supervisory arrangements are available. 

• Court practice notes: NSW Supreme Court Practice Note “SC Gen 23” provides strict guidance and rules around the use and disclosure of AI in court materials. Similar rules exist in Victoria.

• Healthcare: In August 2024, the Australian Health Practitioner Regulation Agency provided guidance on AI use in healthcare, aligning with National Boards’ codes of conduct. The Department of Health and Aged Care commenced the Safe and Responsible Artificial Intelligence in Health Care Legislation and Regulation Review from September to October 2024, which considered the range of legislation to promote safe and responsible AI use in healthcare.

*Information is accurate up to 30 June 2025