The Human Technology Institute at the University of Technology Sydney has published the AI Governance Snapshot – People, Skills and Culture for Effective AI Governance. This is part of a series to build greater shared understanding and awareness of the practical steps that organisations can take to transform AI governance […]
OECD’s Reporting Framework for AI Governance
On 7 February 2025, the OECD launched the reporting framework for monitoring the application of the Hiroshima Process International Code of Conduct for Organizations Developing Advanced AI Systems. This is a significant step in international AI governance, reinforcing the G7’s commitment to ensuring the safe, secure, and trustworthy development, deployment, and […]
International AI Safety Report 2025
The International AI Safety Report, published on 29 January 2025, sets out it ‘is the world’s first comprehensive synthesis of current literature of the risks and capabilities of advanced AI systems.’ This report arose from the Bletchley AI Safety Summit and the agreement to ‘build a shared scientific and evidence-based understanding of frontier AI risks through […]
Vatican publishes document on risks of AI
The Vatican published a document on 28January 2025, titled ‘Antiqua et Nova’ – Note on the Relationship Between Artificial Intelligence and Human Intelligence addressing the anthropological and ethical challenges raised by AI. The document highlights challenges and opportunities of the development of Artificial Intelligence (AI) in the fields of education, economy, work, […]
Interim guidance on government use of public generative AI tools
Generative AI tools present new and innovative opportunities for government. However, due to their rapid evolution and uptake, the risks involved in their use need to be considered and assessed. The breadth of government activities includes developing policy advice for ministers, delivering programs to industry, providing services to the community […]
Public Statement: Use of Microsoft 365 Copilot in the Victorian public sector
This public statement is made pursuant to section 8C(1)(f) of the Privacy and Data Protection Act 2014 (Vic) (PDP Act).[1] The statement relates to the potential adoption and use of Microsoft 365 Copilot (Copilot) by Victorian public sector (VPS) organisations. The Acting Information Commissioner has issued a public statement specifically […]
Public Statement: Use of personal information with ChatGPT
This is a public statement made by the Privacy and Data Protection Deputy Commissioner under section 8C(1)(f) of the Privacy and Data Protection Act 2014 (Vic) (PDP Act). This statement relates to the use of the Chat Generative Pre-Trained Transformer (ChatGPT) platform by Victorian public sector (VPS) organisations. ChatGPT is […]
Generative AI: basic guidance
This resource provides guidance for using Generative Artificial Intelligence (Gen AI) tools for the NSW Government. It outlines responsible, safe, and ethical practices for working with these tools and builds on the existing NSW government guidance on artificial intelligence. Applications across NSW Government are rapidly integrating AI. Staff must be […]
OECD – Algorithm Impact Assessment Tool
The Algorithmic Impact Assessment (AIA) is a mandatory risk assessment tool intended to support the Treasury Board’s Directive on Automated Decision-Making. The tool is a questionnaire that determines the impact level of an automated decision-system. It is composed of 51 risk and 34 mitigation questions. Assessment scores are based on […]
New Zealand – Algorithm Impact Assessment Toolkit
The Algorithm Impact Assessment (AIA) toolkit is a series of tools for agencies to use to help them understand and assess the potential impacts of the algorithms they create or use. AIA process The Algorithm Impact Assessment (AIA) process is designed to support informed decision-making about the benefits and risks […]
Canada – Algorithmic Impact Assessment tool
The Algorithmic Impact Assessment (AIA) is a mandatory risk assessment tool intended to support the Treasury Board’s Directive on Automated Decision-Making. The tool is a questionnaire that determines the impact level of an automated decision-system. It is composed of 51 risk and 34 mitigation questions. Assessment scores are based on […]
EDPR opinion on AI models: GDPR principles support responsible AI
On 18 December 2024, the European Data Protection Board (EDPB) adopted an opinion (pursuant to Article 64(2) of the GDPR) on the use of personal data for the development and deployment of AI models. The opinion deals with three matters: Anonymity, the opinion says that whether an AI model is anonymous […]
State of Australia’s FOI System
On 13 January 2025, the Freedom of Information Commissioner, Toni Pirani, released the Freedom of Information (FOI) Practitioners’ Survey 2024 report. Ms Pirani has highlighted three key learnings: Improving systems will make complying with FOI obligations easier The majority of agencies require improvement to their systems and policies for records […]
New Zealand Biometrics Code Consultation
The New Zealand Privacy Commissioner, Michael Webster has released the Biometric Processing Privacy Code for consultation and is calling for submissions on the draft Code from the public and any agencies it would apply to. “The Code will help agencies implement the technology, while giving people confidence it’s being done […]
$50 million settlement from Meta for Cambridge Analytica incident
On 17 December 2024, the Australian Information Commissioner announced that Federal Court civil penalty proceedings against Meta had settled for a $50 million payment program as part of an enforceable undertaking received from Meta Platforms, Inc. (Meta). The Commissioner alleged that the personal information of some Australian Facebook users was disclosed to […]
Data Leak Exposes Car Owners’ Movements
In December 2024, we highlighted the privacy risks arising from cars examined by Dr Katherine Kemp in her report, ‘Driving Blind: The Unexamined Privacy Risks of Connected Cars’ (access here). Reports in Carscoop and Spiegel on 27 December 2024, revealed that movement data of 800,000 electric cars and contact information […]
Australia’s Privacy Act Reforms 2024
On the final Parliamentary sitting day of 2024, the long-awaited first tranche of privacy reforms was finally passed by the Parliament in the Privacy and Other Legislation Amendment Act 2024 (Cth). This first tranche of reforms implements 23 of the 25 proposals the Government agreed to in its September 2023 […]
NZ Privacy Commissioner’s Report 2024
The New Zealand Privacy Commissioner Annual Report was published on 26 November 2024. It revealed that 864 privacy breach notifications were received and that 1,003 complaints had been processed, with financial settlements in 6.5% of complaints. A key highlight reported was the European Commission determining that New Zealand has an […]
Australian Cyber Security Resources
The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help organisations mitigate cyber security incidents caused by various cyber threats. These can be used by any organisation and can be accessed here – Strategies to Mitigate Cyber Security Incidents. This is supported by the Strategies to Mitigate Cyber Security […]
US NIST Cyber Security Resources
In February 2024, the U.S. Government’s, National Institute of Standards and Technology released the NIST Cybersecurity Framework 2.0 providing guidance to industry, government agencies, and other organisations to manage cybersecurity risks. It offers a taxonomy of high-level cybersecurity outcomes that can be used by any organisation — regardless of its […]