Businesses that generate or modify content using AI must comply with existing legal and regulatory obligations, especially relating to privacy, competition, human rights, copyright and online safety. Under the Australian Consumer Law all businesses are required to ensure your conduct and the representations you make are truthful and not deceptive, including where AI was involved in creating content. Domestic and international legal obligations, technical capabilities and transparency mechanisms are evolving rapidly, and businesses should monitor them closely.
When developing and using AI systems and associated transparency mechanisms, all developers and deployers should be aware of their obligations under the Privacy Act 1988. This includes obligations relating to the collection, use and disclosure of personal and sensitive information when training or fine‑tuning AI models, generating content or recording metadata in addition to the security and accuracy of personal information.
Metadata including personal information such as author name, creation date or IP address, should generally be obscured, though developers and deployers should be aware of their obligations under the Copyright Act 1968 in relation to electronic rights management information. You should also respect individual and collective rights as well as cultural sensitivities. Read more about privacy and generative AI on the OAIC website or work underway on Envisioning Aboriginal and Torres Strait Islander AI Futures.