The Sector - Early Education News’ Post

OAIC clarifies artificial intelligence (AI) privacy obligations - Insight - MinterEllison: OAIC clarifies artificial intelligence (AI) privacy obligations ... On October 21, the Office of the Australian Information Commissioner published two ... http://dlvr.it/TFYWh6

The Office of the Australian Information Commissioner (OAIC) has issued Guides to help organisations navigate and understand how the Australian Privacy Act 1988 (Cth) and the associated Australian Privacy Principles (APPs) apply to artificial intelligence (AI), and to outline the regulator’s expectations in relation to the development and deployment of AI. Read more to gain some practical tips here: https://ow.ly/6OlY50U4Nmv By: Brenton Steenkamp, Simon Newcomb, Monique Azzopardi, Deepa Thakkar, Nicole Steemson and Utsab Banskota

The IPC recently released its Guide to understanding Privacy Impact Assessments on AI systems and projects. The guide was developed to support agencies in understanding, assessing and reducing privacy risks in relation to the use of AI systems and projects when undertaking Privacy Impact Assessment. View the guide here: https://bit.ly/4jeaDMt

If you were wondering whether you need to do a Privacy Impact Assessment before deploying AI in your organisation, the answer is a resounding "YES". For more tips on privacy compliant AI use, read our summary of the OAIC guidance. #AI #privacy

Number 2 below is particularly of note! Using commercially available AI: The key takeaways: 1. Privacy obligations apply to personal information entered into, and output generated by, AI (if that output it contains personal information). APP Entities must embed privacy into their selection and use of any AI system that interfaces with personal information. That includes AI systems trained or tested on personal information, as well as those that will generate outputs containing personal information. 2. Even incorrect AI generated information about a reasonably identifiable individual will constitute personal information, and must be managed accordingly. This includes hallucinations. 3. Privacy Policies and Collection Notices should clearly outline when and how AI will access and use an individual's personal information, to enable informed consent. 4. Use of AI to generate or infer personal information must comply with Australian Privacy Principle (APP) 3 in relation to collection of personal information. 5. In accordance with APP 6, Personal Information should only be used or disclosed to AI for: the primary purpose for which it was collected (which should be narrowly framed), or otherwise with consent, or where the APP Entity can establish secondary use would be reasonably expected by the individual, and is related (or for sensitive information is directly related) to the primary purpose. In order to establish the secondary use was reasonably expected, best practice is to outline the proposed use in the APP Entity's Collection Notice and Privacy Policy. 6. The OAIC has explicitly confirmed it is best practice not to enter personal information in publicly available generative AI tools, such as chatbots. Thanks Sonja Read and MinterEllison for the summary of OAIC guidance on Privacy Impact Assessments before deploying AI 👇

As more and more businesses incorporate AI into their systems and processes, it's critical to consider potential privacy implications and compliance. OAIC guides are now available to assist APP entities navigate how privacy laws apply when these tools are used - we have summarised the 5 key takeaways from the first guide.

How will the OAIC's AI privacy guidance, published yesterday, impact AI? Sam Burrett and I have summarised some highlights in this article.

This week the Office of the Australian Information Commissioner (OAIC) published two guides about how privacy laws apply to AI. The OAIC has confirmed it is best practice not to enter personal information in publicly available generative AI tools and that Privacy Impact Assessments should be performed before a new #AI system is introduced. We've summarised the key takeaways from the first guide to help Australian Privacy Principle Entities (APP Entities) deploy AI systems in a way that complies with their privacy obligations. Find out more: https://lnkd.in/gnTZZuPD Authors: Chelsea Gordon, Sam Burrett

Many believe Generative AI has huge potential but also poses privacy risks. By adhering to best practices, users can benefit from these tools while reducing harm. Collaboration between users, technology developers, and regulators is key to addressing privacy issues without hindering progress in this area. Looking at the approach adopted by the Office of the Australian Information Commissioner aids in shaping our local governance needs. 

AI, DATA GOVERNANCE AND PRIVACY SYNERGIES AND AREAS OF INTERNATIONAL CO-OPERATION OECD ARTIFICIAL INTELLIGENCE PAPERS_ The intersection of AI, data governance, and privacy, and ways in which policy communities can collaborate to address related risks, especially with the rise of generative AI.