AI Regulation ReferenceDoes Privacy Act 1988 — Automated Decision-Making Reforms require Transparency & Disclosure?
Australia • enacted
Yes — 1 provision
Requirements at a glance
This regulation imposes 5 specific requirements for Transparency & Disclosure across 1 provision:
- Privacy policy disclosure — Must disclose kinds of personal information used in ADM
- Decision type disclosure — Must describe kinds of decisions made solely or substantially by automated systems
- Plain language explainability — Must explain in plain language how AI reaches decisions
- Influential factors — Must disclose factors most significantly influencing outcomes
- Substantial role test — Applies even when human reviews if AI is essential part of the process
Automated Decision-Making Transparency (APP 1.7/1.8) #
Australia's Privacy Act reforms make AI transparency mandatory through privacy law — not AI-specific legislation. Any organization using personal information in automated decisions must disclose the types of data used, the logic applied, and the most influential factors. Even "human in the loop" doesn't exempt you if the algorithm plays a substantial role. The OAIC has stated that "the algorithm decided" is not an acceptable explanation.
Requirements
| Requirement | Details |
|---|---|
| Privacy policy disclosure | Must disclose kinds of personal information used in ADM |
| Decision type disclosure | Must describe kinds of decisions made solely or substantially by automated systems |
| Plain language explainability | Must explain in plain language how AI reaches decisions |
| Influential factors | Must disclose factors most significantly influencing outcomes |
| Substantial role test | Applies even when human reviews if AI is essential part of the process |
Penalties
| Violation | Fine |
|---|---|
| Serious breach | Significant civil penalties per Privacy Act enforcement provisions |