We use cookies to analyse traffic and to improve your browsing experience on our website. To find out more, read our privacy policy.

News Join our team Contact us

  • On this page

The 2026 Australian Community Attitudes to Privacy Survey (ACAPS) is a nationally representative tracking study (n=1,504, fieldwork 16–30 March 2026) that monitors Australians’ attitudes to privacy, experiences of privacy risks and misuse of personal information, and expectations of organisations and government. ACAPS 2026 also explores issues including perceptions of consent and control, fairness and proportionality in collection and use, complaint and dispute resolution, support for deletion/erasure, and attitudes to AI and biometric uses involving personal information.

The study evidences that privacy remains important to Australians and concern is increasing. Many Australians feel they do not have meaningful control over how their personal information is collected, used and shared in practice. Trust is concentrated in health providers and government, and is very low in digital and data-driven sectors such as social media, AI companies and data brokers.  Australians draw clear lines between necessary collection for service delivery, and practices they view as excessive, opaque or one-sided, particularly secondary uses such as targeted advertising based on sensitive data, trading or sale of personal information, and training AI systems. Strong support for deletion rights and for extending privacy obligations to currently exempt sectors points to an expectation that privacy protections should be practical, enforceable and matched to contemporary data practices.

Headline findings

Relevance and accountability

  • Privacy remains a key issue. 93% say protecting personal information is important to them, and 87% say they are more concerned about their privacy than they were 5 years ago.
  • Australians overwhelmingly expect organisations to minimise privacy risks. Almost all respondents (98%) say organisations that collect, use or share personal information should be responsible for protecting privacy even if no immediate harm occurs, with 86% viewing this responsibility as very strong.
  • Greater confidence in privacy practices would increase participation in digital services. Around two-thirds (68%) say they would be more likely to use digital services requiring personal information if they believed their data was handled fairly and responsibly.
  • Australians remain cautious about the use of artificial intelligence (AI) in decision-making that may affect them. Nearly all (96%) say some conditions should be in place before it is used. Around 7 in 10 Australians (71%) consider it somewhat or very uncomfortable for organisations to use personal information originally provided for a service to train AI systems after that service has been completed. AI use for fraud detection is more widely accepted (64%). Acceptance is lowest for automated eligibility or risk-based decisions, such as loan approvals or benefit eligibility, with only one-quarter (25%) viewing this as acceptable.

Control and consent in practice

  • Most people feel they have limited real control. 78% report very little or no control over how their personal information is collected and used.
  • Consent often doesn’t feel like a genuine choice. 65% say sharing information rarely or never feels like a genuine choice and 68% say the same about consent. 52% say they accept sharing because they might otherwise miss out on essential services or opportunities.
  • Data collection is accepted when clear limits and choices exist. Around 9 in 10 Australians (92%) say data collection can be acceptable under certain conditions, particularly where the purpose is clear (69%), consent or opt-in is available (68%), collection is limited to what is necessary (66%), and the ability to opt out of non-essential collection (61%).
  • Privacy policies are expected to do a lot, but are often skipped. While people know what they want included, 69% say they always or often agree without reading most or all of the policy.

Everyday concerns and impacts

  • Privacy concerns are widespread. 73% (vs 64% in 2023) experienced a privacy concern in the past 12 months.
  • Marketing-related issues are common. The most common concerns were being unable to unsubscribe from marketing (41% vs 25% in 2023) and having information used for unsolicited direct marketing (38% vs 21% in 2023).
  • Impacts are felt quickly. Among those who experienced a concern, 70% (vs 55% in 2023) reported more scams/spam, 46% (vs 53% in 2023) reported loss of trust and 39% reported loss of control.
  • Harms following data breaches remain widespread. Around three-quarters (77%) of Australians whose data was involved in a breach experienced at least one form of harm, while exposure to scams and spam increased and was the most common impact (62% vs 52% in 2023).

Fairness boundaries, collection limits and trust

  • Many Australians judge current data practices as unfair. Only 10% say organisations’ real-world practices are usually fair, while 35% say they are mostly or always unfair.
  • Secondary uses are a key ‘red line’. Around 9 in 10 say it is not fair and reasonable to use personal information for selling/trading personal information (96% vs 87% in 2023), online tracking, profiling and targeted advertising to children (96% vs 89% in 2023) or other vulnerable individuals (95% vs 88%), unnecessary location tracking (94% vs 87%), training AI models/products (93%), significant AI-informed decision (91% vs 70%), differential pricing (91%), or targeted advertising based on sensitive data (91% vs 84% in 2023). Around 7 in 10 (71%) consider it unacceptable for organisations to use personal information provided for a service to train AI systems after the service has been completed.
  • People distinguish between necessary and excessive collection. Individuals view the provision of basic identifiers to access a service as reasonable, but 92% say there are some types of information organisations should never collect. Information about sexual orientation (72%) and biometrics (71%) feel excessive or unjustified in most situations, regardless of the organisation or purpose.
  • Trust varies sharply across sectors and has declined across many commercial industries. Trust remains highest for health service providers (74%) and Government agencies (68%), but has fallen across insurance, telecommunications, technology, retail and real estate sectors since 2023. Trust is lowest for social media companies (3% vs 14% in 2023), data brokers (4%) and AI companies (4%).

Rights, redress and support for stronger protections

  • Many people don’t feel equipped to use their rights. 40% do not really know what data organisations hold about them or how to access it, while 11% say they can easily access their data and request corrections or deletion.
  • Concerns often don’t become complaints, and pathways appear hard to navigate. 64% had concerns in the past year, but 52% did not raise them. Among non-complainants, 56% said it would not make a difference, 51% said it would be too hard/time-consuming, and 40% did not know how. Among those who did complain, only 9% said the issue was resolved to their satisfaction.
  • Confidence in privacy complaint handling varies by sector, with banks and financial institutions (46%), health services (42%) and government agencies (41%) rated highest, and very low confidence in online retailers (4%) and social media platforms (3%).
  • Support for stronger rights and broader coverage is very high. 93% support a legal right to request deletion of personal information, and there is strong support for extending equivalent privacy obligations to currently exempt sectors.

What the findings mean for the community and for industry

For the community, the results reinforce that privacy risks are experienced as practical, everyday issues in the form of spam and scams, marketing friction, uncertainty about who holds what data, and limited ability to meaningfully opt out. The strong emphasis on control, fairness and accountability suggests Australians expect organisations to implement privacy safeguards that work in the moment decisions are made, not only through long-form policies or complex consent flows. High support for deletion and concern about secondary uses (including AI training) indicates an expectation that organisations should not repurpose personal information indefinitely or in ways that are difficult to see, contest or reverse.

For industry, the findings point to a sustained ‘trust gap’ for sectors that rely heavily on data-driven business models, particularly where collection feels excessive, benefits appear one-sided, or there is no realistic alternative to participation. The results suggest that building trust is likely to depend on:

  • clearly limiting collection and retention to what is reasonably necessary and proportionate
  • constraining secondary uses (especially high-impact uses and uses involving sensitive information)
  • giving people practical choices that do not require trading away access to essential services in exchange for the secondary use or disclosures of their personal information
  • providing complaint, access and correction pathways that are easy to find, easy to access, predictable and effective. Where AI and biometrics are used, community acceptance appears strongly conditional on transparency, contestability (including human review), and clear boundaries around training, sharing retention and secondary use.

What the survey tells us about the OAIC’s regulatory priorities

1) Making privacy choices fairer and easier to understand

What the survey suggests: Many Australians experience ‘consent’ as a condition of participation rather than a genuine choice, and fairness concerns rise when collection feels disproportionate or opting-out is unrealistic.
Regulatory implication / opportunity: Set clearer expectations of necessity and proportionality and stronger limits on collection, retention and secondary use beyond notice-and-consent, especially in high-risk and data-intensive business models.

2) Protecting privacy rights as new technologies develop

What the survey suggests: Acceptance of AI and biometrics is strongly conditional: people want transparency, boundaries on secondary uses (including AI training), and the ability to challenge high-impact outcomes.
Regulatory implication / opportunity: Promote guardrails for AI/biometrics in particular purpose limitation, contestability (including human review where appropriate), strong transparency, and lifecycle controls on use, sharing and retention.

3) Improving how government manages information

What the survey suggests: Trust in government agencies’ handling of personal information is higher than in 2020 and remains consistent with 2023 levels, but it is conditional on disciplined stewardship, particularly where decisions affect rights and entitlements and where government uses AI.
Regulatory implication / opportunity: Reinforce public sector governance as a benchmark: clear accountability, risk assessment and oversight before high-impact deployments, and transparent practices and disclosures that sustain community trust.

4) Ensuring timely access to information and effective pathways

What the survey suggests: Many people are not confident they can access, correct or delete their personal information, and privacy concerns often do not progress to complaints because pathways feel unclear, burdensome or ineffective.
Regulatory implication / opportunity: Encourage improved accessibility and predictability of complaint pathways (clear contact points (including outside of logged in accounts), reasonable timeframes, and outcomes that build confidence) so rights operate as practical tools and generate system feedback.

Methodology snapshot

ACAPS 2026 surveyed 1,504 adults aged 18+ across Australia (weighted to be nationally representative). Data collection was conducted via the Life in Australia™ probability-based panel, primarily online (n=1,490) with a small proportion by telephone (n=14). Fieldwork ran from 16–30 March 2026

Previous chapter
Next chapter
OAIC logo
Contact us 1300 363 992

Monday to Thursday 10 am to 4 pm (AEST/AEDT)

Acknowledgement of Country

The OAIC acknowledges Traditional Custodians of Country across Australia and their continuing connection to land, waters and communities. We pay our respect to First Nations people, cultures and Elders past and present.

© Commonwealth of Australia