We use cookies to analyse traffic and to improve your browsing experience on our website. To find out more, read our privacy policy.

News Join our team Contact us

  • On this page

Published:  

Introduction - The Limits of Awareness

In preparing for today I found myself turning over a somewhat heretical thought. What if Privacy Awareness Week - as a concept - has largely achieved its purpose?

Think about it. Is there an adult in Australia who genuinely isn’t aware of their privacy - who doesn’t feel it viscerally when a data breach notice lands in their inbox, when they’re asked for a date of birth in exchange for a loyalty card, or when a platform quietly changes its terms to repurpose their data for something they never anticipated?

Our own 2026 Australian Community Attitudes to Privacy Survey tells us that 86 per cent of Australians say they are more concerned about their privacy than they were five years ago. Awareness is not the deficit.

So for a room full of privacy professionals - people who have devoted their careers to this cause - I want to spend our time together less on raising awareness and more on something harder and more interesting: what do we do with that awareness?

How do we translate the widely-felt concern about privacy into outcomes that actually change the experience of ordinary Australians?

My answer is three words, all beginning with A. Action. Agency. Alternatives.

Action

The first A is Action. And the question I keep returning to - in decisions, in regulatory engagement, in conversations with regulated entities - is deceptively simple: what does good look like?

Over the past two years, through dozens of decisions and regulatory actions, the OAIC has been working to answer that question in concrete terms. Let me distil what we have learned into four propositions.

Invest in compliance

Last year, the Federal Court handed down the first ever civil penalties under the Privacy Act against Australian Clinical Laboratories - a landmark we did not take lightly. Justice Halley’s findings are worth sitting with, because they are specific: the failure was not a failure of policy, it was a failure of investment. Inadequate testing. Insufficient training. Underpowered tools. The message from the Court is unambiguous: reasonable steps to secure personal information under APP 11 require actual resourcing, not aspirational statements.

Culture

In Vinomofo, also decided under APP 11, the compliance failure was less about technology than about organisational culture - a business posture that simply did not value customer privacy. Policies existed and training was nominal, but privacy was not genuinely embedded in how the organisation thought about its operations.

Transparency

The Administrative Review Tribunal’s decision in the Bunnings facial recognition matter - the merits review of my own determination - established something important about APP 5 and the notification of collection. General signage about video surveillance was not sufficient. The novelty of facial recognition technology required more specific disclosure.

Process

The Tribunal also found that random enquiries and ad hoc actions do not constitute the practices, procedures and systems required by APP 1. For new and potentially invasive practices, a formal, structured, documented risk assessment, conducted from the outset, is required.

Investment, culture, transparency, process. That is the action framework the OAIC has been elaborating through our regulatory work. And yet - the data tells us we are not yet where we need to be. Around a thousand data breach notifications a year. Our Privacy Sweep of sixty entities earlier this year found instances of non-compliance in a significant proportion. Privacy complaints to the OAIC are up thirty per cent year on year.

This brings me to the theme of this year’s Privacy Awareness Week. Those rising complaint numbers are not just a workload challenge for my office. They are a signal: when entities fail to take action on privacy compliance, individuals who have nowhere else to turn come to us.

The complaint queue is a measure of systemic non-compliance, and of the failure of first-instance dispute resolution.

This year’s theme for Privacy Awareness Week is ‘Trust is built here. In every complaint. In every resolution’.

Our community attitudes survey found that 64 per cent of Australians had concerns about how an organisation handled their information in the past year. But 52 per cent did not raise those concerns - because they didn’t think it would make a difference (56%), thought it would be too hard (51%), or didn’t know how (40%). Among those who did complain, only nine per cent said the issue was resolved to their satisfaction.

That is a system in serious dysfunction. And it is one that regulated entities have both the obligation and the opportunity to fix. APP 1 requires entities to implement practices, procedures and systems that enable them to handle inquiries and complaints. That requirement has, I think, been underweighted. We intend to change that - through upcoming determinations, through our engagement with the Attorney-General’s Department on Privacy Act reform, and through this Privacy Awareness Week’s deliberate focus on complaint handling as a trust-building instrument.

The UK’s Data (Use and Access) Act, in force from June 2026, provides a useful comparator: it requires entities to acknowledge complaints within 30 days, take appropriate investigative steps without undue delay, and notify individuals of outcomes. Australia should be moving in the same direction, and I have said so to those with responsibility for our reform process.

But even without legislative change, it is clear that APP 1 sets the bar high already. It demands entities take action to ensure they can receive and deal with privacy complaints.

Dispute resolution is where privacy obligations stop being abstract and start being real.

It is the point at which the rights individuals hold under the Privacy Act and the Australian Privacy Principles are tested in action - and the point at which trust is either built or destroyed.

Agency

The second A is Agency. And this one is, I admit, the one I feel most personally about.

Some of you will recall that my first Privacy Awareness Week as Privacy Commissioner was themed ‘Privacy is Power’ - a reminder that privacy is not about secrecy, but about choice. That conviction has threaded through everything we’ve done since, including our regulatory priority of rebalancing power and information asymmetries. I want to use today to point to three areas where I think the privacy community - not just regulators, but all of you - needs to keep pressing hard.

The first is artificial intelligence

Let me be specific about the AI I mean, because the term has become so elastic it can obscure more than it reveals. I am interested, right now, in two particular applications: the use of personal information to train AI models, and the rollout of AI scribe technology in clinical settings.

On model training: our guide on developing and training AI models, published in October 2024, is clear that personal information used to train AI must comply with the Privacy Act. In most cases it constitutes a secondary use or disclosure requiring APP 6 compliance. In choosing to focus on this issue, we have been informed by our understanding about community sentiment and preferences. For example in 2025, an ACCC commissioned consumer survey found that there was a discrepancy between consumer preference and industry practice when it came to how companies use consumer data to train their generative AI models. The consumer survey found that 83% of consumers surveyed agreed that companies should seek their consent before using their information to train AI models. Our forthcoming Australian Community Attitudes to Privacy Survey findings show that concern around this practice has intensified in the intervening months – with 93% of respondents saying that it is not fair and reasonable for organisations to use personal information for training AI models and products such as chatbots. From this I understand individuals to be expressing a desire for control and agency, particular when it comes to controversial and polarising new technology like AI.

For the past two years, we have been seeking to interrogate certain instances of AI training to ascertain their compliance with the Act. We’ve been particularly interested in the privacy practices of AI companies, as well as of entities which hold existing stores of personal information that they wish to repurpose to use to train AI models.

One such investigation against the I-MED image diagnostics firm was concluded with no findings of non-compliance after we established that I-MED deidentified data against recognised benchmarks sufficiently to satisfy us that further investigation was not warranted in the circumstances.

Other investigations are ongoing and are likely to result in determinations or other regulatory action later this year. These decisions will be important for at least two reasons – they will demonstrate in practice how the Privacy Act applies to this novel and impactful use of personal information in non-traditional technical contexts, but they will also be a vehicle for explaining our interpretation of certain terms in the Privacy Act, such as purpose, use and disclosure.

At the same time as focussing on AI model training, we have also been tracking closely the mainstream roll out of AI scribe technology, increasingly present in GP practices and medical surgeries from around the country.

Over the past two years, exercising our multiple health-privacy related functions as an agency (including as the privacy regulator of the My Health Record scheme), we have met with health focused agencies and regulatory bodies to discuss the uptake in AI scribes across the medical profession, including the Australian Health Practitioner Regulation Agency, the Australian Commission on Safety and Quality in Health Care (ACSQHC), Therapeutic Goods Administration, Australian Digital Health Agency and the Royal Australian College of General Practitioners. Last week I presented to the RACGP National Ethics Committee about scribes and related issues. We have also reviewed AI guidance developed by ACSQHC and provided comments relating to privacy impacts. OAIC staff also met with AI Scribe providers to better understand potential privacy impacts resulting from use in a clinical setting, and we continue to engage with civil society organisations concerned about the rollout of scribes, the deficiencies in GP’s implementation of AI scribe consent protocols, and the absence of disclosure around scribes in privacy policies.

Last year, the Productivity Commission’s interim report into Harnessing Data and Digital Technology proposed scrapping consent requirements in the Privacy Act – indeed, scrapping all APPs – and replacing them with a defence of best interests of privacy. At the time, I argued that the proposal constituted a radical shift away from a rights-based regime to one that enables organisations to avoid privacy compliance if they’re able to show that they were acting in the best interests of individuals’ privacy. Under such proposals, we could conclude that your GP would not have to ask your permission to use an AI scribe, or even tell you they were using it, if they could establish it was in your best interests to do so. I expressed the fear that such a system would be, at its best, unworkable – it is hard to imagine how an organisation could even demonstrate to a regulator that it was acting in the best interests of individuals without affording them the basic controls and protections currently enshrined in the Privacy Act. And it seems unlikely that organisations would be prepared to take on the requisite risk of such an approach.

Moreover, at its worst, the adoption of the best interests “defence” to privacy non-compliance could open the floodgates to underinvestment in privacy, a dramatic uptick in data breaches, and a further disempowerment of Australian consumers in the online realm.

Fortunately, the Productivity Commission’s final report, presented in December 2025, retreated from the ‘best interests defence’ proposal, and aligned with the existing proposal to introduce a ‘fair and reasonable test’ that has long been the centrepiece of Privacy Act reform. The PC’s view on how that test should be embedded differs from the government’s response to the Privacy Act Reform report, and time will tell how government decide to reconcile the two proposals. But it gives me confidence that fairness and reasonableness will continue to be at the heart of how the Privacy Act evolves. From where I stand, agency, choice and control are inherent features of fairness and reasonableness, not to mention critical safeguards in a world of AI, where the technology obscures choice and control far more than it enables it.

Excessive collection

The second agency challenge is one you all encounter in daily life: the relentless, expanding demand for personal information. Email addresses for receipts. Apps for after-school clubs. Dates of birth for supermarket loyalty schemes. We have become so inured to it that we rarely stop to ask the question the law requires us to ask: is this actually reasonably necessary?

It might be convenient, or desirable, for this company to have this data in one place, but do they actually need it?

Building out a more nuanced interpretation of the requirement in APP 3 that personal information collection be reasonably necessary for an entity’s functions and activities has been a deliberate focus and corollary to our regulatory priority focus on overcollection and imbalances of power. We have taken this forward considerably with our decision in the 2Apply RentTech matter, which was published two weeks ago.

Aside from being a landmark determination that looked at personal information through the lens of the power imbalance that exists in the rental property market, the decision was an important exploration of what agency consumers possess when they encounter applications that request excessive amounts of information and use unfair online choice architecture to do so.

I used the 2Apply decision as an opportunity to look at the requirements of APP 3.5 that personal information collection be fair and lawful, looking at the design, structure, and way information was conveyed on the 2Apply form. Drawing from work of the UK’s Information Commissioner’s Office, I utilised the concept of Online Choice Architecture, that is ‘the way information is presented and choices are structed [which] plays an important role in shaping consumers’ decision-making and behaviour online’. An Online Choice Architecture is not inherently bad or harmful – digital platforms can be structured in a way that benefit consumers, for example, where default security settings are in place that reduce the likelihood of a user falling prey to a virus or malware. However, these practices can be harmful to individuals if they undermine their choice and control over their personal information. Harmful Online Choice Architecture practices can also be referred to as dark or deceptive patterns. In the context of 2Apply, I identified harmful Online Choice Architecture practices including confirmshaming and biased framing.

‘Confirmshaming’ is the use of emotive language to make a user feel guilty or embarrassed for not taking an action that is beneficial to the information-collecting entity. For example, a user who chooses not to buy insurance when purchasing an airfare might be required to click a button with the text, ‘I am willing to take the risk’, rather than simply ‘No’. Confirmshaming can be a harmful Online Choice Architecture practice when it pressures users to provide more personal information than they would have, if not for the guilt or shame-inducing message.

‘Biased framing’ is the practice of presenting choices in a way that emphasises their supposed benefits or downsides. Biased framing can be harmful to the individual where the framing is beneficial to the entity and not in the interests of the user. For example, a website popup asking a user about information sharing settings states that if the user shares more information the entity will be able to offer a more personalised experience. That statement may be accurate in a sense, however it is framed in a way that emphasises the benefits of sharing more information, which is in the commercial interest of the entity, and fails to mention any potential downsides for the user. This results in individuals being encouraged to choose the option that results in the collection of more of their personal information.

Both practices, as well as a third – bundled consent – that I did not identify in the 2Apply example, undermine individual agency and deprive the community of real rights to exercise control over their personal information. In my view, they clearly contravene the requirements of APP 3.5, as they would any future requirement for personal information collection to be fair and reasonable.

Tracking pixels

The third agency challenge is tracking pixels - an investigation nearing completion that I expect to publish in coming weeks. The specific interest here is in how tracking pixels that collect sensitive personal information should be deployed consistently with individuals’ rights, including the right to consent before sensitive information is used or disclosed.

What unites AI training, overcollection in rental apps, and tracking pixels is that all three involve forms of data collection or use that are not easily visible to the people they affect. Passive. Ambient. Opaque. The Privacy Act, at its core, rests on transparency and consent. New technology challenges both, and the privacy community has to be loud and persistent in demanding that those values travel with the technology, not get left behind by it.

Agency and trust are linked. An individual who feels in control of their personal information is an individual who can extend trust. Strip away that control - through opaque AI, through passive data capture, through false choices - and you don’t just undermine agency. You destroy the conditions under which trust can be built at all.

Alternatives

And now to the third A, the one I find most generative - Alternatives. What if we didn’t just regulate the existing online ecosystem, but started, in some domains, to demonstrate what a different one could look like?

I’m not going to talk about Privacy Act reform in the abstract here - the reform process is ongoing and I don’t have news to break on timing. What I want to talk about instead is a concrete and imminent opportunity to demonstrate that the online world can be built differently. The Children’s Online Privacy Code.

You will know that an exposure draft of the Code has been published for consultation. You will hopefully have read it, or the guides to it. If you have, I hope you felt what I felt - something close to genuine excitement. Because the Code, if adopted in something like its current form, is not incremental. It is structurally transformative.

Let me name the features that excite me most:

  • Under the Code, data minimisation becomes the starting point. Online services must collect only what’s strictly necessary to provide the service, with information collection settings switched off unless a child actively opts in. This inverts how most online services currently operate, providing more control to children.
  • The best interests of the child becomes the primary consideration. For example, organisations will need to consider how, in their collection, use or disclosure of children’s personal information, they can keep children safe from exploitation risks, including the risks of commercial or sexual exploitation and sexual abuse and protect and support their health and wellbeing.
  • Consent will mean something real. Bundled tick-boxes and guilt tripping design tactics (such as wording like “no thanks, I prefer a boring version”) will be explicitly banned alongside other consent requirements.
  • Children under the age of digital consent are brought into the conversation. Even where parental consent is required the Code introduces an “assent” requirement, whereby children must be asked in age-appropriate language whether they agree to the handling of their personal information and for their parent to be contacted. This is designed to build digital literacy from a younger age, helping children understand what they’re handing over and why.
  • Transparency becomes a design element. Child-friendly privacy policies must use plain language and visuals so children can understand how their data is being handled. Children will also be able to request access to information about how their personal information is being handled.
  • A right to erasure shifts power to users. Parents and children will be able to request deletion, not just de-identification of their personal information. Entities will need to accede to such requests within 30 days.

Now here is the speculative argument I want to make. These protections are proposed for children. But what happens when children who have grown up under this Code become adults? What happens when organisations that have redesigned their systems to meet these requirements discover that the redesigned experience is, simply, better?

My hypothesis is that the Children’s Online Privacy Code has the potential to show, at scale, that an online ecosystem built around data minimisation, genuine consent, and transparency is not only legally compliant but commercially viable. That users who are treated as agents rather than data sources are users who extend trust, who stay, who recommend.

If that hypothesis is right, then the Code is not just a protection for children. It is a proof of concept for a different kind of digital economy. And the privacy community has a role to play in making that argument loudly, persistently, and in terms that resonate with boards and investors, not just regulators.

That is what I mean by alternatives. Not a fantasy of a world without data. A concrete, evidence-based demonstration that the trade-offs we have come to accept as inevitable - between privacy and utility, between protection and participation - are not inevitable at all.

Conclusion - Trust Is Built Here

The theme for this Privacy Awareness Week is ‘Trust is built here. In every complaint. In every resolution.’

Trust in the privacy sphere is not an abstraction. It is built - or not built - in specific, concrete moments. When an individual realises their personal information has been mishandled and reaches out to the organisation responsible. When that organisation’s complaint process is easy to find, human in its response, and genuine in its investigation. When the outcome is explained clearly and implemented promptly. Or, alternatively, when none of those things happen and the individual ends up, frustrated and disempowered, in our complaints queue.

Action, agency, and alternatives are all, ultimately, about creating the conditions under which trust can be built.

Action - proper investment in privacy compliance - means fewer breaches and failures that erode trust in the first place.

Agency - genuine control over personal information - means individuals can extend trust voluntarily, rather than having the question decided for them.

Alternatives - a demonstration that the digital world can be built differently - means that trust need not be a perpetual negotiation between individuals and institutions that hold most of the power.

For the regulated entities in your networks, I want to leave five practical commitments for this Privacy Awareness Week. Not aspirational statements - things that can be done this month:

  1. Know your obligations. Understand your complaint-handling requirements, timeframes, and what procedural fairness means in practice.
  2. Demonstrate accountability. Engage with complainants professionally, respectfully, and transparently - as if every interaction could be reviewed.
  3. Resolve with clarity. Clear reasoning, documented decisions, accessible processes. Not every complainant will be satisfied, but every complainant deserves to understand the outcome.
  4. Learn and improve. Use complaints as intelligence. Conduct Privacy Impact Assessments before deploying new systems. Treat dispute resolution as primary prevention, not damage control.
  5. Build trust as a strategic asset. Effective dispute resolution improves customer satisfaction, retention, and lifetime value. For public entities, it is the foundation of legitimate public confidence. Privacy and commercial interest are not in tension here - they point in the same direction.

Privacy Awareness Week 2026 is an opportunity. Not to remind people that privacy exists - they know. But to insist that awareness must convert into action, that action must be grounded in genuine agency, and that agency must be exercised in an ecosystem that offers real alternatives.

Thank you.

OAIC logo
Contact us 1300 363 992

Monday to Thursday 10 am to 4 pm (AEST/AEDT)

Acknowledgement of Country

The OAIC acknowledges Traditional Custodians of Country across Australia and their continuing connection to land, waters and communities. We pay our respect to First Nations people, cultures and Elders past and present.

© Commonwealth of Australia