Australian businesses have been provided with a valuable resource to navigate the complex landscape of using commercial AI products. The Office of the Australian Information Commissioner (OAIC) recently released guidance on October 21 that specifically addresses the use of commercially available AI products, ranging from chatbots to productivity tools and image generators.

The detailed document outlines organizations’ obligations when handling personal information within the context of off-the-shelf AI products. It covers a range of best practices that should be considered throughout the lifecycle of deploying AI products, including selecting an AI product, implementing privacy by design principles, meeting transparency requirements, and managing data privacy and accuracy risks.

One of the key aspects highlighted in the guidance is the importance of privacy considerations when utilizing AI systems. Businesses are reminded that privacy requirements apply not only to the personal information input into an AI system but also to the output data generated by AI. This underscores the need for organizations to update their privacy policies and notifications to provide clear and transparent information about the use of AI, ensuring that any public-facing AI tools are clearly identified as such to external users.

Moreover, the document emphasizes that AI systems used to generate or infer personal information are considered to collect personal information, requiring compliance with the relevant privacy guidelines. Organizations are advised to minimize the input of personal and sensitive information in public-facing AI tools and to adhere to the principles outlined in the Australian Privacy Principles guidelines, including the requirement to use or disclose personal information only for the primary purpose for which it was collected.

While the guidance applies to all types of AI systems involving personal information, it is particularly relevant for generative AI and general-purpose AI tools, as well as other high-risk uses of AI that may have adverse impacts. It serves as a practical resource for businesses looking to navigate the privacy implications of utilizing AI technology effectively.

It is important to note that the guidance provided by the OAIC complements existing privacy regulations in Australia, including the Privacy Act and Privacy Principles guidelines established in 1988 and most recently updated in 2022. While the document does not cover all privacy issues and obligations related to AI usage, it should be considered in conjunction with existing regulations to ensure comprehensive compliance.

Overall, the publication of this guidance represents a significant step towards clarifying the responsibilities and best practices for businesses using commercial AI products in Australia. By following the recommended privacy considerations and implementing the outlined recommendations, organizations can mitigate potential risks and ensure the responsible and ethical use of AI technology in their operations.

Извор линк