The Privacy Act reforms moving through Australian law since late 2024 are the biggest change to data protection here in almost forty years. For a small business running AI in customer service, marketing, or operations, the reforms are not abstract. They change what you must disclose, how you handle automated decisions, and what happens when something goes wrong. This guide covers what shifted and the concrete steps a Sydney or Melbourne SMB should take in 2026.
What the reforms actually changed
Three changes matter most for businesses using AI. First, privacy policies now need to explain when automated systems make or substantially influence decisions that affect people. If Claude or any model helps decide who gets a quote, a refund, or a shortlist spot, that has to be visible to the person affected. Second, the reforms introduced a statutory tort for serious invasions of privacy, so individuals can take direct action rather than waiting for the regulator. Third, the Office of the Australian Information Commissioner (OAIC) gained sharper enforcement powers, including tiered civil penalties for breaches that fall short of the most serious cases.
The headline penalty for serious or repeated breaches remains steep: up to A$50 million for a body corporate, or three times the benefit gained, or 30 per cent of adjusted turnover for the relevant period, whichever is greater. Most SMBs will never see a number like that, but the mid-tier penalties are designed to catch smaller, everyday failures too.
Some measures took effect on commencement, while others phase in through 2025 and 2026 as the OAIC publishes guidance and codes, including a Children's Online Privacy Code. Treating 2026 as the year to get ready is sensible: the direction is set, and waiting for every detail to settle only shortens your runway.
Where AI raises the stakes
AI changes the privacy picture in a few specific ways. Models are trained and prompted on data, and that data often includes personal information about customers. When you paste a support thread into a chatbot, feed CRM records into an enrichment step, or let an agent read inboxes, you are handling personal information under the Act, whether or not a human ever sees the output.
None of this means avoiding AI. It means being deliberate. A support assistant that drafts replies can be a real help to a small team, but it should read only the ticket in front of it, not the entire customer history, and it should not quietly file that data somewhere no one can find it again. The common failure points look like this:
Sending customer data to a model or vendor whose data handling you have never checked, and that may store or train on what you send.
Making automated decisions such as pricing, eligibility, or prioritisation without telling the affected person that a system was involved.
Keeping AI transcripts and logs indefinitely, long after the business reason for holding them has passed.
Collecting more personal information than the task needs because it is easy to grab everything and let the model sort it out.
Assuming an overseas AI provider meets Australian standards without confirming where data is processed and stored.
A practical checklist for 2026
You do not need a legal team to make real progress. Work through this list over a few weeks:
Map where personal information flows into AI. List every tool, prompt, and integration that touches customer data.
Update your privacy policy to describe automated decision-making in plain language, including what the system does and how a person can query it.
Choose AI vendors on their data terms, not just their features. Confirm whether inputs are used for training and where processing happens.
Set retention limits on AI logs and transcripts, and delete on schedule rather than by accident.
Give staff a short rule set for what can and cannot be pasted into a model, and keep sensitive categories out.
Keep a person accountable for any decision that materially affects a customer, and record how that review happens.
Building AI that respects the reforms
This is where the tool you pick matters. We build with Claude first because Anthropic's commercial terms do not train on your business inputs by default, which removes one of the largest privacy risks before you write a line of code. That is a starting point, not a finish line: you still control what data you send, how long you keep it, and whether a person can understand a decision that affected them.
The businesses handling this well in 2026 treat privacy as a design choice rather than a compliance afterthought. They send the model only the fields a task needs, they log decisions so they can explain them later, and they write disclosures a customer can actually read. Done properly, this also builds trust, which is worth far more than any penalty avoided.
If you are running AI in your business and are not sure where you stand against the reforms, we help Australian SMBs map their data flows and build systems that hold up. You can book a short call to talk it through.



