Associated Incidents
In December 2023, the Department of Families, Fairness and Housing (DFFH) reported a privacy incident to the Office of the Information Commissioner (OVIC), explaining that a Child Protection worker had used ChatGPT when drafting a Protection Application Report (PA Report). The report had been submitted to the Children's Court for a case concerning a young child whose parents had been charged in relation to sexual offences.
Despite its popularity, there are a range of privacy risks associated with the use of generative artificial intelligence tools such as ChatGPT. Most relevant in the present circumstances are risks related to inaccurate personal information and unauthorised disclosure of personal information.
After conducting preliminary inquiries with DFFH, the Privacy and Data Protection Deputy Commissioner commenced an investigation under section 8C(2)(e) of the Privacy and Data Protection (PDP) Act with a view to deciding whether to issue a compliance notice to DFFH under section 78 of that Act.
OVIC's investigation considered whether the Department took reasonable steps to ensure the accuracy of personal information and to protect personal information it holds from misuse, as required by the Privacy and Data Protection Act 2014 (Vic) and Information Privacy Principles 3.1 and 4.1.