AIRiskAware
インサイトに戻る英語で読む

この記事は現在英語でのみご利用いただけます。

Australia 9 min read 2026

AI Governance for Australian Telcos and Media: ACMA Obligations, Misinformation, and Network AI

Australian telecommunications companies and media organisations face AI governance obligations from ACMA (broadcasting and communications), the ACCC (competition and consumer), and the Online Safety Act. The 2026 compliance guide.

AI Governance for Australian Telcos and Media: ACMA Obligations, Misinformation, and Network AI

Key Takeaways

  • The Australian Communications and Media Authority (ACMA) has regulatory oversight over AI used in broadcasting and communications — AI-generated content broadcast on licensed services must comply with the same standards as human-generated content.

  • The Online Safety Act 2021 creates obligations for large online platforms (including AI content platforms) to address class 1A and 1B material — AI systems that generate or facilitate harmful content may create provider liability.

  • The ACCC's Digital Platform Services Inquiry and its ongoing monitoring of digital platforms addresses AI-driven recommendation systems, algorithmic advertising, and AI content moderation — competition and consumer law applies to these systems.

  • Telco network AI — AI used in network management, traffic prioritisation, and cybersecurity — must comply with the Telecommunications Act and the Security of Critical Infrastructure Act obligations.

  • The proposed Misinformation and Disinformation legislation (still evolving in 2026) will create obligations for digital platforms to address AI-generated misinformation — preparatory governance work is needed now regardless of the final legislative form.

"情報提供のみを目的としています。この記事は法律、規制、財務または専門的なアドバイスを構成するものではありません。具体的なアドバイスについては、資格を持つ専門家にご相談ください。"

The Australian telecommunications and media sector — AI governance under multiple regulators

The Australian telecommunications, online services, and media sector has the most fragmented AI regulatory environment of any Australian industry. Where financial services AI is overseen primarily by APRA and ASIC, and healthcare AI primarily by the TGA and OAIC, telco and media AI sits at the intersection of multiple specialised regulators — each with its own statutory powers, enforcement priorities, and emerging AI focus.

The active regulators are: ACMA (Australian Communications and Media Authority) for broadcasting, telecommunications consumer protection, online content classification, and emerging AI-related content rules; eSafety Commissioner for online safety, harmful content, and AI-generated abuse material; OAIC (Office of the Australian Information Commissioner) for privacy and the ADM transparency obligation from December 2026; ACCC (Australian Competition and Consumer Commission) for advertising, consumer protection, and competition issues; the Department of Infrastructure, Transport, Regional Development, Communications and the Arts (DITRDCA) for legislative reform. Each of these regulators has been active on AI through 2025-2026.

ACMA and the Online Safety Act framework

ACMA administers the Online Safety Act 2021 and the Online Content Scheme. AI-generated content — particularly AI-generated child sexual abuse material, non-consensual intimate imagery, and abhorrent violent material — falls within the regulatory framework. The Industry Codes for the Online Safety Act 2021, registered progressively from 2023-2025, address AI-enabled risks across messaging services, search engines, app stores, social media, ISPs, hosting providers, and equipment manufacturers. The eSafety Commissioner administers complaints and removal processes; non-compliance carries civil penalties.

For broadcasting and online streaming, ACMA's Code of Practice frameworks (commercial radio, commercial television, subscription broadcasting, internet streaming) increasingly address AI-generated content disclosure. The Australian Communications Industry Forum (ACIF) Code C661 covers customer service AI in telecommunications, including disclosure obligations for AI-driven customer interactions.

The eSafety Commissioner's AI focus areas

The eSafety Commissioner has been particularly active on AI issues. Specific focus areas: AI-generated child sexual abuse material (mandatory removal obligations for services); deepfake intimate imagery (criminalised at federal level under Criminal Code amendments effective from 2024); AI-generated harmful content directed at children; generative AI chatbots interacting with minors and creating safety risks; and emerging concerns about AI companions used by vulnerable users including those with mental health issues.

In November 2025, the federal government announced the Social Media Minimum Age legislation, restricting access to certain social media services for those under 16. The legislation, which commenced application in stages from December 2025, creates significant compliance obligations including age assurance — frequently AI-enabled. The implementation of these obligations is being supervised by the eSafety Commissioner, with industry codes registered under the Online Safety Act framework.

OAIC and AI in telco/media — the Privacy Act overlay

The Privacy Act 1988 applies to telco and media organisations that collect personal information — which covers virtually all consumer-facing services in this sector. The Australian Privacy Principles (APPs) apply to AI processing of personal data including: recommendation algorithms on streaming services; targeted advertising AI; AI-driven customer service interactions; AI-enabled fraud detection on telco networks; biometric authentication systems; and AI used in marketing personalisation.

The Privacy and Other Legislation Amendment Act 2024 introduces the automated decision-making (ADM) transparency obligation from 10 December 2026. Telco and media organisations using AI in substantially automated decisions with legal or similarly significant effects on individuals must disclose in their Privacy Policy: that they use such ADM, the kinds of personal information used, and the categories of decisions made. This will affect telco services (account decisions, credit checks, plan eligibility) and media services (algorithmic content moderation, automated account decisions, AI-driven recommendations).

ACCC enforcement — AI-driven commercial practices

The ACCC's AI enforcement focus in this sector has been on misleading representations, dark patterns, and digital platform competition. The October 2025 ACCC proceedings against Microsoft over alleged misleading Copilot AI integration in Microsoft 365 plans affecting approximately 2.7 million Australians demonstrate the regulator's appetite for enforcement at scale. The September 2025 proceedings against JustAnswer LLC over alleged misleading subscription pricing through AI advice services illustrate the same approach in the AI services market.

The Digital Platform Services Inquiry, which concluded in March 2025 with 35 recommendations, produced extensive evidence on dark patterns, hidden charges, forced subscription sign-ups, and accidental paid subscriptions affecting 72% of Australians surveyed. The 2026-27 ACCC priorities include continued focus on these areas. The government's announced unfair trading practices reforms — once enacted — will add specific prohibitions to existing misleading conduct law, particularly affecting AI-driven dark patterns in subscription and onboarding flows.

News media and AI — the Voluntary AI Safety Standard's Guardrail 6

News media organisations in Australia operate under multiple AI-related frameworks. The Voluntary AI Safety Standard (Guardrail 6) provides guidance on informing end-users about AI-enabled decisions, AI interactions, and AI-generated content. Major Australian news organisations (ABC, SBS, Nine, Seven, News Corp Australia) have published their own AI use policies converging on common principles: human editorial responsibility for all published content; disclosure of material AI use; restrictions on AI-generated quotes attributed to real persons; and human review before publication. The News Media Bargaining Code and emerging copyright considerations around AI training data (referencing global cases including New York Times v OpenAI) add further complexity.

Telecommunications-specific AI considerations

Telecommunications carriers and CSPs have additional AI-specific considerations under the Telecommunications Act 1997, the Telecommunications (Consumer Protection and Service Standards) Act 1999, and ACMA codes. AI used in fraud detection on telco networks may process customer call patterns, message metadata, and usage data — requiring compliance with the Telecommunications (Interception and Access) Act 1979 in addition to Privacy Act obligations. AI used in customer service must comply with consumer protection codes including complaint handling obligations. AI used in network operations and security must comply with the Security of Critical Infrastructure Act 2018 (SOCI Act) where the carrier is designated critical infrastructure.

Practical AI governance for telco/media organisations

Build an AI inventory mapped to the multiple regulators that have jurisdiction over your operations. For each AI system, identify which regulators have potential interest and which obligations apply. Build a privacy policy update plan for the ADM transparency obligation effective 10 December 2026 — start documenting the AI systems that will be in scope now. Run DPIAs/PIAs for material AI systems processing personal data; the OAIC expects these for high-risk AI deployments. Update industry code compliance documentation to address AI use. For services likely to be accessed by minors, audit against the Online Safety Act framework and any applicable industry codes. Track legislative developments — the unfair trading practices reforms, Social Media Minimum Age implementation, ACMA broadcasting code updates, and OAIC ADM transparency guidance are all in motion.