Australia
AI behavior law: bot and agent disclosure, crawler and training-data rules, automated-agent transactions, and algorithmic decision-making.
Summary
Australia presents moderate risk driven mainly by privacy law rather than computer crime or copyright. The Criminal Code Act 1995 Part 10.7 'unauthorized access' offence requires that a computer be 'not authorized' to access — publicly accessible sites are effectively authorized. The Copyright Act 1968 has no fair use doctrine (only fair dealing, narrow), no TDM exception, and no sui generis database right (IceTV v. Nine, HCA 2009). The Privacy Act 1988 APPs and the OAIC's Clearview AI determination (2021, upheld by AAT 2023) establish that public-image scraping for facial recognition violates APPs 3 and 6. The Privacy and Other Legislation Amendment Act 2024 introduced a statutory tort for serious privacy invasions.
Automated-access legality
Carried forward from the crawler-law index. Governs whether automated clients may access public websites in this jurisdiction.
| Dimension | Value |
|---|---|
| Authorization test | security mechanism bypass |
| Public-page carve-out | yes |
| Terms-of-service browsewrap enforceable | notice dependent |
| Terms-of-service clickwrap enforceable | yes |
| Copyright exception model | fair dealing narrow |
| Text and data mining — commercial status | unsettled |
| Text and data mining — opt-out mechanism | none |
| robots.txt legal weight | non binding notice |
| AI training-specific law | none |
| Privacy regime | Privacy Act 1988 + APPs |
| Trespass to chattels | not recognized |
Last reviewed: 2026-05-21. Confidence: medium. Not legal advice.