Security at the Margins: AI, Public Sector Governance, and Australia's National Security Gap
- Policy Research Program
- Jun 13
- 35 min read
Authors: George Trigenis, Josianne Belyea, Tara Matheson and Tian Tian Dorge
EXECUTIVE SUMMARY
The global artificial intelligence (AI) ecosystem is increasingly characterised by an unprecedented concentration of technological prowess, with secure AI infrastructure, data protection, and cybersecurity emerging as core pillars that are fundamentally reshaping national security priorities worldwide. In Australia, this shift underscores the importance of embedding national security considerations into public-sector AI deployment to safeguard government systems against emerging threats.
Our research examines how gaps in Australia’s National AI Plan may increase public-sector exposure to national security risks relative to peer jurisdictions, the lessons to be drawn from international approaches, and the policy levers available to mitigate these challenges.
This paper addresses: (1) the evolving nature of technology and security in a national security context; (2) comparative analysis of national AI plans in the United States, Canada, the People’s Republic of China, and the Republic of Korea; (3) AI adoption in the Australian economic and social context, as well as public-sector specific AI threats; and (4) actionable mitigation levers and solutions against public sector AI threats.
The comparative jurisdictional analysis reveals distinct approaches to AI and national security:
The United States of America (US)
The US treats AI as strategic infrastructure and a national-power asset, linking AI leadership directly to economic competitiveness, military advantage, export control, cyber resilience, and global standard-setting. Its model is highly top-down and White House-led, using executive orders, OMB memoranda, federal procurement, infrastructure acceleration, National Institute of Standards and Technology (NIST) testing capacity, and an AI export strategy to advance adoption and security simultaneously.
Canada
Canada has positioned itself as a leading power in the creation of AI policy. Implemented in 2017, the Pan-Canadian AI Strategy was the first national AI strategy to be adopted globally. This, alongside the AI Strategy for the Federal Public Service (2025-2027), its Directive on Automated Decision Making, and Guide on the Use of Generative AI, demonstrates a commitment to human-centred and responsible AI implementation. Canada’s approach thus prioritises tools that mitigate against internal risks of AI use, such as bias and transparency.
The People's Republic of China
China has established AI as a cornerstone of national strategy through two primary directives: the 2017 New Generation AI Development Plan and the 2025 AI+ Action Plan, framing AI as essential to economic resilience, social governance, and global influence. China targets 70% AI penetration across key sectors by 2027, 90% by 2030, and a fully AI-powered economy by 2035, prioritising practical, large-scale deployment across industry, healthcare, defence, and governance over AGI investment. Public sentiment remains broadly optimistic, with 95% expressing confidence in AI's future.
The Republic of Korea
South Korea has established a centralised, innovation-driven AI national strategy through its Framework Act on the Development of Artificial Intelligence and the Establishment of Trust (AI Basic Act) enacted in 2025 and the National AI Action Plan (2026 to 2028). South Korea aims for a top-three global AI status by 2023, with ambitious public-sector adoption objectives, a dual “full-stake” strategy for sovereign AI development, alignment with the US, and significant public-private investment partnerships. Although formal AI legislation excludes defence and national security systems from its scope, South Korea embeds cybersecurity and AI risk oversight via dedicated inter-agency bodies.
Australia
Australia’s National AI Plan is primarily a civilian, productivity, and inclusion strategy: it aims to capture the economic gains from AI, spread benefits across workers and communities, and keep Australians safe through existing legal, regulatory and ethical frameworks. National security is present through digital sovereignty, foreign investment screening, data-centre expectations, critical infrastructure references, and GovAI. However, Australia’s AI Plan does not publicly integrate defence, intelligence, dual-use AI, AUKUS Pillar II, or a ranked map of high-risk public-sector systems. Implementation is practical but soft: it relies on GovAI, Chief AI Officers, training, grants, R&D incentives and voluntary standards, leaving Australia with a weaker enforceability and assurance framework than leading peers. Australia can learn from peer jurisdictions without replicating them directly: from the US, it can take central coordination, procurement discipline, and strategic infrastructure framing; from Canada, mandatory algorithmic impact assessment and public transparency; from China, the importance of technical standards being operational controls rather than abstract ethics language; and from South Korea, dedicated AI legislation and institutional coordination through a national AI committee.
Based on these findings, the paper proposes the following targeted recommendations to enhance Australia’s public sector AI security to align its National AI Plan with national security priorities:
Integrate National Security as a Core Pillar of the National AI Plan
Reorient national security as a central objective, moving beyond its current prioritisation of productivity and inclusion. This includes integrating defence, dual-use AI, and intelligence considerations into public sector governance; classifying high-risk public-sector AI; and centralised coordination to address fragmented deployment and supply chain vulnerabilities.
Integrate Sovereign AI Capability
Leverage Australia's Critical Minerals Strategic Reserve as a strategic tool to acquire reciprocal benefits with allied partners. Scale domestic computing infrastructure and reduce reliance on foreign technology providers to mitigate the risks of data exposure and external dependencies.
Strengthen Accountability, Governance, and Oversight
Mitigate public sector AI risks by enacting targeted AI legislation, enhancing scrutiny of AI-related infrastructure through investment and promoting responsible AI use in the public service through professional training, centralised guidance (e.g., expanding GovAI), and robust incident reporting.
Deepen Collaboration with Techno-Democratic Partners
Strengthen global AI supply chain resilience and security governance by aligning Australia’s AI policies with allied frameworks to address shared vulnerabilities, in addition to expanding joint AI safety and R&D initiatives to shape global AI governance.
1: INTRODUCTION: DEFINING THE CONTEMPORARY TECHNOLOGICAL ENVIRONMENT
The global diffusion of AI and data-driven systems has instigated a paradigm shift in contemporary national security priorities, in which AI ecosystems, sovereign computing infrastructure, data governance, and secure technology supply intersect with the public sector. At the centre of this transformation, the US and China are leading AI superpowers. Collectively, these two nations engage 70% of the world’s top machine learning researchers, control 90% of global computing power, and attract the overwhelming majority of global AI investment - a figure more than double the combined total of all other states.1 This concentration has reshaped geopolitical dynamics and national security, giving rise to the concept of techno-democratic power: a coalition of technologically advanced democratic nations acting in concert to secure reliable access to global supply chains of critical technology, while also championing open, rules-based innovation.2
For middle powers like Australia, the global AI ecosystem presents both opportunities and strategic perils. Alignment with techno-democratic allies offers secure access to cutting-edge technology ecosystems, collaborative innovation, and industrial space. Contrastingly, the failure to expand integrated, system-level, and security-focused national AI plans leaves Australia’s public sector vulnerable to a broad spectrum of AI-enabled threats, supply chain dependency, and cyber exploitation.
National security, as successive Australian Governments have underscored, is the “most important responsibility of government,” which includes the protection of sovereign territory, democratic freedoms, institutions, and the safety of Australians.3 Against this backdrop, the following subsection outlines key definitions before examining comparative jurisdictional approaches and identifying gaps within Australia’s current national AI policy framework.
1.1: KEY DEFINITIONS
Modern technological security can be conceptualised as an interconnected ecosystem comprising multiple mutually reinforcing strategic domains:
Artificial Intelligence (AI) | A diverse range of technologies that include ‘self-learning, adaptive systems.’4 It also refers to a ‘machine or computer system’s ability to perform tasks’ that usually require human intelligence.’5 |
AI Management Systems | A structured set of policies, controls, and processes to help organisations govern how AI systems are designed, developed, deployed and used.6 |
Data Security | The practice of safeguarding digital information from unauthorised access, theft, or corruption throughout its lifecycle, across both digital and physical environments, ensuring secure efficient data use.7 |
Technology | The application of scientific knowledge used for practical purposes encompasses tools, methods, and systems intended to improve efficiency and quality of life.8 |
Quantum technologies | Leverages the unique atomic-scale functions of particles to collect, process, and transmit information, offering innovation potential across sectors like healthcare, industry, and finance to address global challenges. Simultaneously, quantum technologies also pose digital security and privacy risks, such as threats to current cryptographic methods protecting transactions and communications.9 |
2: COMPARATIVE JURISDICTIONAL ANALYSIS
2.1: THE UNITED STATES OF AMERICA (US)
Dimension | US Analysis |
Jurisdictional context | The US does not have a single omnibus AI Act. Its current federal framework is Executive Order 14179, “Removing Barriers to American Leadership in Artificial Intelligence, and Winning the AI Race”. Together, they treat AI leadership as economic and national-security policy, linking compute, energy, federal adoption, exports, and allied standards to US technological dominance.10 |
1. To what extent does the US plan mention national security? | National security is central. Executive Order 14179 states that US AI dominance is meant to promote human flourishing, economic competitiveness and national security, while the Action Plan makes security one of its three pillars through “Leading in International Diplomacy and Security.”11 The export order treats the full US AI stack, including hardware, models, software, cybersecurity, applications, and standards, as a strategic asset to embed with allies and reduce dependence on adversary technology.12 |
2. What are the US national interests toward AI? | The US interests are frontier leadership, standard-setting, domestic compute, energy and semiconductor depth, and export of US-origin AI stacks to partners. OMB Memoranda M-25-21 and M-25-22 make public-sector adoption part of that project by pushing agencies to adopt and procure AI faster while retaining privacy, civil-rights, civil-liberties, and data safeguards.13 Workforce policy remains mainly a talent and skills-supply issue.14 |
3. Implementation policies, incentives, and enforcement | Implementation is White House-led rather than statutory. Executive Order 14179 required an AI Action Plan within 180 days (approx. 6 months); the plan sets more than 90 federal actions; the OMB memoranda create agency adoption and procurement expectations; and NIST’s TRAINS taskforce supports technical testing for national-security risks.15 This gives speed but makes continuity vulnerable to electoral cycles and administrative reversal. |
Lessons for Australia | Australia should replicate the US’s integration, not its deregulation: treat AI and compute as infrastructure; connect data centres, procurement, cyber resilience, standards, export controls, and alliance policy; and build secure procurement and testing for high-impact government AI. The practical lesson is central coordination and sovereign or trusted computing planning for welfare, health, migration, tax, security, and elections. |
2.2: CANADA
Dimension | Canada Analysis |
Jurisdictional context | Initially prioritising innovation and commercialisation, the focus of Canada’s policies has shifted towards regulating safe and responsible AI use.16 An attempt to legislate AI use requirements was introduced through Bill C-27 in 2022.17 Discontinued in 2025, the aim to formally bind government organisations to responsible use guidelines has not yet been achieved, however its existence is indicative of Canada’s ethical priorities.18 Commitment to these ideals is demonstrated by key frameworks such as the Directive on Automated Decision Making, Guide on Use of Generative AI, and AI Strategy for the Federal Public Service 2025-2027.19 Additionally, the Canadian AI Safety Institute is committed to advancing safeguards against AI risks at both a national and international level.20 |
1. To what extent does Canadian national AI policy mention national security? | Canada primarily approaches security through safeguarding against public harm.21 The Directive on Automated Decision Making specifies frequent system testing to screen for bias.22 The Guide on Generative AI Use suggests ongoing review of produced content and privacy impact assessments.23 Based on public feedback, high-risk areas including criminal justice, employment, policy, and social services are excluded from AI input.24 The AI Strategy for Federal Public Service discusses risk management protocols including emergency shutdown systems.25 Canada’s AI Safety Institute aims to align national risk management with global strategies.26 The institute has highlighted the need for sovereign infrastructure and data storage for Canada as a middle power to circumvent reliance on primarily US-based ‘Big Tech’ companies.27 Underdeveloped secure data supply chains are a significant gap in Canada’s security considerations.28 |
2. What are Canada’s national interests towards AI? | Canadian AI policies operate around the core principles of being human-centred, internationally collaborative, and responsibly used.29 Priority areas include centralised implementation, up-to-date policies, increased training, and public engagement.30 Canada concerns itself with achieving this, even at the cost of efficiency. Indicators of this commitment include the training of tools such as CANChat with secured data, as well as IRRCC’s AI policy disqualifying AI from application refusal.31 Sovereignty is also an identified interest through increased training for Canadian citizens and implementing independent centralised bodies. This area lacks policy with direct focus.32 |
3. Implementation policies, incentives, and enforcement | Incentives: The Catalyst Grant program provides financial support for research into risks associated with advanced AI systems.33 Tools: The Algorithmic Impact Assessment Tool is a mandatory requirement for departments to evaluate risks of automated systems before official use.34 CANChat, a generative AI chatbot for public servants, was developed with confidential data input.35 Indigenous Perspectives in AI courses teach how to consider Indigenous worldviews in AI use.36 Overseeing bodies: The Standards Council of Canada ensures practices align with best-use frameworks.37 The Canadian AI Safety Institute advances AI safety through international and domestic risk assessment research.38 |
Lessons for Australia | Australia and Canada have committed to collaborative research into AI safety.39 Canada demonstrates methods to safeguard against internal risks associated with AI use, including public engagement and consideration of Indigenous data sovereignty.40 However, Canada remains heavily dependent on foreign infrastructure for data storage and supply chains. This brings with it a warning to Australia that whilst internal security considerations are important, pure focus on foreign AI infrastructure without concurrent domestic infrastructure development comes at the cost of long-term independence from commercial interests of foreign tech providers.41 |
2.3: THE PEOPLE'S REPUBLIC OF CHINA
Dimension | China Analysis |
Jurisdictional context | China’s AI strategy is anchored in the 2017 New Generation Artificial Intelligence Development Plan (AIDP), which set the ambition for global AI leadership by 2030 and framed AI as central to economic transformation.42 Although not a top-down mandate, it served as a coordination tool for industry actors like Baidu and Alibaba.43 The 2025 Artificial Intelligence+ Action Plan expanded this vision, targeting 70% AI penetration across key sectors by 2027; aiming for a fully AI-enabled economy by 2035.44 Adoption of a standalone comprehensive AI statute has been removed from recent legislative schedules, with the nation instead relying on pre-existing regulatory frameworks and targeted measures.45 Public attitudes remain broadly optimistic, despite concerns about cybersecurity and job displacement.46 China’s centralised governance model supports rapid diffusion of AI as a general-purpose technology aligned with national priorities. |
1. To what extent does the Chinese National AI Plan mention national security? | China’s 2017 AIDP framed AI as essential to national competitiveness and security, calling for accelerated planning, technological dominance, and systematic strategies to manage an increasingly complex security environment. It linked AI to economic upgrading, defence modernisation, and cybersecurity development to develop an “intelligent economy”.47 The 2025 AI+ Action Plan significantly condenses this security language, reducing it to a single objective: “fostering a new pattern of multi-faceted and collaborative security governance.”48 This includes applying AI to safety supervision, disaster prevention, and strengthening national-security capabilities across humans, digital entities, and intelligent robots.49 Despite the streamlined wording, China clearly prioritises AI-enabled cyberspace governance, emphasising accurate information identification and real-time risk assessment as core components of its evolving national-security strategy. |
2. What are China’s national interests toward AI? | China’s national interest in AI, articulated through the abovementioned directives, frames AI as a whole-of-state project linking technological capability to economic resilience, social governance, and global influence. Both documents present AI as a strategic asset for national security, long-term growth, and global rule-setting (via UN co-operation and joint ISO/IEC standards). The AIDP emphasises strategic sovereignty: seizing leadership in global AI competition, building world-class R&D, and driving industrial upgrading, economic transformation, and improved public services – supported by talent development, open-source ecosystems, and ethical governance.50 The AI+ directive shifts from capability-building to large-scale deployment, positioning AI as the engine of economic growth amid demographic and geopolitical pressures: mandating aggressive adoption targets through to 2035.51 Both plans stress people-centred development, ethical governance, and broad distribution of benefits.52 Notably, prioritising wide-scale deployment to secure economic and social stability, and long-term security advantage over immediate AGI development. |
3. Implementation policies, incentives, and enforcement | China implements its national AI strategy through a top-down, multi-layered system in which the central government sets direction, ministries translate strategy into regulation, and local governments compete to deploy AI through subsidised programs.53 The 2017 AIDP created a coordinated governance architecture with annual reviews and ministerial responsibilities.54
Implementation operates on two levels: central directives embed AI into industrial and social planning, while provinces offer compute vouchers, model subsidies, and AI pilot zones (e.g., Beijing, Shanghai and Shenzhen).55 Fiscal incentives underpin the system, including the ¥60 billion National AI Industry Investment Fund, government-guided funds and tax benefits.56 China is also building extensive datasets to support industrial AI adoption and expand compute capacity.57 Regulation is led by the Cyberspace Administration of China (CAC), supported by national technical standards and the 2023 generative-AI measures, overseeing governance and mandatory registration for generative AI services.58 The 2024 TC260 ethics framework enforces technical requirements on data, models, risk management, and accountability, functioning as a quasi-regulatory tool across China’s AI ecosystem.59 China’s implementation system blends state financing, competitive federalism, regulatory compulsion, and industrial incentives into a unified mechanism designed to make AI development and adoption both possible and structurally advantageous. |
Lessons for Australia | Although China’s AI governance model reflects a distinct institutional, political, and strategic model, aspects of its offer system-level insights that may inform Australia’s national approach:
|
2.4: THE REPUBLIC OF KOREA
Dimension | South Korea Analysis |
Jurisdictional context | In January 2025, South Korea enacted the world’s second AI Framework Act, establishing the first comprehensive legal framework governing the safe use of AI. Effective January 2026, the AI Basic Act unifies 19 separate AI bills regarding the responsible development of AI, encompassing everything from safety requirements to research funding.60 This legislation was followed by the National AI Plan 2026 to 2028, which outlined 12 strategic areas, 99 action items, and over 300 policy recommendations, with the primary objective of becoming one of the world’s top 3 AI powers.61 As a techno-democratic state and advanced industrial middle power, South Korea holds a critical position in global technology supply chains. It is confronted with a unique dual challenge: transfiguring its decades-long US security alignment to expand its economic security partnership with high-tech industries, while managing its economic and bilateral relations with China.62 |
1. To what extent does the South Korea National AI Plan mention national security? | Article 4(2) of the AI Basic Act excludes AI developed and used solely for “national defence” and “national security” from its scope.63 Additionally, the AI Basic Act does not include the term “cybersecurity” or address specific measures against cyberattacks and data protection.64 However, South Korea’s AI approach is integrated, ensuring that security considerations are embedded in every stage of the AI lifecycle, even if not explicitly stated in the National Plan’s core text. In May 2025, the National AI Security Consultative Group was established as a new interagency body, complementary to the National AI Committee, to address national security threats posed by the proliferation of AI. As of June 2025, the South Korean government announced a $75 billion investment in sovereign AI development, a new AI policy unit, and the establishment of an AI presidential secretary.65 South Korea attends to dual-use AI risk with the “utmost seriousness”, framing national security and cybersecurity as integral components concerning AI safety.66 |
2. What are South Korea's national interests toward AI? | South Korea’s national interest towards AI is encapsulated in it: “Emerging as one of the top three AI powerhouses to become a Global Pivotal State.” By 2030, the government aims to achieve AI industry adoption rates of 70% and 95% in the public sector. To achieve this, South Korea has adopted a “dual full-stack” strategy: domestic capability-building across all layers of the AI value chain, while aligning with the leading US AI ecosystem. This includes cooperating “across the full stack of AI hardware, models, software, applications, and standards” under its Memorandum of Understanding signed in October 2025 (the US-ROK Technology Prosperity Deal).67 As part of the domestic full-stack approach, the Ministry of Science and ICT established the “Sovereign AI Foundational Model” Project to expand the full-scale development of sovereign AI, including multi-modal and large language models by 2027, with “domestically designed and pre-trained models from scratch.”68 |
3. Implementation policies, incentives, and enforcement | The National AI Strategy: Four National AI Flagship Projects:
The National AI Strategy: Four Policy Directions for the AI Ecosystem:
The National Artificial Intelligence Committee will mobilise public and private sector capabilities and implement the National AI strategy to strengthen the National AI Strategy Policy Director into actionable policy tasks. It will operate through subcommittees comprising high-level private-sector experts and relevant government agencies for each sector, with tailored tasks and strategies. |
Lessons for Australia |
|
2.5: AUSTRALIA
Dimension | Australia Analysis |
Jurisdictional context | Australia has not enacted an omnibus AI Act or AI Bill. The formal frameworks are the Department of Industry, Science and Resources’ National AI Plan and the AI Plan for the Australian Public Service, which position AI as productivity and public-service reform rather than a security-first project.69 National security enters through data centres, foreign investment, critical infrastructure, digital sovereignty, the Protective Security Policy Framework, and secure GovAI/GovAI Chat, not a dedicated public AI-security statute.70 |
1. To what extent does the National AI Plan mention national security? | Security is present but peripheral. The National AI Plan aims to capture opportunity, spread benefits and keep Australians safe, while separating defence, intelligence and law-enforcement AI arrangements from the public plan.71 It therefore does not publicly map dual-use AI, AUKUS Pillar II integration, or which civilian services are security-critical. |
2. What are Australia’s national interests toward AI? | Australia’s interests are productivity, inclusion, trust and becoming a trusted Indo-Pacific AI and data-centre destination. It wants domestic capability, workforce skills, regional and SME inclusion, and foreign investment, but remains dependent on US-linked cloud, chips, and frontier models. The core tension is openness versus control. |
3. Implementation policies, incentives, and enforcement | Implementation is distributed and incentive-led. The APS AI Plan uses Trust, People and Tools: agency Chief AI Officers, mandatory capability uplift, transparent reporting, GovAI/GovAI Chat, central guidance and high-risk review, but no binding economy-wide AI Act.72 The National AI Plan relies on existing law, standards, regulators, procurement, and the planned Australian AI Safety Institute.73 |
3: THE AUSTRALIAN PUBLIC SECTOR AND AI: EMERGING ADOPTION AND SUBSEQUENT VULNERABILITIES
Australia’s public service is at a critical juncture where AI’s efficiency gains are real, but the governance scaffolding to deploy it safely is still being built and adopted across various government agencies.74 To address this issue, the Australian Government published a companion plan to the official National AI Plan; the “AI Plan for the Australian Public Service (APS)” in November 2025.75 Three mutually reinforcing pillars for adoption are identified in the plan:
Trust: Building confidence through transparency, ethical use, and strong governance.
People: Uplifting capability to support responsible use of AI, while remaining conscious of the effect change has on individuals and groups.
Tools: Expanding access to fit-for-purpose AI technologies, with adequate security parameters.
Implementation of the plan over a 12-month period is shared by the Department of Finance (DoF), the Digital Transformation Agency (DTA), and the Australian Public Service Commission (APSC), while individual agencies remain accountable for their own AI adoption.76 Across Australia’s broader AI planning, a recurring theme is the need for strong human and organisational oversight, with high-risk uses requiring heightened controls.77 Public sentiment aligns: most Australians view trustworthy AI principles as essential for confidence in government systems.78 As the Australian Border Force Commissioner Michael Outram noted in 2024, AI will augment – not replace – human judgment, accountability, and responsibility.79
Australia’s plan underscores a complex mix of AI-related uncertainties and risks, including rapid technological advancement and the need to manage privacy, cybersecurity, and sovereignty concerns.80 An inquiry conducted by the Joint Committee of Public Accounts and Audit expanded this picture, identifying risks such as non-transparent decision-making, bias and discrimination, security and privacy vulnerabilities, legal and regulatory exposure, misinformation, manipulation, and unintended consequences.81
The Australian Signals Directorate (ASD) has further categorised AI-related cyber risks into 4 groups: threats from AI (where AI enhances pre-existing threats or enables new threat vectors), threats to AI, accidental or inadvertent threats, and threats via AI (AI models and associated files used as a threat vector).82 The Department of Home Affairs (Home Affairs) suggested that certain use cases require avoiding third-party systems to ensure full oversight of data, code, outputs, and impacts.
Public awareness mirrors these institutional concerns: 77% of Australians view AI-related threats to people and businesses as major or moderate.83 The following analysis examines vulnerabilities in APS AI adoption across the workforce, welfare and social services administration, and taxation.
3.1: WORKFORCE CONCERNS
Australia has positioned the APS as a leader in responsible AI adoption, supported by the 2025 launch of GovAI – a centralised service offering hands-on training, curated guidance, cross-agency collaboration, and a secure sandbox for experimentation.84 Its purpose is to embed AI capability across the APS, echoing China’s emphasis on strengthening its AI talent pipeline.85 Yet, despite these efforts to educate and augment the APS workforce, uninformed or inconsistent AI use continues to disrupt implementation.
Current Generative AI (GenAI) use remains largely confined to administrative tasks, avoiding sensitive client data and public-facing functions.86 Some agencies have introduced internal restrictions on publicly available models to protect data sensitivity, transparency, and accountability87. However, many APS employees first encountered GenAI outside of work in unconstrained personal settings, making the shift to authorised tools like GovAI and formal trials feel like a constraint on their existing skills.88 As a result, even with training and clear directives, some staff continue to use public GenAI tools in ways that may not align with organisational priorities and requirements, creating potential governance and security risks. The following diagrams depict the security difference between publicly available AI models (Figure 1) and closed, private models (Figure 2).
AI adoption in the APS and across Australian industries has not yet resulted in widespread displacement of entry-level or existing roles. Instead, jobs are being reshaped through AI-supported training and capability building.89 This stability is unlikely to persist in the coming years, as adoption matures; future advances may automate certain functions, though not at the scale of the US Department of Government Efficiency’s 9% federal workforce reduction.90 There is broad agreement across jurisdictions that data entry, transcription, record-keeping, communication, and clerical or office-support functions face the greatest exposure to AI-driven automation.91
3.2: WELFARE AND SOCIAL SERVICES ADMINISTRATION
Services Australia’s long history of automation and AI has underscored the importance of stakeholder relationships with customers, staff, and strategic partners, a challenge acknowledged in the Automation and AI Strategy.92 While concerns that AI may deepen the digital divide – particularly for low-income, remote, elderly, and Indigenous communities – contribute to this sentiment, the apparent distrust is shaped heavily by the legacy of Robodebt (2016–2019). Robodebt, formally the Income Compliance Program, used an income-averaging algorithm that compared annual Australian Taxation Office (ATO) data with Centrelink fortnightly payments, generating thousands of invalid debts for already vulnerable groups.93 Although not an AI system, Robodebt was a form of automated decision-making (ADM) and remains a defining example of how automation can fail when deployed without adequate oversight.94
More advanced ADM systems now incorporate machine-learning (AI) models, increasing the risk of opaque, “black-box” outputs that are difficult to interpret or justify without extensive human oversight. This opacity complicates accountability, with legal commentators warning that traditional negligence frameworks may be ill-suited to determining liability when organisations cannot fully explain how AI-assisted decisions were made.95 These risks are compounded by the need for high-quality data: poor or incomplete datasets can entrench bias and discrimination.96 International experience, such as the US Internal Revenue Service, omitting how the information benefited the agency in 25% of its AI use cases, illustrates the consequences of weak data governance.97
Within Services Australia, AI and automation are now used for administrative decision-making, compliance, fraud detection, and service delivery, though some models, particularly those used for Centrelink fraud detection, have arguably not reached a level of maturity suitable for operational deployment.98 These transitional phases heighten vulnerability to exploitation and operational error.
Concurrently, publicly accessible AI tools have dramatically lowered the barrier for malicious activity.99 Deepfakes, face morphs, and AI-generated voice clones can now be produced with minimal skill; in testing, a synthetic voice was used to access a Centrelink self-service account. As APS digital identity systems and ecosystems become increasingly interconnected, a breach in one agency could enable synthetic identity creation, combining stolen personal data with fabricated documents and biometric identifiers.
3.3: TAXATION
The ATO is a prominent example of an agency integrating AI into both service delivery and internal operations. Earlier data indicated 43 ATO-built models in production and eight approved tools, though 74% lacked complete data-ethics assessments; a figure likely improved as capability and governance have matured.100 These systems support tax assessment, compliance and fraud detection, large-scale analysis of unstructured data, and broader service-delivery functions.
While the ATO has advised that the agency has long used AI safely and responsibly, challenges remain around explainability. Some developing models lack documentation on how criteria are weighted or how outputs are derived, while not greatly limiting reproducibility, this limits the agency’s ability to provide clear rationales – an essential requirement for human oversight and for individuals seeking review of decisions.101 Without adequate transparency, those flagged by AI systems may have little meaningful insight into why and experience great difficulty when attempting to exercise a right of review.
ATO leadership has consequently emphasised the irreplaceable role of human judgement and empathy, guarding against “data hubris” in which efficiency gains and overconfidence in systems lead to erroneous outcomes. Similar to approaches adopted in Canada and South Korea, the ATO requires a human-in-the-loop to make any high-impact decision, ensuring that AI cannot determine personal tax outcomes or make decisions that may adversely affect taxpayer rights.102
Parallel to welfare-related credential fabrication, the widespread availability of AI has enabled more sophisticated tax-fraud schemes. Off-the-shelf models can now advise on low-detection pathways, document manipulation, and jurisdictional strategies.103 Simultaneously, the ATO has deployed AI-driven detection models that analyse complex datasets to identify high-risk non-compliance more rapidly.104
These capabilities rely on the ATO’s Advanced Analytics Platform Cloud (AAP Cloud), which provides secure environments for developing machine-learning models, and on ‘Centrl’, its centralised case-management system integrating data across operations. Given the sensitivity and centralisation of ATO data, robust cyber-security and anti-exfiltration safeguards remain foundational as AI-enabled cybercrime becomes increasingly adaptive.105
4: LEVERS AUSTRALIA HOLDS TO MITIGATE PUBLIC-SECTOR AI SECURITY RISKS
Australia continues to approach AI security through a series of parallel policy streams. Although AI adoption, critical minerals, data centres, cyber, trade, procurement and foreign investment are advancing, they have yet to be integrated into a coherent national security strategy.106
4.1: TRADE AND ALLIANCE LEVERAGE: AUSTRALIA IS APPROACHING STRATEGIC RESOURCES AS EXPORT INCOME, NOT BARGAINING POWER
Australia’s first major lever is upstream resource leverage.107 The Critical Minerals Strategic Reserve was created to maximise the strategic value of Australia’s critical minerals for the economy and national security and is backed by A$1 billion from the expanded A$5 billion Critical Minerals Facility, plus selective stockpiling funding. Its initial priority minerals include antimony, gallium and selected rare earths, all of which are important inputs into semiconductors, magnets, defence systems and other AI-adjacent technologies. That means Australia is not just a peripheral supplier to the AI race; it already controls part of the material base on which advanced computing and military-relevant digital systems depend.108
The gap lies in Australia’s continued use of this position predominately to secure export relationships, rather than to leverage downstream strategic outcomes. This is despite an established alliance architecture: Five Eyes, AUKUS adjacency, Pax Silica, and critical-minerals partnerships with the US, Canada, South Korea, and Japan – which provide a platform to link access to Australian inputs with stronger public-interest returns.109
One practical example would be to leverage Australian gallium, antimony or rare earths to secure downstream strategic benefits, such as guaranteed compute access during shortages, sovereign or ring-fenced government cloud hosted in Australia, co-investment in onshore refining, and stronger protections over sensitive public-sector data.110 This is an economically plausible option as Australia stands as the second-most-attractive destination for data-centre investment globally after the US, hosts more than 250 data centres, and is projected to see data centres rise from 2% to 6% of national grid-supplied electricity by 2030.111 Estimates indicate that generative-AI adoption and infrastructure could add up to A$115 billion to Australia’s economy each year by 2030.112 Australia, therefore, does not need to outspend the US or China to shape outcomes; it can shape who gets control of strategic assets onshore.113
4.2: OWNERSHIP AND CONTROL: AUSTRALIA CAN SHAPE WHO CONTROLS STRATEGIC AI INFRASTRUCTURE ONSHORE
Australia’s second major lever is control over ownership and operational influence in strategic assets.114 The Foreign Investment Review Board (FIRB) administers Australia’s foreign investment review framework, under which the Treasurer assesses proposals case by case against the national interest and national security. The Treasury's position is that foreign investment remains critical to production, employment and income, however, acknowledges that heightened geopolitical competition necessitates greater scrutiny of critical and sensitive sectors.115 This is significant given that foreign investment in Australia totalled almost A$5.0 trillion at the end of 2024, including A$1.28 trillion foreign direct investment and A$53.9 billion in the information and communication sector.116
The new AI-era extends discussions to not merely ports, grids or farmland, but also data centres, model-hosting capacity, and sensitive digital infrastructure.117 The clearest example is AirTrunk: in 2024, Blackstone and CPP Investments agreed to acquire AirTrunk at an implied enterprise value of more than A$24 billion, with CPP taking a 12% stake.118 At the time, AirTrunk had more than 800MW of committed capacity and land supporting more than 1GW of future growth.119 Australia may need foreign capital to keep building, but that does not mean it should accept unconstrained foreign control over governance, remote administration, continuity arrangements or priority access where the infrastructure may become essential to government and critical services.
The lever here is not to reject foreign investment. It is to use FIRB, together with the Security of Critical Infrastructure framework and tailored conditions, more strategically.120 Australia has already shown it is willing to act where critical minerals and national security intersect: in 2024, the Treasurer ordered foreign investors to dispose of shares in Northern Minerals due to national security concerns, and in 2026, the Federal Court imposed A$14 million in penalties after breaches of those orders.121 The same logic can be adapted to AI-linked infrastructure through sovereign enclaves for public workloads, remote-access restrictions, local governance conditions, continuity undertakings, and stronger audit rights over systems used in welfare, migration, tax, health, and policing contexts.122
4.3: DETERMINING WHERE SOVEREIGNTY AI CAPABILITIES ARE MOST CRITICAL
Australia’s third lever is prioritisation. The National AI Plan is broad and politically serviceable: it aims to capture opportunities, spread benefits and keep Australians safe. The potential issue that arises is that this language remains high-level where national security considerations become operational. It does not identify which public-sector domains carry the greatest sovereign risk, nor where the Commonwealth will insist on stricter hosting, testing, auditability or fallback arrangements.123
The comparator set shows why this matters. Canada’s Directive on Automated Decision-Making is much more explicit about where state attention should sit: it applies to administrative systems that fully or partially automate decisions affecting a person’s legal rights, privileges or interests, and it is backed by the Algorithmic Impact Assessment tool.124 South Korea’s AI Basic Act embeds a more detailed governance architecture, requiring an AI master plan, a national AI committee, and dedicated trust and safety mechanisms.125 China offers the clearest contrast on application specificity as its AI strategy has long been tied to named deployment areas such as urban governance, healthcare, transport, and city management.126
For Australia, the practical implication is that sovereignty should be sequenced, rather than universalised.127 The most defensible first-order priorities are welfare and social-security systems, migration and border systems, tax and compliance systems, health triage and records tools, policing analytics, and electoral administration. These are the domains where opacity, vendor dependency or external disruption would do the most direct public harm. A targeted sequencing model would allow Australia to enforce stronger standards in those areas first: mandatory sovereign or trusted-allied hosting, stricter procurement and assurance, red-teaming, incident reporting, human review rights and clearer recourse for affected citizens.128
5: REFERENCES
1. Henry A. Kissinger, Eric Schmidt, and Craig Mundie, “The AI Divide,” Foreign Affairs, April 18, 2026, https://www.foreignaffairs.com/united-states/ai-divide.
2. Valérie Niquet, “South Korea as a Techno-Democratic Power: Strategic Positioning and Cooperation with the European Union,” Fondation pour la Recherche Stratégique, 2025, https://www.frstrategie.org/en/programs/korea-security-and-diplomacy-program/south-korea-techno-democratic-power-strategic-positioning-and-cooperation-european-union-2025.
3. United Nations Global Issues – Artificial Intelligence, “Artificial Intelligence (AI),” accessed May 18, 2026, https://www.un.org/en/global-issues/artificial-intelligence.
4. United Nations Global Issues – Artificial Intelligence, “Artificial Intelligence (AI),” accessed May 18, 2026, https://www.un.org/en/global-issues/artificial-intelligence.
5. International Organization for Standardization (ISO), “Artificial Intelligence: What It Is, How It Works and Why It Matters,” accessed May 18, 2026, https://www.iso.org/artificial-intelligence.
6. International Organization for Standardization (ISO), “ISO 42001 Explained: What It Is and How It Can Help Your Organization,” accessed May 18, 2026, https://www.iso.org/home/insights-news/resources/iso-42001-explained-what-it-is.html.
7. IBM, “What Is Data Security?,” IBM Think Topics, accessed May 18, 2026, https://www.ibm.com/think/topics/data-security.
8. United Nations Educational, Scientific and Cultural Organization (UNESCO), “Technology,” accessed May 18, 2026, https://www.unesco.org/en/tags/technology.
9. Organisation for Economic Co-operation and Development (OECD), “Quantum Technologies,” accessed May 18, 2026, https://www.oecd.org/en/topics/sub-issues/quantum-technologies.html.
10. The White House, “Removing Barriers to American Leadership in Artificial Intelligence,” presidential action, January 23, 2025, https://www.whitehouse.gov/presidential-actions/2025/01/removing-barriers-to-american-leadership-in-artificial-intelligence/.; The White House, Winning the AI Race: America’s AI Action Plan (Washington, DC: The White House, July 2025), https://www.whitehouse.gov/wp-content/uploads/2025/07/Americas-AI-Action-Plan.pdf.
11. The White House, Winning the AI Race: America’s AI Action Plan (Washington, DC: The White House, July 2025), https://www.whitehouse.gov/wp-content/uploads/2025/07/Americas-AI-Action-Plan.pdf.
12. The White House, “Promoting the Export of the American AI Technology Stack,” executive order, July 23, 2025, https://www.whitehouse.gov/presidential-actions/2025/07/promoting-the-export-of-the-american-ai-technology-stack/.
13. Executive Office of the President, Memorandum M-25-21, Accelerating Federal Use of AI through Innovation, Governance, and Public Trust, and Memorandum M-25-22, Driving Efficient Acquisition of Artificial Intelligence in Government (Washington, DC: Office of Management and Budget, 2025).
14. U.S. Department of Labor, “US Department of Labor, National Science Foundation Announce Collaborative Efforts on AI Workforce, TechAccess Initiative,” April 2, 2026, https://www.dol.gov/newsroom/releases/osec/osec20260402.
15. National Institute of Standards and Technology, “U.S. AI Safety Institute Establishes New U.S. Government Taskforce to Collaborate on Research and Testing of AI Models to Manage National Security Capabilities & Risks,” November 20, 2024, https://www.nist.gov/news-events/news/2024/11/us-ai-safety-institute-establishes-new-us-government-taskforce-collaborate.
16. Stephanie Cairns and Uzma Chaudhry, AI Governance Around the World: Canada, Country Profile (London: The Alan Turing Institute, 2025), 13, https://doi.org/10.5281/zenodo.16779348.
17. Department of Justice Canada, "Charter Statement - Bill C-27: An Act to enact the Consumer Privacy Protection Act, the Personal Information and Data Protection Tribunal Act and the Artificial Intelligence and Data Act and to make consequential and related amendments to other Acts," last modified June 16, 2022, https://www.justice.gc.ca/eng/csj-sjc/pl/charter-charte/c27_1.html.
18. Cairns and Chaudhry, AI Governance Around the World: Canada, 5.
19. Government of Canada, "AI Strategy for the Federal Public Service 2025–2027: Overview," last modified February 25, 2026, https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/responsible-use-ai/gc-ai-strategy-overview.html.; Treasury Board of Canada Secretariat, "Directive on Automated Decision-Making," last modified April 1, 2024, https://www.tbs-sct.canada.ca/pol/doc-eng.aspx?id=32592.; Government of Canada, "Guide on the Use of Generative Artificial Intelligence," last modified September 6, 2023, https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/responsible-use-ai/guide-use-generative-ai.html.
20. Innovation, Science and Economic Development Canada (ISED), "Canadian Artificial Intelligence Safety Institute," last modified April 17, 2024, https://ised-isde.canada.ca/site/ised/en/canadian-artificial-intelligence-safety-institute.
21. Government of Canada, "AI Strategy Overview."
22. Treasury Board Secretariat, "Directive on Automated Decision-Making."
23. Government of Canada, "Guide on Generative AI."
24. Innovation, Science and Economic Development Canada (ISED), "What We Heard Report: Consultations on Artificial Intelligence (AI) Compute," last modified March 15, 2024, https://ised-isde.canada.ca/site/ised/en/what-we-heard-report-consultations-ai-compute.
25. Government of Canada, "AI Strategy Overview."
26. Cairns and Chaudhry, AI Governance Around the World: Canada, 10.
27. ISED, "Canadian AI Safety Institute."
28. Parisa Mahboubi, The Missing Pillar of Canada’s AI Strategy: Data Supply Chains, Commentary no. 706 (Toronto: C.D. Howe Institute, 2026), 4, https://cdhowe.org/publication/the-missing-pillar-of-canadas-ai-strategy-data-supply-chains/.
29. Government of Canada, "AI Strategy Overview."
30. Government of Canada, "AI Strategy Overview."
31. Shared Services Canada, "CanChat: SSC's First Internal Generative AI Chatbot," last modified January 11, 2024, https://www.canada.ca/en/shared-services/campaigns/stories/canchat-ssc-first-generative-ai-chatbot.html.; Immigration, Refugees and Citizenship Canada, "Artificial Intelligence Strategy 2023-2026," last modified November 1, 2023, https://www.canada.ca/en/immigration-refugees-citizenship/corporate/transparency/artificial-intelligence-strategy.html.
32. OECD AI, "Pan-Canadian Artificial Intelligence Strategy," Policy Observatory, accessed May 15, 2026, https://oecd.ai/en/dashboards/policy-initiatives/pan-canadian-ai-strategy-8028.
33. CIFAR, "CIFAR Announces First AI Safety Catalyst Grants Under New National Program," June 4, 2025, https://cifar.ca/cifarnews/2025/06/04/cifar-announces-first-ai-safety-catalyst-grants-under-new-national-program/.
34. Government of Canada, "Algorithmic Impact Assessment Tool," last modified April 1, 2024, https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/responsible-use-ai/algorithmic-impact-assessment.html.
35. Shared Services Canada, "CanChat."
36. "Responsible AI Learning Modules," Thinkific, accessed May 15, 2026, https://learning-s-site-12cb.thinkific.com/collections/products?page=1.
37. Cairns and Chaudhry, AI Governance Around the World: Canada, 15.
38. ISED, "Canadian AI Safety Institute."; Cairns and Chaudhry, AI Governance Around the World: Canada, 10.
39. Department of Industry, Science and Resources (Australia), "Australia and Canada Agree to Strengthen Cooperation on AI Safety," last modified February 12, 2025, https://www.industry.gov.au/news/australia-and-canada-agree-strengthen-cooperation-ai-safety.
40. ISED, "Consultations on AI Compute."
41. Stuart Trew, "Will Canada Govern AI for the Public Good?" Canadian Centre for Policy Alternatives, October 24, 2023, https://www.policyalternatives.ca/news-research/will-canada-govern-ai-for-the-public-good/.; Sunil Johal, "Canada’s AI Strategy Must Address the Risks of Innovation," Policy Options, November 15, 2025, https://policyoptions.irpp.org/2025/11/ai-risks-canada-strategy/.
42. State Council, New Generation Artificial Intelligence Development Plan (China: State Council, 2017) https://www.gov.cn/zhengce/content/2017-07/20/content_5211996.htm, https://digichina.stanford.edu/work/full-translation-chinas-new-generation-artificial-intelligence-development-plan-2017/ (Translation).
43. Huw Roberts et al., “The Chinese approach to artificial intelligence: an analysis of policy, ethics, and regulation,” AI & Society 56, (2021): 61, https://doi.org/10.1007/s00146-020-00992-2.
44. State Council, Artificial Intelligence+ (China: State Council, 2025) https://www.gov.cn/zhengce/content/202508/content_7037861.htm
45. Standing Committee of the National People’s Congress, Key Work Points of the Standing Committee of the National People's Congress for 2025, and its Legislative Work Plan, Oversight Work Plan, and Deputies' Work Plan, (Beijing: National People’s Congress, 2025), http://www.npc.gov.cn/npc/c2/kgfb/202505/t20250514_445285.html.
46. N Gillespie et al., “Trust in artificial intelligence” KPMG, July 2023. https://ai.uq.edu.au/files/6646/UQ%20KPMG%20trust-in-ai-country-insights.pdf.
47. State Council, New Generation Artificial Intelligence Development Plan (China: State Council, 2017).
48. State Council, Artificial Intelligence+ (China: State Council, 2025).
49. State Council, Artificial Intelligence+ (China: State Council, 2025).
50. State Council, New Generation Artificial Intelligence Development Plan (China: State Council, 2017).
51. State Council, Artificial Intelligence+ (China: State Council, 2025).
52. Chinese Ministry of Foreign Affairs, Global AI Governance Action Plan, (Shanghai: Permanent Mission of the People's Republic of China to the UN, 2025), https://un.china-mission.gov.cn/eng/zgyw/202507/t20250729_11679232.htm.
53. Huw Roberts et al., “The Chinese approach to artificial intelligence: an analysis of policy, ethics, and regulation,” AI & Society 56, (2021): 62.
54. State Council, New Generation Artificial Intelligence Development Plan (China: State Council, 2017); Standing Committee of the 15th Shanghai Municipal People's Congress, Promoting the Development of the Artificial Intelligence Sector (Shanghai Municipality, 2022) https://english.shanghai.gov.cn/en-LocalRules/20240913/4395d1563dd548b39406cbe8833c9ef6.html.
55. Shannon Vaughn, “From Vouchers to Visas: China’s Innovative Plan for AI Dominance”, Foreign Policy Research Institute, 10 September 2025; Ministry of Science and Technology of the People's Republic of China, "China Creates National New Generation Artificial Intelligence Innovation and Development Pilot Zones," trans. by Ben Murphy, Centre for Security and Emerging Technology, March 11, 2020, https://cset.georgetown.edu/publication/china-creates-national-new-generation-artificial-intelligence-innovation-and-development-pilot-zones/.
56. Kyle Chan et al., “China's Evolving Industrial Policy for AI”, RAND, 26 June 2025, https://www.rand.org/pubs/perspectives/PEA4012-1.html; Junwei Lu et al., “Government-guided funds and the rise of corporate AI: Evidence from China,” Pacifc-Basin Finance Journal 95, (2026) https://www.sciencedirect.com/science/article/pii/S0927538X25003415.
57. The State Council, “China unveils action plan for computing power infrastructure development,” The People’s Republic of China, published 9 October 2023, https://english.www.gov.cn/news/202310/09/content_WS6523e392c6d0868f4e8e00f8.html.
58. Helen Toner et al., “How will China’s Generative AI Regulations Shape the Future?” DigiChina (Stanford University), 19 April 2023, https://digichina.stanford.edu/work/how-will-chinas-generative-ai-regulations-shape-the-future-a-digichina-forum/.
59. TC260, AI Safety Governance Framework 2024, (China: TC260 Committee, 2024), file:///C:/Users/taram/Downloads/upload_2024-09-09_1725849192841090989%20(3).pdf, https://www.chinalawvision.com/2025/01/digital-economy-ai/ai-ethics-overview-china/.
60. Basic Act on the Development of Artificial Intelligence and the Establishment of a Foundation for Trustworthiness (South Korea, Act No 20577, 21 January 2025).
61. South Korea, National AI Action Plan 2026–2028 (National Artificial Intelligence Strategy Committee, 25 February 2026).
62. Valérie Niquet, “South Korea as a Techno-Democratic Power: Strategic Positioning and Cooperation with the European Union,” accessed May 18, 2026, https://www.frstrategie.org/en/programs/korea-security-and-diplomacy-program/south-korea-techno-democratic-power-strategic-positioning-and-cooperation-european-union-2025; Carnegie Endowment for International Peace, “Governing AI in the Shadow of Giants: Korea’s Strategic Response to Great-Power AI Competition,” accessed May 18, 2026, https://carnegieendowment.org/research/2026/04/governing-ai-in-the-shadow-of-giants-koreas-strategic-response-to-great-power-ai-competition.
63. Basic Act on the Development of Artificial Intelligence and the Establishment of a Foundation for Trustworthiness (South Korea) art 4(2).
64. Centre for Strategic and International Studies (CSIS), “AI Security Strategy and South Korea’s Challenges,” Centre for Strategic and International Studies, June 20, 2025, https://www.csis.org/analysis/ai-security-strategy-and-south-koreas-challenges.
65. Lee Garam, “‘I Will Pour 100 Trillion Won to Create an AI Powerhouse’: Looking at the AI Roadmap in the Era of Lee Jae-myung,” Maeil Business Newspaper, June 4, 2025, https://www.mk.co.kr/news/business/11334520; Chatham House, Sovereign AI Strategies (London: Chatham House, 2026), https://www.chathamhouse.org/sites/default/files/2026-02/2026-02-13-sovereign-ai-strategies-sandoval-et-al.pdf.
66. The National Bureau of Asian Research (NBR), “South Korea’s Approach to AI Governance: Mitigating Risks and Ensuring AI Safety,” accessed May 18, 2026, https://www.nbr.org/publication/south-koreas-approach-to-ai-governance-mitigating-risks-and-ensuring-ai-safety/.
67. The White House, “U.S.-Korea Technology Prosperity Deal,” The White House, October 2025, https://www.whitehouse.gov/releases/2025/10/u-s-korea-technology-prosperity-deal/.
68. Ministry of Science and ICT (Republic of Korea), “MSIT Selects Five Elite Teams for the ‘Sovereign AI Foundation Model’ Project,” accessed May 18, 2026, https://www.msit.go.kr/eng/bbs/view.do?bbsSeqNo=42&mId=4&nttSeqNo=1152&sCode=eng.
69. Australian Government Department of Industry, Science and Resources, National AI Plan (Canberra: Australian Government, 2025), https://www.industry.gov.au/publications/national-ai-plan; Australian Government Department of Finance, AI Plan for the Australian Public Service (Canberra: Australian Government, 2025), https://www.digital.gov.au/policy/ai/australian-public-service-ai-plan-2025.
70. Australian Government Department of Home Affairs, Protecting Australia’s Critical Infrastructure and National Security (Canberra: Australian Government, 2023); Treasury, “Foreign Investment,” 2024, https://treasury.gov.au/foreign-investment.
71. Australian Government Department of Industry, Science and Resources, National AI Plan (Canberra: Australian Government, 2025), https://www.industry.gov.au/publications/national-ai-plan.
72. Australian Government Department of Finance, “Introducing the APS AI Plan,” November 12, 2025, https://www.finance.gov.au/about-us/news/2025/introducing-aps-ai-plan.
73. Australian Government Department of Industry, Science and Resources, National AI Plan (Canberra: Australian Government, 2025), https://www.industry.gov.au/publications/national-ai-plan; Australian Government Department of Finance, AI Plan for the Australian Public Service (Canberra: Australian Government, 2025), https://www.digital.gov.au/policy/ai/australian-public-service-ai-plan-2025.
74. Australian Government Department of Industry, Science and Resources, National AI Plan (Australian Government, 2025), 26, https://www.industry.gov.au/sites/default/files/2025-12/national-ai-plan.pdf.
75. Department of Finance (DoF), AI Plan for the Australian Public Service (APS) (Australia: Government of Australia, November 2025), https://www.digital.gov.au/sites/default/files/documents/2025-11/APS%20AI%20Plan%202025.pdf.
76. DoF, AI Plan for the APS, 12.
77. This has been a common view for other jurisdictions, including Canada, the USA, and South Korea; Select Committee on Adopting Artificial Intelligence, Department of Home Affairs submission to the Inquiry into Adopting Artificial Intelligence (Australia: Department of Home Affairs, May 2024), 9, file:///C:/Users/taram/Downloads/55.%20Department%20of%20Home%20Affairs.pdf; AI Basic Act (The Republic of Korea (South Korea)) 2025, art 31-33, https://aibasicact.kr/explorer/#chapter-4-no-section-article-31.
78. N Gillespie et al., “Trust in artificial intelligence” KPMG, July 2023, 4.
79. Michael Outram, “How the Australian Border Force can exploit AI,” Australian Strategic Policy Institute, 5 April 2024, https://www.aspistrategist.org.au/how-the-australian-border-force-can-exploit-ai/.
80. DoF, AI Plan for the APS, 11.
81. Joint Committee of Public Accounts and Audit, ‘Inquiry into the use and governance of artificial intelligence systems by public sector entities: 'Proceed with Caution', 501, (Australia: Parliament of Australia, 2025), 2.23, https://www.aph.gov.au/Parliamentary_Business/Committees/Joint/Public_Accounts_and_Audit/PublicsectoruseofAI/Report/Chapter_2_-_Artificial_intelligence_in_the_public_sector.
82. Joint Committee of Public Accounts and Audit, ‘Inquiry into the use and governance of artificial intelligence systems by public sector entities’, 2.37.
83. Professor Rory Medcalf, Tim Wilford, No worries? Australian attitudes to national security, risk and resilience, (Australia: ANU College of Law, Governance and Policy, 2026), https://nsc.anu.edu.au/research/no-worries-australian-attitudes-national-security-risk-and-resilience.
84. Australian Public Service Commission (APSC), ‘State of the Service Report 2024-25: Ways of working with AI in the APS’, (Australia: APSC, 26 November 2025), https://www.apsc.gov.au/initiatives-and-programs/workforce-information/research-analysis-and-publications/state-service/state-service-report-2024-25/ways-working-ai-aps/govai-supporting-safe-and-scalable-ai-use-across-aps.
85. State Council, Artificial Intelligence+.
86. Helen Dickinson et al., “GenAI opportunities and risks for the Australian public service,” UNSW Sydney, 18 June 2025, https://www.businessthink.unsw.edu.au/articles/genai-public-service-policy-risks-trust.
87. CPA Australia, AI Governance in the Public Sector: Key Insights from CPA Australia’s Webinar with Public Sector Experts, (Victoria: CPA Australia, 2025), 7, https://apo.org.au/sites/default/files/resource-files/2025-07/apo-nid331540.pdf.
88. Jade Hart et al., Research Snapshot The future of Generative AI in policy work, (Canberra: ANU), 14, https://www.unsw.edu.au/content/dam/pdfs/unsw-canberra/research/research-excellence/2025-06-the-future-of-generative-ai-in-policy-work.pdf.
89. Jobs and Skills Australia, ‘Our GenAI Transition: Implications for Work and Skills’, (Australia: Australian Government, 30 September 2025), file:///C:/Users/taram/Downloads/our_gen_ai_transition_-_final_release.pdf.
90. Nina Garcia, “AI in Government: Jobs at Risk, New Roles, and What Comes Next,” Scholaro, 15 April 2026, https://www.scholaro.com/db/News/ai-in-government-jobs-and-future-346.
91. Dobbs, G. Li et al., ‘Our GenAI Transition: Implications for Work and Skills’; Future Skills Centre, ‘Adoption Ready? The AI Exposure of Jobs and Skills in Canada’s Public Sector Workforce’, (Toronto: Future Skills Centre/ Centre des Competences futures, 2025), https://fsc-ccf.ca/wp-content/uploads/2026/03/adoption-ready-the-ai-exposure-of-jobs-and-skills-in-canadas-public-sector-workforce.pdf.
92. Services Australia, Automation and Artificial Intelligence Strategy 2025-27, (Australia: Services Australia, 2025), 9, https://www.servicesaustralia.gov.au/sites/default/files/2025-05/automation-and-ai-strategy-2025-27.pdf.
93. Toby Murray et al., “The flawed algorithm at the heart of Robodebt,” The University of Melbourne, 10 July 2023, https://pursuit.unimelb.edu.au/articles/the-flawed-algorithm-at-the-heart-of-robodebt.
94. Joint Committee of Public Accounts and Audit, ‘Inquiry into the use and governance of artificial intelligence systems by public sector entities’, 2.40, 2.43-2.45.
95. Katherine Gregor et al., “Automated Decision Making, ” Herbert Smith Freehills Kramer, December 2025, https://www.hsfkramer.com/insights/2025-11/automated-decision-making; Jake Evans, “Artificial intelligence to be managed through existing laws under National AI Plan, ” Australian Broadcasting Service, December 2025, https://www.abc.net.au/news/2025-12-02/national-artificial-intelligence-plan-growth-existing-laws/106086474.
96. Commonwealth Ombudsman, ‘Better Practice Guide: Automated Decision Making’, (Australia: Commonwealth Ombudsman, 2025), 25-26, https://www.ombudsman.gov.au/__data/assets/pdf_file/0025/317437/Automated-Decision-Making-Better-Practice-Guide-March-2025.pdf.
97. U.S. Government Accountability Office (GAO), Artificial Intelligence: IRS Actions Needed to Address Skills Gaps, Information Quality, and Strategic Management, 26, (USA: GAO, March 2026), https://www.gao.gov/products/gao-26-107522.
98. Services Australia, “Automation and Artificial Intelligence Transparency Statement, ” Services Australia, 10 October 2025, https://www.servicesaustralia.gov.au/automation-and-artificial-intelligence-transparency-statement?context=22#a2; DTA, “Classification system for AI use,” DTA, 1 December 2025, https://www.digital.gov.au/policy/ai/resources/use-classification.
99. Salim Awudu et al., Quarterly Report: Generative AI and the Rise of Credential Fraud in Digital Public Infrastructure (London: The Alan Turing Institute, November 2025), 16, https://www.turing.ac.uk/sites/default/files/2025-11/generative_ai_and_the_rise_of_credential_fraud_in_digital_public_infrastructure_v0.7.pdf; Nick Evershed, Josh Taylor, “AI can fool voice recognition used to verify identity by Centrelink and Australian tax office”, The Guardian, March 2023, https://www.theguardian.com/technology/2023/mar/16/voice-system-used-to-verify-identity-by-centrelink-can-be-fooled-by-ai.
100. Australian National Audit Office (ANAO), Governance of Artificial Intelligence at the Australian Taxation Office, 26 (Canberra: ANAO, 2025), 6, https://www.anao.gov.au/sites/default/files/2025-02/Auditor-General_Report_2024-25_26.pdf.
101. ANAO, Governance of Artificial Intelligence at the Australian Taxation Office, 57.
102. ATO, “ATO AI transparency statement, ” ATO, 27 February 2026, https://www.ato.gov.au/about-ato/commitments-and-reporting/information-and-privacy/ato-ai-transparency-statement#ato-ExamplesofhowweuseAI; AI Basic Act (The Republic of Korea (South Korea)) 2025, art 31-33; Cathy Hawara and Canada Revenue Agency (CRA), “Exploring the Impact of Emerging Technologies on Tax Administrations: A Compliance Perspective,” Perspectives on Tax Law & Policy 5, no. 2 (June 2024), https://www.ctf.ca/EN/EN/Newsletters/Perspectives/2024/2/240204.aspx.
103. Evgeny Guglyuvatyy, “Balancing innovation and integrity: AI in tax administration and taxpayer rights,” Humanities and Social Sciences Communications 12, (November 2025), https://www.nature.com/articles/s41599-025-06099-7#citeas.
104. OECD, Governing with Artificial Intelligence: The State of Play and Way Forward in Core Government Functions, (Paris: OECD Publishing, 2025), 169, https://www.oecd.org/en/publications/governing-with-artificial-intelligence_795de142-en/full-report/ai-in-tax-administration_30724e43.html.
105. OECD, Tax Administration 2025: Comparative Information on OECD and other Advanced and Emerging Economies, (Paris: OECD Publishing, 2025), 85, https://www.oecd.org/content/dam/oecd/en/publications/reports/2025/11/tax-administration-2025_6360fad8/cc015ce8-en.pdf.
106. Australian Government Department of Industry, Science and Resources, “Critical Minerals Strategic Reserve,” accessed May 11, 2026, https://www.industry.gov.au/mining-oil-and-gas/minerals/critical-minerals/critical-minerals-strategic-reserve.
107. Australian Government Department of Industry, Science and Resources, “Critical Minerals Strategic Reserve,” accessed May 11, 2026, https://www.industry.gov.au/mining-oil-and-gas/minerals/critical-minerals/critical-minerals-strategic-reserve.
108. Australian Government Department of Industry, Science and Resources, “Critical Minerals Strategic Reserve”; Madeleine King, Jim Chalmers and Don Farrell, “Delivering Australia’s Critical Minerals Supply,” media release, January 12, 2026, https://www.minister.industry.gov.au/ministers/king/media-releases/delivering-australias-critical-minerals-supply.
109. Australian Government Department of Industry, Science and Resources, “Critical Minerals Strategic Reserve”; Brownstein Hyatt Farber Schreck, “US Establishes the Pax Silica Initiative,” December 16, 2025, https://www.bhfs.com/insight/united-states-establishes-the-pax-silica-initiative/.
110. Australian Government Department of Industry, Science and Resources, “Critical Minerals Strategic Reserve”; Brownstein Hyatt Farber Schreck, “US Establishes the Pax Silica Initiative,” December 16, 2025, https://www.bhfs.com/insight/united-states-establishes-the-pax-silica-initiative/.
111. Johanna Lim, “By the Numbers: Can Australia’s Grid Keep Pace with the Data Centre Boom?,” US Studies Centre, April 8, 2026, https://www.ussc.edu.au/by-the-numbers-can-australia-s-grid-keep-pace-with-the-data-centre-boom.
112. Tech Council of Australia, “Generative AI Could Contribute $115 Billion Annually to Australia’s Economy by 2030,” July 19, 2023, https://techcouncil.com.au/newsroom/generative-ai-could-contribute-115-billion-annually-to-australias-economy-by-2030/.
113. Johanna Lim, “By the Numbers: Can Australia’s Grid Keep Pace with the Data Centre Boom?,” US Studies Centre, April 8, 2026, https://www.ussc.edu.au/by-the-numbers-can-australia-s-grid-keep-pace-with-the-data-centre-boom.
114. Treasury, “Foreign Investment,” 2024, https://treasury.gov.au/foreign-investment; Australian Government Department of Home Affairs, Protecting Australia’s Critical Infrastructure and National Security (Canberra: Australian Government, 2023).
115. Australian Government Department of Industry, Science and Resources, National AI Plan (Canberra: Australian Government, 2025), https://www.industry.gov.au/publications/national-ai-plan; Australian Government Department of Finance, AI Plan for the Australian Public Service (Canberra: Australian Government, 2025), https://www.digital.gov.au/policy/ai/australian-public-service-ai-plan-2025.
116. Australian Government Department of Foreign Affairs and Trade, “Statistics on Who Invests in Australia,” 2025, https://www.dfat.gov.au/trade/trade-and-investment-data-information-and-publications/foreign-investment-statistics/statistics-on-who-invests-in-australia.
117. Johanna Lim, “By the Numbers: Can Australia’s Grid Keep Pace with the Data Centre Boom?,” US Studies Centre, April 8, 2026, https://www.ussc.edu.au/by-the-numbers-can-australia-s-grid-keep-pace-with-the-data-centre-boom.
118. Blackstone, “Blackstone Announces Agreement to Acquire AirTrunk in an A$24 Billion Transaction,” September 4, 2024, https://www.blackstone.com/news/press/blackstone-announces-agreement-to-acquire-airtrunk-in-a-a24b-transaction/; CPP Investments, “CPP Investments Announces Investment in Asia-Pacific Data Centre Operator AirTrunk,” September 4, 2024, https://www.cppinvestments.com/newsroom/cpp-investments-announces-investment-in-asia-pacific-data-centre-operator-airtrunk/.
119. Blackstone, “Blackstone Announces Agreement to Acquire AirTrunk in an A$24 Billion Transaction,” September 4, 2024, https://www.blackstone.com/news/press/blackstone-announces-agreement-to-acquire-airtrunk-in-a-a24b-transaction/; CPP Investments, “CPP Investments Announces Investment in Asia-Pacific Data Centre Operator AirTrunk,” September 4, 2024, https://www.cppinvestments.com/newsroom/cpp-investments-announces-investment-in-asia-pacific-data-centre-operator-airtrunk/.
120. Treasury, “Foreign Investment,” 2024, https://treasury.gov.au/foreign-investment; Australian Government Department of Home Affairs, Protecting Australia’s Critical Infrastructure and National Security (Canberra: Australian Government, 2023).
121. Jim Chalmers, “Court Action Regarding 2024 Northern Minerals Disposal Orders,” media release, June 26, 2025, https://ministers.treasury.gov.au/ministers/jim-chalmers-2022/media-releases/court-action-regarding-2024-northern-minerals-disposal; Jim Chalmers, “Foreign Investors Penalised for Breach of Australian Laws,” media release, January 30, 2026, https://ministers.treasury.gov.au/ministers/jim-chalmers-2022/media-releases/foreign-investors-penalised-breach-australian-laws.
122. Treasury, “Foreign Investment,” 2024, https://treasury.gov.au/foreign-investment; Australian Government Department of Home Affairs, Protecting Australia’s Critical Infrastructure and National Security (Canberra: Australian Government, 2023).
123. Australian Government Department of Industry, Science and Resources, National AI Plan (Canberra: Australian Government, 2025), https://www.industry.gov.au/publications/national-ai-plan; Australian Government Department of Finance, AI Plan for the Australian Public Service (Canberra: Australian Government, 2025), https://www.digital.gov.au/policy/ai/australian-public-service-ai-plan-2025.
124. Government of Canada, Directive on Automated Decision-Making, 2025, https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/responsible-use-ai/directive-automated-decision-making.html; Government of Canada, Algorithmic Impact Assessment Tool, 2026, https://www.canada.ca/en/government/system/digital-government/digital-government-innovations/responsible-use-ai/algorithmic-impact-assessment.html.
125. Ministry of Science and ICT, Republic of Korea, “A New Chapter in the Age of AI: Basic Act on AI Passed at the National Assembly’s Plenary Session,” January 21, 2025, https://www.msit.go.kr/eng/bbs/view.do?bbsSeqNo=42&mId=4&mPid=2&nttSeqNo=1071&sCode=eng; National Law Information Centre, Republic of Korea, Framework Act on the Development of Artificial Intelligence and the Creation of a Foundation for Trust, 2025, https://law.go.kr/lsInfoP.do?chrClsCd=&efYd=20260122&lsId=014820&lsiSeq=268543&urlMode=engLsInfoR&viewCls=engLsInfoR.
126. State Council of the People’s Republic of China, Next Generation Artificial Intelligence Development Plan, 2017, https://fi.china-embassy.gov.cn/eng/kxjs/201710/P020210628714286134479.pdf; The State Council of the People’s Republic of China, “Plan for Development of the New Generation of Artificial Intelligence,” August 10, 2017, https://english.www.gov.cn/archive/state_council_gazette/2017/08/10/content_281475782151912.html.
127. Australian Government Department of Industry, Science and Resources, National AI Plan (Canberra: Australian Government, 2025), https://www.industry.gov.au/publications/national-ai-plan; Australian Government Department of Finance, AI Plan for the Australian Public Service (Canberra: Australian Government, 2025), https://www.digital.gov.au/policy/ai/australian-public-service-ai-plan-2025.
128. State Council of the People’s Republic of China, Next Generation Artificial Intelligence Development Plan, 2017, https://fi.china-embassy.gov.cn/eng/kxjs/201710/P020210628714286134479.pdf; The State Council of the People’s Republic of China, “Plan for Development of the New Generation of Artificial Intelligence,” August 10, 2017, https://english.www.gov.cn/archive/state_council_gazette/2017/08/10/content_281475782151912.html.
Comments