Welcome to the first in our series of articles on AI in Government. There is a lot going on in this space, so we’ll be tackling the big issues one at a time in an easily digestible format.
With the deadline for publishing AI transparency statements fast approaching (28 February 2025) for Non-Corporate Commonwealth entities, we’ve decided to start with tips on how Agencies should approach their transparency statements, what they must and should address and how to manage on-going transparent AI use. Read on to make sure you are ready to go live with your Agency’s AI transparency statement.
Key takeaways
- Non-corporate Commonwealth entities (NCEs) (except for Defence and intelligence agencies) must publish on their websites a statement outlining their approach to AI adoption by 28 February 2025. The Digital Transformation Agency (DTA) encourages Corporate Commonwealth entities to do so too.
- The kind of AI use that needs to be included is broad. It may be a challenge for Agencies to ensure all AI use is reported
- DTA has set out at a high level the requirements for transparency statements
- Transparency statements are living documents and must be updated at least annually and when AI use significantly changes
- We expect further audits of compliance with the Policy for the Responsible use of AI in government (the Policy)
Why the requirement for a transparency statement?
Transparency and explainability of AI and its use are key principles of Australia’s AI Ethics Principles and the Department of Industry, Science and Resources’ Voluntary AI Safety Standard.
The Commonwealth is leading the way on making its AI use and management transparent. Transparency statements will become a key way for Agencies to make transparent and responsible disclosure of their AI use. Transparency statements are a requirement under the Policy. They’re designed to bridge the gap between the opportunities for public benefit from government use of AI and the lack of public trust of government use of AI.
What are the transparency statement requirements?
Transparency statements must comply with directions issued by DTA and must publicly disclose the Agency’s:
- use and management of AI
- commitment to safe and responsible use, and
- compliance with the Policy
We expect audits of compliance with the Policy. The ANAO will shortly report on its audit of the effectiveness of the Australian Tax Office’s arrangements to support the adoption of AI (report due to table in January 2025). This audit includes review of whether the ATO is effectively monitoring, evaluating and reporting its adoption of AI. Stay tuned for that.
What AI systems have to be included?
The short answer is: all AI systems in use within the Agency.
The Policy adopts the OECD’s definition of AI:
An AI system is a machine-based system that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments. Different AI systems vary in their levels of autonomy and adaptiveness after deployment.
The OECD definition is broad, flexible and has changed over time. It also applies without exception.
This means Agency transparency statements must capture AI use within the Agency that is built into widely available commercial products (including Apple Siri and Google Assistant) and explain what those are used for and why. The definition extends beyond generative AI (such as CoPilot and ChatGPT) to ‘traditional’ or ‘narrow’ AI.
What should a transparency statement include?
The DTA’s Standard for AI Transparency Statements directs Agencies on what they must include in their statements which must be in plain English. We have summarised the key requirements below and provided our commentary.
|
DTA Requirement
|
So you should include…
|
Example
uses 2
|
|
The intentions behind why the agency uses AI or is considering its adoption |
The Agency’s view on the benefit of the AI the Agency uses and the AI it proposes to use. So think about:
Remember, the statement should address not just existing use of AI but also provide detail around the AI systems under consideration by the Agency (if any). |
|
|
Classify AI use according to the DTA’s prescribed usage patterns and domains |
Both the usage patterns and domains which apply to the Agency’s use of AI. Usage patterns for AI fall into four categories:
The domains are:
Agencies must list both a usage pattern and a domain to their use of AI. For example, an AI risk detection system that helps identify potentially fraudulent claims for payment under a program would likely be classified as ‘analytics for insights’ usage pattern and the domain ‘compliance and fraud detection’. Some uses may fall into multiple usage categories and/or domains. |
|
|
Classify use where the public may directly interact with, or be significantly impacted by, AI without a human intermediary or intervention |
Uses like chatbots (ie direct interaction with AI with no human intervention) – we expect there could be quite a lot of these. Automated decision making systems (eg where a person might have a decision made by AI, like a determination of an entitlement) also need to be classified – although we expect there will be less examples of this (ie where there is no human intervention). At least for now. This is one of the most sensitive uses of AI (and we think an area where the public is likely the most concerned) and will require a thorough statement of not only the use, but also the justification for that use. |
|
|
Efforts to identify and protect the public against negative impacts |
The mitigations the Agency has implemented to minimise possible harms from AI systems. That might include:
|
|
|
Compliance with each requirement under the Policy for responsible use of AI in government |
The details of the Agency’s accountable official responsible for implementation of the Policy at the Agency. Contact details for queries in relation to the transparency statement. So think about:
|
|
|
When the statement was most recently updated |
The date your statement was last updated. Statements are living documents. They will require active and ongoing management and review. Reviews and updates to the statements are required:
|
|
Our key tips and observations on transparency statements
Regularly survey AI use by your employees, service providers and contractors. Australian workplaces are leading AI adoption. According to Microsoft’s Work Trend Index 2024, 84% of Australian knowledge workers and leaders are using generative AI at work. Even if it’s not obvious how your Agency’s workers are using AI, it’s safe to assume that they are.
Agencies need to consider how they will monitor compliance with the Policy and the Agency’s internal policies so that its transparency statement captures all use of AI by your Agency.
We think it is important to disclose in a transparency statement how the Agency is monitoring and reviewing the use of AI tools within the Agency, including what steps the Agency is taking to ensure that AI is being used responsibly, safely and in accordance with Agency and Government policy.
Anonymous surveys, spot-use surveys and use-tracking and focus group discussions will likely lead to more comprehensive and accurate reporting of current use of AI and assist managing appropriate use of AI now and in the future.
Implement and update comprehensive governance arrangements supporting AI use. Comprehensive oversight and management of AI use and adoption is critical. Agencies should establish assurance mechanisms and processes that ensure transparency in the use of AI so that can be included in the transparency statement. These will be particularly important where the public may directly interact with, or be significantly impacted by, AI without a human intermediary or intervention.
Establish a comprehensive AI register to record AI use. Establishing an AI register early and making reporting simple and intuitive will be key. This will help Agencies developing their first transparency statement and to update their transparency statement as their AI use expands.
AI is not just ChatGPT. Don’t forget to include in your transparency statement commonly used commercial products like Apple’s Siri, Google Assistant and speech recognition technology that processes speech into text, such as Dragon by Nuance.
Make the transparency statement easily accessible from your website’s homepage. DTA suggests making the statement available via a general menu, like an Agency privacy policy. Agencies also need to think about whether their privacy policy needs to be updated to include AI use.
Explain how the Agency is using and managing AI through real examples. To be meaningful, we think it’s important that the statement is detailed and includes analysis of how the Agency is using and managing AI in practice. We recommend Agencies should set out specific detail of how they are using AI, what safeguards they have implemented around that use and how the use of that AI benefits the public.
Train Agency staff on AI. To be able to report on compliance with the Policy in your transparency statement, you’ll have to be able to describe how you’ve rolled out the mandatory fundamentals training to all staff. It’s important that all Agency staff understand what AI is and how it works (at a high level), including its uses, limitations and biases. Many workers use AI daily. We’ll shortly publish a further alert in this series to assist Agencies assess training needs and develop training programs.
What should I do now?
Agency transparency statements are required to be published on Agency websites by 28 February 2025.
Contact the KWM team if you have any questions or if we can help you in drafting or reviewing your transparency statement or in AI governance more generally.
And stay tuned for episode 2!
