What You Need To Know About Australia’s AI Model Clauses
Organisations today are increasingly reliant on AI to deliver services, make decisions, and automate decision-making. In such an environment, it has become impossible to ignore the complex risks associated with AI systems, such as opaque decision-making, bias, data misuse, security vulnerabilities, and unclear accountability.
Regulators globally have begun pushing ethical principles and more concrete governance mechanisms. The Australian Government’s Digital Transformation Agency (DTA) has released version 2.0 of its Artificial Intelligence (AI) Model Clauses to ensure it provides a comprehensive contractual framework for the use and procurement of AI systems.
Designed to clarify the obligations of both buyers and sellers of AI systems, these clauses address various aspects of AI system usage and deployment.
Read on to learn more.
Seller AI Obligations
These clauses apply when a seller uses an AI system in the course of providing a product or service.
Seller Use Of AI
In cases where the seller intends to use the AI system to provide a product or service, they must:
- notify the buyer prior to the provision of the products and services with details of the proposed AI system technology and functionality relevant to the provision of the products and services; and
- obtain the Buyer’s prior written approval for such use.
Moreover, the seller’s use of the AI system must be in accordance with both the buyer’s approval and the terms of the contract agreed between them. The seller remains responsible for the performance of this contract regardless of how the AI system is used across the entire supply chain.
Additionally, any seller using an AI system must conduct regular quality assurance checks on the AI system outputs to ensure their accuracy and reliability.
Records
In cases where the buyer approves the use of an AI system, the seller must ensure it retains records of:
- the AI system used;
- the scope of the AI system’s use;
- all data collected, processed, and stored by the AI system; and
- any systems the AI system interacts with while in use.
These records must be promptly provided to the buyer by the seller whenever requested.
Provision of AI Systems
All sellers must ensure they develop, deliver, install, and integrate their AI systems as required by the statement of requirements or specification. This statement should include all critical information, such as the intended use of the AI system, the environment in which it will be deployed, any integration requirements, training and testing methodology, acceptable testing requirements, required datasets, installation data for the AI system, reporting requirements, as well as transparency and explainability standards.
AI Model Transparency
The seller must only use the underlying AI model in the AI system that is:
- as described in the statement of requirements/specification, or
- as approved in writing by the buyer after a request.
Moreover, the seller must ensure that the approved AI model conforms to the requirements:
- as stated in the statement of requirements/specification; and
- as approved in writing by the buyer.
The seller is also required to request written approval from the buyer before any change can be made to the underlying AI model. In such cases, the buyer may approve, approve with conditions, or not approve any such requests.
If a request is not approved, the buyer may terminate their contract with the seller. The seller remains fully responsible for the provision of the products and services regardless of the buyer’s approval, approval with conditions, or non-approval.
Notification of Incidents
In case of an incident, the seller must:
- notify the buyer immediately; and
- comply with the reasonable directions of the buyer if:
- an AI incident has occurred;
- an AI hazard exists related to the AI system; and
- circumstances, as mentioned in the statement of requirements specification, have occurred.
Optionally, they may also comply with the directions if the AI system malfunctions, behaves in a way not intended or predicted, or if it operates in a way not compliant with the law.
Circuit Breaker
The seller must ensure all AI systems contain a circuit breaker that can interrupt and stop the AI system immediately upon the buyer’s instructions to the seller, or a human-machine interface tool accessible by the buyer.
In case the seller becomes aware that stopping the AI system will lead to irreversible harm greater than the one caused by allowing the AI system to continue operating, the seller must immediately contact the buyer to determine a resolution.
Fairness
The seller must ensure that the AI system:
- does not discriminate or cause any discrimination; and
- is developed, installed, integrated, and operates on an ethically sound basis.
Optionally, they may also ensure it does not negatively affect the public accessibility of government services, does not harm individuals or communities, and does not pose a reputational risk to or undermine public confidence in the government.
Warranties
The seller warrants that the AI system:
- is suitable for the intended use;
- will be free from any material defect in design;
- will be developed with reasonable care and skill per the best industry practice; and
- meets or exceeds the requirements specified in the contract.
Compliance With Laws & Policies
The seller is required to comply with all relevant laws and policies related to the development, delivery, installation, and integration of the AI system. They must also refrain from doing anything that, if done by the buyer, would lead to a breach of the law or policies, such as the following:
- Privacy Act 1988;
- Age Discrimination Act 2004;
- Disability Discrimination Act 1992;
- Racial Discrimination Act 1975;
- Sex Discrimination Act 1984;
- Competition and Consumer Act 2010;
- Archives Act 1983;
- Australia’s AI Ethics Principles; and
- Digital Transformation Agency’s policy for the responsible use of AI in government.
The seller is also required to provide reasonable assistance to the buyer in ensuring compliance with the regulations in relation to the AI system.
Moreover, the seller must also ensure complete compliance with any new laws and policies introduced during the term of their contract, and apply them to their AI system. Failure to do so constitutes a breach of their contract and entitles the buyer to terminate the contract.
Privacy Obligations
The seller’s privacy obligations when providing the AI system include the following:
- compliance with all obligations under the Privacy Act 1988;
- not to do anything that would be in breach of the Australian Privacy Principles under the Privacy Act 1988.
Moreover, the seller must also ensure their subcontractors:
- comply with their obligations under the Privacy Act 1988;
- Do not do anything that would be in breach of the Australian Privacy Principles under the Privacy Act 1988.
In any case, the seller must promptly notify the buyer if the seller:
- is required to disclose personal information; or
- receives a request or inquiry about the personal information from:
- the Privacy Commissioner; or
- any individual related to the personal information held by the seller or contractor.
In Case of Data Breach
If a seller becomes aware of a data breach related to any personal information held by the seller as part of their contract or its provision of the AI system, the seller must:
- notify the buyer in writing as soon as possible, and within 72 hours; and
- carry out the relevant assessments per the Privacy Act 1988 requirements.
Depending on different clauses in the contract, the seller may be required to conduct both due diligence and a risk review of their entire supply chain to ensure security risks posed to the buyer are appropriately addressed. If any issues are identified, they must be addressed and, if needed, removed entirely from the supply chain to ensure the risk posed to the AI system is mitigated.
Oversight, Explainability, & Transparency
The seller is required to:
- Design and develop an AI system that is:
- effectively overseen and monitored by humans and human-machine interface tools; and
- compliant with the technical and organizational measures described in the statement of requirements/specification.
- Ensure the seller personnel responsible for the oversight:
- are aware of the capabilities and limitations of the AI system;
- are able to monitor the AI system for anomalies, dysfunctions, and unexpected performances; and
- correctly interpret the AI system’s outputs; and
- are able to decide not to use the AI system or its outputs.
- Provide relevant information and guidance to the buyer personnel responsible for oversight on their end so that they:
- are aware of the capabilities and limitations of the AI system;
- are able to monitor the AI system for anomalies, dysfunctions, and unexpected performances;
- correctly interpret the AI system’s outputs;
- are informed of the dangers of overreliance on AI system outputs;
- correctly interpret the AI system’s outputs; and
- able to decide not to use the AI system or its outputs.
Transparency & Explainability
The seller must ensure the AI system is designed, developed, and tested in a way that ensures its operations are transparent enough to:
- ensure the buyer understands and uses the AI system appropriately; and
- ensure the AI system’s outputs can be traced back to the input data.
The seller must provide the buyer with all technical information necessary to help them understand:
- the logic behind the outputs generated by the AI system; and
- which features of the AI system contribute to the output of the AI system.
Training, Testing, & Monitoring
All training data must be provided as follows:
- In accordance with the requirements established in the statement of requirements/specification; and
- The seller must:
- provide the training data as required under the statement of requirement/specification;
- identify any uncontrolled bias in the training data and mitigate it; and
- ensure the use of such training data does not infringe any third party’s rights.
Training, Testing, And Monitoring of an AI System
The seller must conduct training, testing, monitoring, and validation of the AI system while also ensuring all relevant requirements under the statement of requirements/specification are met.
The seller must also ensure all such training, testing, and monitoring of the AI system:
- Identifies any output or model performance that results in:
- any individual being treated differently on the basis of a protected characteristic; or
- bias.
- snsures the AI system is fit for use as intended;
- is conducted in accordance with the statement of requirement/specification; and
- is conducted in accordance with the contract.
Acceptance Testing
The buyer must conduct acceptance testing, with the seller assisting them to ensure that such testing meets the test criteria stated in the statement of requirements/specifications.
If requested by the buyer, the seller must provide details of the tests required to perform the certification, installation, commissioning, and acceptance of the AI system in order to create the Acceptance Test.
The aforementioned details include a test methodology that will contain:
- conditions under which the test will be conducted;
- full details of each test;
- how each test is to be conducted;
- input data required for the test;
- expected result of each test;
- assumption behind each test; and
- suitable test data.
The seller must provide the test data in the format requested by the buyer; the seller is also required to comply with all reasonable requests made by the buyer related to the AI system.
In case the buyer finds that the seller:
- has satisfied the criteria – they must notify the seller within the duration stated in the contract about the passing of the Acceptance Test; or
- has not satisfied the criteria – they must notify the seller within the duration stated in the contract about the AI system’s failure of the Acceptance Test. The seller must then:
- do everything required to rectify the problem;
- notify the buyer about the new iteration; and
- repeat the Acceptance Testing as soon as practical.
If the buyer informs the seller about the AI system’s passing, the buyer may impose conditions after the commencement of the Acceptance Test, and it is not a waiver of the buyer’s rights under the contract.
On the other hand, if the AI system fails the Acceptance Test or no further testing is required, the buyer may treat the seller’s failure as a failure to comply with their contractual obligations, with the buyer being entitled to terminate the contract.
Iterations, Updates, & Code
The seller must maintain all previous iterations of the AI system for as long as required under the contract, with a record of key differences between each.
Moreover, the seller must deliver an updated and annotated version of the source code of the AI system to the buyer prior to the acceptance test, immediately after the acceptance test, and on each occasion a new iteration of the AI system is given to the buyer.
Lastly, the seller must warrant that new updates and upgrades to the AI system will not adversely affect the performance, functionality, or compatibility of the AI system in any way.
Digital Security
As for digital security, the buyer must consider whether additional cyber risk clauses need to be added to the contract.
Record Keeping
The seller must give the buyer any reports or information related to the AI system:
- within 10 business days; and
- in the form and format requested by the buyer.
Logging Capability
The seller is required to ensure the AI system keeps automated records of all events while the AI system operates. These capabilities must:
- conform to all industry best practices standards; and
- be in accordance with the requirements under ISO/IEC 42001:2023 IT – AI – Management System.
Moreover, these logging capabilities must ensure an appropriate level of traceability of the AI system’s functioning throughout the lifecycle for the intended use of the system. Additionally, these should allow the recording of events to identify situations that may:
- result in the AI system presenting a risk to the health, safety, or protection of a person’s rights;
- lead to a substantial change in the AI system.
All such logs must be kept for the entire term of the contract. At the end of the contract, the seller must provide these logs to the buyer without delay.
Intellectual Property & AI Datasets
Standard – Buyer Owns IP In Contract Material
All IP rights in contract material will vest immediately in the buyer upon creation. The buyer grants a:
- Royalty-free; and
- Non-exclusive
License for the seller to:
- Use;
- Reproduce; and
- Adapt,
the contract material for this contract.
Alternative – Seller Owns IP In Contract Material & Licenses It To Buyer
- IP rights in all contracts material vest or will vest immediately in the seller upon creation; The seller grants the buyer a:
- Perpetual;
- Irrevocable;
- Royalty-free;
- World-wide; and
- Non-exclusive
Licence (including a right of sub-licence) to:
- Use;
- Reproduce;
- Adapt;
- Modify;
- Perform;
- Distribute;
- Communicate;
- Publish; and
- Exploit,
contract material for any purpose.
Incorporated IP
The seller must procure for the buyer a:
- Perpetual;
- Irrevocable;
- Royalty-free;
- World-wide; and
- Non-exclusive,
licence (including a right of sub-licence) to:
- Use;
- Reproduce;
- Adapt;
- Modify;
- Perform;
- Distribute;
- Communicate;
- Publish; and
- Exploit,
any incorporated IP for any purpose.
The buyer must ask the seller for permission to publish:
- logos; and
- distinctive branding.
The seller agrees to the request from the buyer to:
- create;
- sign;
- execute; and
- and deal with,
all documents necessary to give effect to the provisions under this heading.
Base Third-Party Software
If the buyer procures the license for the base third-party software, the seller must warrant that any base third-party software required for the AI system is stated in the statement of requirements/specifications. The buyer must procure a license to the software and provide it to the seller.
The seller is also responsible for ensuring the AI system functions and performs per the specifications.
However, if the seller procures the license for the base third-party software, the seller must warrant that all such software is stated in the statement of requirements/specification.
IP Warranty
The seller must warrant that:
- the contract material and the buyer’s use of the material will not infringe on any IP rights; and
- the seller is entitled, or will be entitled to deal with the IP rights and moral rights in the contract material per the contract.
Moreover, the seller is also responsible for ensuring the AI system functions and performs according to the specifications.
Use Of Buyer Material and AI Datasets
The buyer must grant a royalty-free, non-exclusive license for the seller to:
- use;
- reproduce; and
- adapt the buyer material for the purpose of this contract, subject to:
- the conditions and restrictions per this contract;
- any directions from the buyer.
Seller Use of Buyer Data
The seller must only use buyer data in strict accordance with the contract. Without the buyer’s express prior written approval, the seller must not:
- use buyer data for any purpose other than the performance of this contract;
- sell, license, or otherwise permit any third parties access to or use of any buyer data;
- remove any buyer data from the buyer’s systems or premises or the seller’s systems or premises; or
- transmit, store, take, or access buyer data to be transmitted, stored, taken, or accessed outside of Australia.
Data Mining & Ingestion
Unless expressly specified in the contract, the seller must not:
- conduct data mining activities with any buyer data; or
- ingest buyer data into LLMs.
Security of Buyer Data
The seller must have all relevant measures in place to protect buyer data. If any subcontractors use their digital systems to access, transmit, or store buyer data, the seller must ensure the buyer data is protected from:
- unauthorized access or use by a third party; and
- misuse, loss, damage, destruction, alteration, or corruption.
Handover & Destruction Of AI Datasets & Buyer Data
Upon the buyer’s request, the seller must:
- hand over all buyer AI datasets to the buyer; and
- hand over the most recent version of the seller AI datasets and third-party datasets to the buyer.
This should be done in the form and format requested by the buyer.
Destruction Of AI Datasets
The seller must destroy all originals and copies of the buyer’s AI datasets unless specified in the statement of requirements/specifications.
If the buyer requests, the seller must have evidence of the destruction of the buyer’s AI dataset.
Return of Buyer Data
If all buyer data is not covered under the scope of this regulation, the seller must:
- return to the buyer on request;
- deal with the buyer data as directed by the buyer on expiry or termination of their contract.
Risk Management
The risk management provisions are optional.
The seller is required to comply with the buyer’s AI policy/risk management system in addition to compliance with the ISO/IEC 42001:2023 ( Information Technology – Artificial Intelligence – Management System)requirements.
The seller must also have an AI Risk Management System in place, the contents of which include at least the following:
- identification, estimation, and evaluation of known and reasonably foreseeable risks of the use of the AI system; and
- adoption of appropriate and targeted risk management measures designed to address risks identified.
How Securiti Can Help
Almost every major organization has made it a strategic priority to maximize its use of AI capabilities. However, they must ensure their efforts incorporate effective considerations to guarantee that all AI usage and functionality meet the regulatory and public expectations.
The Australian AI model clauses are an extension of the Privacy Act 1988 and the Australian Privacy Principles, designed to ensure user data is used in a manner that does not violate individual rights. Consequently, complying with these regulatory requirements can be a significant challenge.
This is where Securiti can help.
Securiti’s Gencore AI is a holistic solution for building safe, enterprise-grade GenAI systems. This enterprise solution consists of several components that can be used collectively to build end-to-end safe enterprise AI systems and to address AI data security obligations and challenges across various use cases.
Moreover, it can be further complemented with Data Security Posture Management (DSPM), which provides organizations with intelligent discovery, classification, and risk assessment. This marks a significant shift from a reactive data security approach to proactive data security management suited to the AI context, while ensuring the organization can continue to leverage its data resources to their maximum potential without sacrificing performance or effectiveness.
Request a demo today to learn more about how Securiti can help your organization ensure compliance with the expectations under the Australian AI model clauses.