The Victorian Government has introduced the ‘Administrative Guideline for the safe and responsible use of Generative AI’, setting minimum requirements for its use across the Victorian Public Sector (VPS).

Generative Artificial Intelligence (Generative AI) is revolutionising the way organisations operate by enabling tools that generate text, images, and even code with a simple prompt. However, alongside its transformative potential, Generative AI presents challenges, including privacy, ethical risks, and the need to maintain public trust. To address these concerns, the Victorian Government recently released the Administrative Guideline: The Safe and Responsible Use of Generative AI in the Victorian Public Sector. This principles-based framework aims to ensure the responsible adoption of AI technologies while safeguarding sensitive information, complying with legislative obligations, and upholding community expectations. This blog summarises the Guideline’s key provisions, highlights its importance, and provides practical advice for VPS personnel.

What Is Generative AI?

According to the Guideline, Generative AI is a subset of artificial intelligence that “is capable of generating text, images, videos, or other data using generative models, in response to user prompts”. Well-known tools include ChatGPT (OpenAI), Google Gemini, Copilot (including Microsoft 365, Edge and GitHub), and MidJourney, which offer opportunities to enhance efficiency and drive innovation. However, these tools must be used responsibly and ethically to mitigate risks such as misinformation, bias, and privacy breaches.

Scope of the Guideline

The Guideline sets minimum requirements for using Generative AI within the VPS and applies to all public service bodies and entities defined under the Public Administration Act 2004. This includes employees, contractors, consultants, and volunteers engaged directly or indirectly by in-scope organisations with access to public sector information. While it establishes foundational safeguards, it also encourages special bodies to adopt the Guideline in the absence of sector-specific policies.

To support these objectives, the Guideline outlines key elements such as prioritising agency-approved Generative AI tools, adhering to information-sharing protocols to protect sensitive data, and ensuring accountability for all AI-generated outputs. Importantly, it reinforces compliance with existing legislation, including the Privacy and Data Protection Act 2014, the Health Records Act 2001, and the Victorian Charter of Human Rights and Responsibilities Act 2006.

Principles for Safe and Responsible Use

At the Data and Digital Ministers meeting on 21 June 2024, the Victorian Government endorsed Australia’s national framework for assuring the use of artificial intelligence in government.

The framework is underpinned by Australia’s AI Ethics Principles:

• Human, societal and environmental wellbeing: AI systems should benefit individuals, society and the environment.
• Human-centred values: AI systems should respect human rights, diversity, and the autonomy of individuals.
• Fairness: AI systems should be inclusive and accessible, and should not involve or result in unfair discrimination against individuals, communities or groups.
• Privacy protection and security: AI systems should respect and uphold privacy rights and data protection, and ensure the security of data.
• Reliability and safety: AI systems should reliably operate in accordance with their intended purpose.
• Transparency and explainability: There should be transparency and responsible disclosure so people can understand when they are being significantly impacted by AI, and can find out when an AI system is engaging with them.
• Contestability: When an AI system significantly impacts a person, community, group or environment, there should be a timely process to allow people to challenge the use or outcomes of the AI system.
• Accountability: People responsible for the different phases of the AI system lifecycle should be identifiable and accountable for the outcomes of the AI systems, and human oversight of AI systems should be enabled.

Why This Matters

Generative AI offers significant opportunities for innovation and efficiency in government operations. However, its use also carries inherent risks, including:

• Misinformation: Generative AI can produce outputs that are biased, incorrect, or misleading if not verified.
• Privacy Breaches: Uploading sensitive data into AI tools can compromise security and breach privacy laws.

By following the principles set out in the Guideline, the Victorian Government aims to mitigate these risks while fostering trust, transparency, and ethical standards in the VPS.

Practical Steps for VPS Personnel

For those working in or with the VPS, the guideline serves as both a framework and a resource. To integrate it into daily operations effectively, steps include:

1. Use Approved Tools: Select agency-approved Generative AI tools that have been assessed for security and compliance.
2. Protect Data: Do not upload classified, personal, or confidential information into AI tools, especially those that are not approved.
3. Verify Outputs: Always review all AI-generated content for accuracy and appropriateness before use.
4. Seek Training: Participate in training opportunities to better understand the benefits and risks of Generative AI.

These steps reinforce earlier principles and ensure compliance across all applications of Generative AI in official work.

Consequences of Non-Compliance

Failure to follow the Guideline may result in breaches of the Victorian Public Sector Codes of Conduct or other relevant legislation, such as the Privacy and Data Protection Act 2014. For example, relying on unverified AI-generated content for decision-making could compromise transparency and accountability. Organisations operating inconsistently with the Guideline must provide written justification to the Secretary of the Department of Premier and Cabinet, as required under the Public Administration Act 2004.

Looking Ahead: Implementation and Review

The Victorian Government recognises the rapid evolution of Generative AI technologies and will undertake periodic reviews of the Guideline to ensure it remains relevant and effective. Organisations are encouraged to:

• Monitor Use: Implement systems to oversee the application of AI tools, ensuring compliance.
• Educate Personnel: Develop training modules tailored to business needs, supported by resources from the Department of Government Services.

Feedback on the Guideline can be submitted to vicgov.ciso@dpc.vic.gov.au for consideration in future updates.

Conclusion

The Administrative Guideline on the Safe and Responsible Use of Generative AI is an important step in balancing innovation with ethical responsibility in the VPS. By following its principles, VPS personnel can harness the benefits of AI technologies while safeguarding public trust and meeting legal obligations.

By introducing this Guideline, the Victorian Government provides a framework for the responsible adoption of emerging technologies, aiming to set a standard for ethical AI use in state government operations.

Resources

• Administrative Guideline: The Safe and Responsible Use of Generative AI in the Victorian Public Sector
• AI Ethics Principles
• Health Records Act 2001
• Navigating the AI Wave: Why You Need a Policy (CourtHeath)
• Privacy and Data Protection Act 2014
• Public Administration Act 2004
• Victorian Charter of Human Rights and Responsibilities Act 2006
• Victorian Public Sector Codes of Conduct

***

A participant in the UN Global Compact, CourtHeath seeks to raise awareness about the sustainable development goals and the principles of the Global Compact with business and government organisations in Victoria.

***