N
    Nifty Computing
    AI & PII Readiness Assessment
    Last reviewed

    Is your agency ready to handle AI requests for client data?

    A 20-question diagnostic for Australian real estate agencies - sales, property management, and trust-account-holding offices. Take it before you grant API access to a vendor, family member, or AI agent that wants to pull personal information out of your PMS, CRM, or sales pipeline. The quiz tests whether you understand the Privacy Act, APP 8 cross-border rules, the December 2026 ADM disclosure deadline, the Voluntary AI Safety Standard 2024, and the practical security controls a principal must have in place before sharing any API key. Each weak answer returns a specific fix you can hand to your IT or compliance lead.

    What's changing for AI, PII and Australian real estate agencies
    • 10 DEC 2026Automated Decision-Making (AI) disclosure rules take effect under the Privacy Act (APP 1.7)
    • 1 JUL 2026AML/CTF Tranche 2 obligations commence - CDD data joins the PII you must protect
    • CURRENTVoluntary AI Safety Standard 2024 (DISR) - 10 guardrails, voluntary now, baseline for the mandatory standard in development
    • CURRENTOAIC privacy compliance sweep underway - property sector named as a priority

    AI and PII obligations apply equally to sales and property management. There is no carve-out for related-party access or 'just my husband's AI agents'.

    Your privacy. Your individual answers stay on your device - we don't store them. When you finish, we save an anonymous record of your scores (industry, overall and per-category percentages, state, business type) so we can show how you compare to others in your industry. We also log anonymous counts for when a quiz is started, when a report is downloaded, and (if you later request it) when one is emailed - no identifying information is attached to any of these. We never capture your name, email, IP address, or any business identity.

    20Questions
    LiveAverage time
    6Risk Areas
    What does your agency do? (select one)

    Full quiz content - Real Estate AI Privacy Quiz 2026 - APP 8, ADM, API Access | Nifty Computing

    This index lists every question, every answer option with its score, every tier band, every recommendation, and every regulatory source used by the real_estate_ai_pii compliance readiness quiz. Last reviewed .

    Tier scoring

    • Compliance Ready - score ≥ 85/100, review every 12 months. Your agency demonstrates strong AI and PII handling maturity across the Privacy Act, APP 8, ADM disclosure, and API access controls. You're well placed to evaluate any future request for data access from a vendor, related party, or AI provider. Maintain annual reviews and keep pace with the mandatory AI standard in development. Recommended next review: 12 months.
    • Good - Minor Gaps - score ≥ 70/100, review every 12 months. Solid foundations with targeted gaps to address before the December 2026 ADM disclosure deadline. Pay particular attention to API access controls and cross-border data transfer documentation. Work through the priority findings below before granting any new third-party data access. Recommended next review: 12 months.
    • Moderate Risk - Action Needed - score ≥ 50/100, review every 6 months. Several material gaps in your AI and PII handling. Given the active OAIC focus on real estate and the realities of LLM-based AI tools routing data offshore, prioritise the findings below over the next 1–3 months. Do not grant API access to any new party - including a related party - until these gaps are closed. Recommended next review: 6 months.
    • High Risk - Urgent Action - score ≥ 30/100, review every 1 months. Significant exposure across multiple AI and PII obligations. An OAIC finding is a material risk at this readiness level, particularly if you have already shared API credentials with a vendor, related party, or AI agent. Engage professional advice and revoke any unscoped API keys you have issued. Recommended next review: 1 month.
    • Critical - Immediate Intervention - score ≥ 0/100, review every 1 months. Your agency has substantial non-compliance with Australian AI and privacy obligations. If you have given API keys, login credentials, or unsupervised data access to any third party - vendor, family member, or AI agent - revoke them today. Engage qualified privacy and compliance advisers before re-issuing access. Recommended next review: 1 month.

    Categories assessed

    • PII - Privacy & PII Fundamentals
    • XBV - Cross-Border & Vendor Risk
    • ADM - Automated Decisions
    • TEN - AI in Tenant & Vendor Decisions
    • API - API Access & Data Egress
    • MDC - Misleading & Deceptive AI Output

    Questions

    1. Q1 (PII, weight 3): Does your agency know whether it is an APP entity under the Privacy Act 1988?

      • Yes - confirmed APP entity, with an up-to-date privacy policy reflecting that (score 5)
      • Yes, but our privacy policy hasn't been reviewed against current obligations (score 3)
      • We assume so but haven't formally checked (score 1)
      • No / Don't know (score 0)

      If a weak option is selected: Confirm your APP entity status. Real estate agents with annual turnover over $3M, those who handle health information, or those acting as a contracted service provider for an APP entity are all caught. Most established agencies are APP entities; the few that aren't often become so through their PMS contracts.

    2. Q2 (PII, weight 3): Can you list the categories of personal information your agency collects (APP 1.4)?

      • Yes - itemised in our privacy policy by party type (vendor, buyer, tenant, applicant) (score 5)
      • Generic 'name, address, contact details' description in our policy (score 2)
      • Not in writing (score 1)
      • No / Don't Know (score 0)

      If a weak option is selected: APP 1.4 requires your privacy policy to itemise the kinds of personal information you collect. Generic descriptions don't satisfy the test the OAIC is currently applying in its property-sector sweep - itemise by party type.

    3. Q3 (PII, weight 3): Do you notify individuals of the matters in APP 5 (who you are, why you're collecting, who you'll disclose to) at or before the point of collection?

      • Yes - written collection notice at every collection point including open homes and online forms (score 5)
      • Yes for online forms; verbal only at open homes (score 3)
      • Sometimes (score 1)
      • No / Don't Know (score 0)

      If a weak option is selected: APP 5 requires notification at or before collection. Your collection notice must cover the matters in APP 5.2 - a one-pager at the open-home sign-in is the cleanest evidence.

    4. Q4 (PII, weight 3): Do you only collect personal information that is reasonably necessary for one or more of your functions or activities (APP 3)?

      • Yes - every field on every form is mapped to a specific function (score 5)
      • Mostly, but we haven't formally audited (score 3)
      • We collect what's on the standard industry forms (score 1)
      • No / Don't Know (score 0)

      If a weak option is selected: APP 3.2 prohibits over-collection. Standard industry forms drift over time and frequently include fields no one uses. Audit every form against actual decision criteria.

    5. Q5 (PII, weight 3): Do you only use or disclose personal information for the primary purpose it was collected, or a related secondary purpose with consent (APP 6)?

      • Yes - documented use and disclosure register, audited annually (score 5)
      • Generally yes, but no formal register (score 3)
      • Information collected for one purpose is sometimes used for marketing or other purposes without specific consent (score 1)
      • No clear rule (score 0)

      If a weak option is selected: APP 6 limits secondary use. Pushing open-home contacts into a marketing campaign without a documented consent or a clearly related secondary purpose is the most common APP 6 breach in agencies.

    6. Q6 (PII, weight 3): Are you familiar with the definition of 'sensitive information' in s6 of the Privacy Act, and do you treat it differently from other PII?

      • Yes - health, racial, religious, sexual orientation, biometric and similar information is flagged and held under stricter controls (score 5)
      • We've heard of the term but don't treat it specifically differently (score 1)
      • No / Don't Know (score 0)

      If a weak option is selected: Sensitive information (s6 Privacy Act) - including health, racial origin, religious beliefs, sexual orientation, biometric data - has stricter rules under APP 3.3 and APP 6. Tenancy applications often capture sensitive information inadvertently (e.g. medical reasons for assistance animals).

    7. Q7 (PII, weight 3): Do you understand the Notifiable Data Breaches (NDB) scheme - the threshold of 'eligible data breach', the 30-day assessment window, and the obligation to notify the OAIC and affected individuals?

      • Yes - documented in our breach response plan, tested in last 12 months (score 5)
      • General awareness (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: The NDB scheme (Part IIIC, Privacy Act) requires notification of an 'eligible data breach' as soon as practicable, with a maximum 30-day assessment window. Under-notifying is a clear compliance failure.

    8. Q8 (PII, weight 2): Do you understand when residential tenancy database operators trigger Privacy Act obligations regardless of agency turnover?

      • Yes - RTD operators (TICA/NTD/TRA) are caught by Part IIIA Privacy Act regardless of turnover, and using one creates flow-through obligations on the agency (score 5)
      • Aware they are regulated but unsure of the detail (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: Part IIIA of the Privacy Act regulates residential tenancy databases specifically. Operators have obligations regardless of turnover, and agencies that lodge or query tenancy listings inherit obligations to inform tenants and provide access.

    9. Q9 (PII, weight 2): Do you understand the difference between personal information, de-identified information, and aggregated/statistical data - and that AI re-identification can convert 'de-identified' data back to PII?

      • Yes - and we treat 'de-identified' AI training data sets as PII unless we can prove otherwise (score 5)
      • Aware of the difference but treat anything labelled 'de-identified' as out of scope (score 1)
      • No / Don't Know (score 0)

      If a weak option is selected: The OAIC has stated that 'de-identified' is a high bar in the AI age - re-identification through inference attacks is well documented. Treat anonymised PII you feed into AI as personal information unless you have evidence-based confidence it cannot be re-identified.

    10. Q10 (PII, weight 3): Do you take reasonable steps to destroy or de-identify personal information when it is no longer needed (APP 11.2)?

      • Yes - documented retention schedule and automated deletion (score 5)
      • We delete on request but no proactive schedule (score 2)
      • We retain everything indefinitely (score 0)
      • No / Don't Know (score 0)

      If a weak option is selected: APP 11.2 requires destruction or de-identification when information is no longer needed. Indefinite retention is non-compliant - set retention periods by data type and enforce them automatically.

    11. Q11 (XBV, weight 3): Do you know which of your vendors store or process personal information overseas?

      • Yes - vendor inventory with data residency and sub-processor list (score 5)
      • Partially - we know about the big ones (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: APP 8 attaches whenever you disclose personal information to an overseas recipient. You can't assess your APP 8 exposure until you've inventoried which vendors store or process data offshore.

    12. Q12 (XBV, weight 3): Do you understand that OpenAI (ChatGPT), Anthropic (Claude), and Google (Gemini) all process data through US infrastructure, and that this triggers APP 8?

      • Yes - and we have documented APP 8 'reasonable steps' or specific consent for each AI tool we use (score 5)
      • Yes - but we haven't documented our APP 8 position (score 2)
      • We thought enterprise plans kept the data local (score 1)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Major LLM providers (OpenAI, Anthropic, Google) host on US infrastructure. Even where 'data residency' is offered on enterprise plans, the underlying model and inference compute often remain US-based. APP 8 applies - document your reasonable-steps position or your consent basis.

    13. Q13 (XBV, weight 3): Before disclosing personal information overseas, do you take 'reasonable steps' to ensure the recipient does not breach the APPs (APP 8.1)?

      • Yes - documented vendor due diligence covering APP-equivalent obligations (score 5)
      • We rely on the vendor's self-attestations or marketing claims (score 2)
      • We don't formally check (score 0)

      If a weak option is selected: APP 8.1 requires 'reasonable steps' before overseas disclosure. Marketing pages and self-attestations are not 'reasonable steps' - review the contract, the privacy policy, sub-processor list, and certifications (SOC 2, ISO 27001, IRAP).

    14. Q14 (XBV, weight 3): When you disclose personal information overseas without taking reasonable steps, are you aware that you remain accountable under APP 8.1 for any acts or practices of the overseas recipient that would breach the APPs?

      • Yes - and we've structured our vendor contracts and consent flows accordingly (score 5)
      • Aware in principle but our vendor contracts are silent on APP equivalence (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: Section 16C of the Privacy Act extends the APPs to acts of overseas recipients to whom you have disclosed PII without taking reasonable steps. You remain liable - the vendor doesn't take the obligation off your hands.

    15. Q15 (XBV, weight 3): Do your vendor contracts include data-protection clauses requiring APP-equivalent handling, breach notification, and deletion at contract end?

      • Yes - every vendor with PII access has a written DPA (score 5)
      • Some do; we haven't reviewed all of them (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: Vendor contracts (DPAs) should require APP-equivalent handling, breach notification within 24–48 hours, sub-processor disclosure, audit rights, and deletion-with-certificate at contract end. Push for these at every renewal.

    16. Q16 (XBV, weight 2): When your vendors use sub-processors (e.g. cloud hosting, AI providers, support contractors), are those sub-processors disclosed to you?

      • Yes - sub-processor list is provided and updated when changes occur (score 5)
      • Sometimes - we know the major ones (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: Sub-processor transparency is a baseline DPA term in privacy-mature industries. Without it, you can't assess your APP 8 exposure. Demand notification of new sub-processors with right to object.

    17. Q17 (XBV, weight 2): Do you know the data residency arrangements for your PMS / CRM (e.g. Property Tree, PropertyMe, Console Cloud, Vault RE, Inspect Real Estate, Rex, Eagle, Box+Dice, Domain CRM)?

      • Yes - confirmed in writing for each system in use (score 5)
      • Assumed Australian based on the product page (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: Marketing pages aren't a reliable source. Get written confirmation of data residency from each PMS/CRM provider - including failover regions and backup locations.

    18. Q18 (XBV, weight 3): Do you have documented opt-out from model training for every AI tool that touches PII (e.g. ChatGPT 'data controls', Claude business plans, Gemini admin settings)?

      • Yes - every AI tool used with PII has training opt-out enabled and documented (score 5)
      • Most are opted out; some unconfirmed (score 2)
      • We use consumer accounts where training-on is the default (score 0)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Consumer AI accounts default to training-on, which means PII you paste in becomes permanent training data. Use only enterprise/business plans with verified training opt-out, and document the setting.

    19. Q19 (XBV, weight 2): When you change AI vendors, do you obtain a written certificate of destruction for any PII previously processed?

      • Yes - for every vendor change (score 5)
      • Sometimes (score 2)
      • No - we just stop paying and assume deletion happens (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: APP 11.2 requires you to take reasonable steps to ensure deletion when information is no longer needed. 'They said they'd delete it' is not evidence - get a dated certificate of destruction.

    20. Q20 (XBV, weight 2): Are you aware of the US CLOUD Act and that US-jurisdiction vendors can be compelled to disclose data to US authorities regardless of where the data is physically stored?

      • Yes - we factor CLOUD Act exposure into vendor selection for sensitive data (score 5)
      • Aware of it but haven't acted (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: The CLOUD Act (2018, US) lets US authorities compel disclosure from US-incorporated providers regardless of data location. This is a known APP 8 'reasonable steps' consideration - document it in your vendor risk assessment.

    21. Q21 (ADM, weight 3): Are you aware that from 10 December 2026, APP 1.7 (introduced by the Privacy and Other Legislation Amendment Act 2024) requires your privacy policy to disclose your use of automated decision-making that significantly affects individuals?

      • Yes - privacy policy already updated and reviewed by legal (score 5)
      • Aware, drafting is in progress (score 3)
      • Aware but no action yet (score 1)
      • Wasn't aware of this requirement (score 0)

      If a weak option is selected: APP 1.7 takes effect 10 December 2026. Your privacy policy must disclose the use of substantially-automated decisions that significantly affect individuals, including the kinds of personal information used and the kinds of decisions made.

    22. Q22 (ADM, weight 3): Do you understand what counts as a decision that 'significantly affects' an individual in the ADM context?

      • Yes - including tenancy approval/rejection, rental pricing, lease renewal, and any decision affecting access to housing or financial standing (score 5)
      • We think we know but haven't formally mapped it (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: OAIC guidance flags decisions affecting access to housing, employment, finance, and welfare as 'significant'. In real estate, that includes tenancy approval/rejection, rental price increases, eviction recommendations, and bond release decisions.

    23. Q23 (ADM, weight 3): Have you built an inventory of every tool in your business that uses AI, machine learning, or rule-based scoring to make or materially influence decisions about people?

      • Yes - written inventory, reviewed quarterly (score 5)
      • Partial inventory (score 2)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: You can't disclose what you haven't inventoried. Audit CRMs (lead scoring), PMS (tenant ranking), marketing tools, chatbots, and any LLM-powered automation. Modern tools commonly include AI without making it obvious.

    24. Q24 (ADM, weight 2): For decisions materially influenced by AI, do you have documented human-in-the-loop oversight that can be evidenced?

      • Yes - every AI-influenced decision is reviewed and the review is logged (score 5)
      • A human signs off but the review isn't logged (score 2)
      • Some decisions are fully automated (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: 'A human approved this' only stands up if you can prove it. Build the audit trail into your workflow - an unlogged human review may not satisfy the ADM exception.

    25. Q25 (ADM, weight 2): Can you explain - in plain English - to an individual how an AI system reached a decision that affected them?

      • Yes - for every ADM tool, we have a documented explanation suitable for an applicant or tenant (score 5)
      • Vendor-supplied explanations only (score 2)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Explainability is a core principle in the Voluntary AI Safety Standard (Guardrail 6 - transparency). For each ADM tool, draft a plain-English explanation you can give to an affected individual.

    26. Q26 (ADM, weight 2): Do you have a documented process for individuals to request human review of an AI-influenced decision?

      • Yes - process is documented and offered proactively in adverse-decision letters (score 5)
      • Available on request but not advertised (score 2)
      • No process (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: A documented, advertised right to human review is expected under the emerging ADM regime. Add it to your privacy policy and adverse-decision communications.

    27. Q27 (ADM, weight 3): Are you familiar with the Voluntary AI Safety Standard 2024 published by the Department of Industry, Science and Resources (DISR), and the 10 guardrails it specifies?

      • Yes - we've assessed our AI use against all 10 guardrails (score 5)
      • Aware of it but haven't done a guardrail assessment (score 2)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: The Voluntary AI Safety Standard (DISR, September 2024) is the de facto Australian baseline pending the mandatory standard in development. Its 10 guardrails cover accountability, risk management, data governance, testing, human control, transparency, contestability, supply chain, records, and stakeholder engagement.

    28. Q28 (ADM, weight 2): Do you keep records of the AI systems you use, the data they consume, and the decisions they influence (DISR Guardrail 9)?

      • Yes - AI register maintained and reviewed (score 5)
      • Informal records (score 2)
      • No records (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Guardrail 9 of the Voluntary AI Safety Standard expects record-keeping covering inputs, outputs, model versions, and data flows. This is also baseline evidence for any future regulator request.

    29. Q29 (ADM, weight 2): When you use a general-purpose LLM (e.g. ChatGPT) to produce content that influences a decision, do you treat that as automated decision-making?

      • Yes - LLM use influencing decisions is documented as ADM and disclosed (score 5)
      • We treat LLMs as a productivity tool, not as ADM (score 1)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: If an LLM's output materially influences a decision (e.g. drafting an applicant assessment, generating a tenant reference, ranking enquiries), that influence is captured by the ADM regime. Don't carve LLMs out of your ADM map because they're 'just writing tools'.

    30. Q30 (ADM, weight 2): Do you test AI tools for bias and fairness before deploying them in tenant or vendor decisions (DISR Guardrail 4)?

      • Yes - documented pre-deployment testing including bias review (score 5)
      • We rely on vendor claims of fairness testing (score 2)
      • No testing (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Guardrail 4 expects pre-deployment testing of AI systems including for bias and fairness. Vendor self-attestation is a starting point, not a substitute for your own assessment in your context.

    31. Q31 (TEN, weight 3): Are you aware that AI-driven tenancy decisions can breach the Sex Discrimination Act 1984, Disability Discrimination Act 1992, Racial Discrimination Act 1975, and Age Discrimination Act 2004 even when bias is unintentional?

      • Yes - and we test our AI screening tools against discrimination outcomes (score 5)
      • Aware in principle, no testing (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: Federal anti-discrimination Acts apply to housing decisions regardless of intent. AI tools that produce systematically different outcomes by protected attribute can be unlawful even if the developer didn't intend bias. Document your fairness testing.

    32. Q32 (TEN, weight 3): Are you familiar with the prohibited questions / prohibited grounds under your state's Residential Tenancies Act (e.g. NSW RTA, Vic RTA 1997, Qld RTRAA 2008, WA RTA 1987) and the differences between states?

      • Yes - application form and AI screening criteria reviewed against the relevant state Act (score 5)
      • We use a national template that we've adjusted by state (score 3)
      • We use a single national application form (score 1)
      • No / Don't Know (score 0)

      If a weak option is selected: Residential Tenancies Acts vary by state - NSW, Victoria, Queensland, WA each prohibit different questions and grant different applicant rights. A single national form risks unlawful collection in at least one state. Map prohibited questions per state and ensure your AI screening doesn't reintroduce them.

    33. Q33 (TEN, weight 2): Do you understand the obligations on agents using residential tenancy databases (TICA, NTD, TRA) under Part IIIA of the Privacy Act?

      • Yes - including the obligation to give applicants notice, allow access and correction, and observe the 3-year listing limit (score 5)
      • We use these databases but haven't reviewed our Part IIIA obligations (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: Part IIIA Privacy Act regulates RTD use. You must give applicants written notice that you'll use a database, allow access and correction within prescribed timeframes, and observe listing rules including the 3-year limit. AI screening tools that wrap RTD data inherit these obligations.

    34. Q34 (TEN, weight 3): Do you check AI-generated tenant rankings or scores for systemic bias against applicants by gender, ethnicity, age, disability, or family status?

      • Yes - periodic bias audit with documented outcomes (score 5)
      • We rely on the vendor's claim that the model is fair (score 1)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Vendor claims of fairness are not enough. Run periodic bias audits on actual outcomes - applications received vs applications shortlisted vs applications approved, segmented by protected attribute. Investigate any disparity.

    35. Q35 (TEN, weight 2): When you reject a tenancy application based partially or wholly on an AI/automated assessment, do you provide a reason that meets state-based requirements?

      • Yes - written reason consistent with state RTA, with offer of human review (score 5)
      • Generic 'unsuccessful' notice (score 2)
      • Email rejection with no reason (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Several states require reasons for adverse tenancy decisions, and the emerging ADM regime expects them generally. Provide a reason consistent with your state's RTA and offer a human review pathway.

    36. Q36 (TEN, weight 2): Do you ensure AI-driven shortlisting doesn't filter out applicants on grounds that would be unlawful if applied directly (e.g. having children, being on Centrelink, being a single parent)?

      • Yes - shortlist criteria documented and reviewed for proxy discrimination (score 5)
      • We trust the AI to be neutral (score 1)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: AI tools often discriminate via proxies - postcode for ethnicity, employment type for income source, household composition for family status. State and federal anti-discrimination law applies to outcomes, not just stated criteria.

    37. Q37 (TEN, weight 2): Do you scrape applicant social media or public records as part of tenancy assessment?

      • No - we explicitly prohibit it (score 5)
      • Only with specific, separate consent for each search (score 4)
      • Sometimes informally (score 1)
      • Yes, routinely (score 0)

      If a weak option is selected: Social media scraping for tenancy decisions creates anti-discrimination, privacy, and APP 3.5 exposure (collecting from third parties without consent). Most agencies cannot justify it under APP 3 - prohibit it in your policies.

    38. Q38 (TEN, weight 2): Do you obtain explicit consent before using AI to generate or assess tenant references from social media or public sources?

      • Yes - separate, plain-English consent collected and recorded (score 5)
      • Buried in application terms (score 2)
      • No consent collected (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Buried consent is increasingly unlikely to satisfy 'informed consent' under the OAIC's current approach. Use a separate, plain-English consent for any third-party data scraping.

    39. Q39 (TEN, weight 2): When using AI to assess a vendor (seller) - for example to estimate sale price or buyer match - do you tell the vendor that AI is being used?

      • Yes - disclosed in the listing agreement (score 5)
      • Implied through general policy (score 2)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Vendors are also entitled to know when AI influences decisions about their property and pricing. Disclose AI use in the listing agreement and your privacy policy.

    40. Q40 (TEN, weight 3): Are you confident that your AI tenant-screening tool is not making the final approval/rejection decision without human input?

      • Yes - human always makes the final call, with documented review (score 5)
      • Mostly, but in busy periods AI shortlists are auto-rejected (score 1)
      • AI auto-rejects below a threshold (score 0)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Auto-rejection by AI is the highest-risk pattern under the ADM regime - it removes the human-in-the-loop exception and exposes the agency to discrimination claims. Always require human review of rejections.

    41. Q41 (API, weight 3): When a related party (e.g. a director's spouse, a family member's business) asks for API access to your PMS or CRM, do you understand that APP 11.1 still makes the agency responsible for the security of that data?

      • Yes - and we treat related-party requests with the same scrutiny as third-party vendors (score 5)
      • We assume related-party access is internal and lower risk (score 1)
      • We've granted access on trust without formal documentation (score 0)

      If a weak option is selected: APP 11.1 imposes the security obligation on the agency as the APP entity. There is no 'related party' exemption - a director's spouse, family member, or affiliated business is a third party to the agency for privacy purposes. Apply the same controls you would to any vendor.

    42. Q42 (API, weight 3): Do you understand that the moment a related party's separate business handles your agency's PII, that business may itself become an APP entity (or a contracted service provider) with its own privacy policy, NDB obligations, and APP 11 duties?

      • Yes - and we require any related-party recipient to demonstrate APP-equivalent controls before access is granted (score 5)
      • Aware in principle but haven't required documentation (score 2)
      • Hadn't considered the related party's own status (score 0)

      If a weak option is selected: An entity touching PII as part of a business activity may be caught by the Privacy Act in its own right - particularly if turnover exceeds $3M, it handles health information, or it acts as a contracted service provider. The related party's AI agents do not insulate them from these obligations.

    43. Q43 (API, weight 3): Have you reviewed the terms of service for your PMS/CRM (e.g. Property Tree, PropertyMe, Console Cloud, Vault RE, Inspect Real Estate) for clauses prohibiting sharing API credentials with unrelated parties?

      • Yes - confirmed in writing whether sharing is permitted, and obtained vendor consent if so (score 5)
      • Read the TOS once at signup (score 2)
      • No - assumed our credentials, our choice (score 0)

      If a weak option is selected: Major Australian real estate PMS providers prohibit sharing API credentials or programmatic access with unrelated third parties in their standard TOS. Sharing without vendor consent can void your contract, terminate your access, and create breach-of-contract exposure on top of any privacy issue.

    44. Q44 (API, weight 3): Before granting API access to any third party, do you require a written Data Processing Agreement (DPA) covering scope, purpose, data minimisation, sub-processors, breach notification, and termination?

      • Yes - DPA mandatory before any access is provisioned (score 5)
      • We rely on a verbal agreement or email (score 1)
      • We grant access on trust (score 0)

      If a weak option is selected: A written DPA is the minimum baseline before any third-party access. Without it, you have no legal recourse if the third party mishandles data, leaks credentials, or trains an AI on your customers.

    45. Q45 (API, weight 3): Do you apply least-privilege scoping to API keys - granting only the specific endpoints and data fields the recipient actually needs?

      • Yes - every API key is scoped to specific endpoints and read/write permissions (score 5)
      • We use a single global API key (score 1)
      • We share user account credentials rather than scoped API keys (score 0)
      • No / Don't Know (score 0)

      If a weak option is selected: Sharing user credentials or unscoped global API keys violates the principle of least privilege and is a documented APP 11 deficiency. Use scoped API keys with the minimum set of endpoints and the minimum data fields needed for the stated purpose.

    46. Q46 (API, weight 3): Are API keys rotated on a regular schedule and revoked immediately when access is no longer needed (or when the recipient's circumstances change)?

      • Yes - keys rotated at least every 90 days, revoked within 24 hours of cessation (score 5)
      • Rotated when we remember (score 2)
      • Never rotated (score 0)

      If a weak option is selected: API keys are credentials. They must be rotated on schedule, immediately on cessation of need, and immediately on any indicator of compromise. Stale long-lived keys are one of the most common breach vectors.

    47. Q47 (API, weight 3): Do you log every API call made with a third-party-issued key, including the endpoint, the data returned, and the timestamp - and do you review those logs?

      • Yes - full API access logging with periodic review (score 5)
      • Logs exist but aren't reviewed (score 2)
      • No logging (score 0)

      If a weak option is selected: Logging without review is theatre. APP 11 expects you to take reasonable steps to protect PII, which includes detecting misuse. Set up alerts for unusual access patterns and review logs at least monthly.

    48. Q48 (API, weight 3): Do you understand that AI agents which send PII into LLM APIs with training opt-out NOT enabled create a permanent, unrecoverable data leak?

      • Yes - and we have prohibited any AI integration that does not have verified training opt-out (score 5)
      • Aware but haven't enforced a rule (score 2)
      • Hadn't considered training as a separate issue (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: When PII is fed into an LLM with training-on, it becomes part of the model weights and is unrecoverable. This is a permanent breach of APP 11 (security) and APP 6 (use limitation). Verify training opt-out before any AI integration touches PII.

    49. Q49 (API, weight 3): When a vendor or related party requests 'all the API keys for all the systems', what is your standard response?

      • We require a written request, scoped to specific systems, specific endpoints, with documented purpose, logging, audit, revocation, and a signed DPA (score 5)
      • We provide what they ask for if we trust them (score 1)
      • We've already done this without formal documentation (score 0)

      If a weak option is selected: A request for 'all the API keys' is a red flag, not a request to fulfil. The compliant response is a written, scoped request per system, per endpoint, with a documented purpose, full logging and audit, revocation procedure, and signed DPA - same as you would for any unrelated vendor.

    50. Q50 (API, weight 3): If you have already shared API keys or credentials with a related party or AI agent without these controls, what is your plan?

      • We have not shared without controls (score 5)
      • We have shared and are revoking immediately while we put controls in place (score 4)
      • We have shared but haven't reviewed the position (score 1)
      • We have shared and aren't planning to change anything (score 0)

      If a weak option is selected: If unscoped keys are out there, revoke them today and re-issue under proper controls. Document the revocation, the gap period, and any access logs from the gap period as part of your APP 11 evidence trail. Consider whether the gap triggers NDB obligations.

    51. Q51 (API, weight 2): Do you have a documented cessation/revocation procedure that runs whenever a third party's access is no longer required?

      • Yes - same-day revocation, certificate of destruction obtained, audit trail (score 5)
      • Informal - we get to it eventually (score 2)
      • No procedure (score 0)

      If a weak option is selected: Same-day revocation is the standard. Document the procedure: revoke keys, terminate sessions, demand certificate of destruction for any cached PII, audit access in the prior 30 days, and record everything.

    52. Q52 (API, weight 2): Do you require third parties (including related parties) to notify you within 24 hours of any actual or suspected security incident affecting your data?

      • Yes - written 24-hour notification SLA in the DPA (score 5)
      • Verbal expectation only (score 2)
      • No notification requirement (score 0)

      If a weak option is selected: Your own NDB clock starts at awareness, and the maximum assessment window is 30 days. A late vendor notification eats into that window. Mandate 24-hour notification of any actual or suspected incident in writing.

    53. Q53 (MDC, weight 3): Are you aware that AI-generated content used in trade or commerce can breach s18 of the Australian Consumer Law (Misleading and Deceptive Conduct) regardless of intent?

      • Yes - and we fact-check every AI-generated marketing or transactional output before release (score 5)
      • Aware in principle (score 2)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: ACL s18 applies to misleading or deceptive conduct in trade or commerce regardless of intent. AI hallucinations don't get a carve-out - if an AI-generated listing description overstates floor area or invents a feature, the agency is liable as if a human had written it.

    54. Q54 (MDC, weight 3): Do you fact-check AI-generated property descriptions for accuracy before publication?

      • Yes - every AI-drafted listing reviewed by a licensed agent against source data (score 5)
      • Spot-checked (score 2)
      • Published as drafted (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: AI hallucinations in listing descriptions are a documented ACL s18 risk. Pool dimensions, room counts, school catchments, zoning, and proximity claims are common hallucination targets. Fact-check against contract data, not against the AI's own claims.

    55. Q55 (MDC, weight 2): When AI is used to draft contract clauses, special conditions, or disclosures, are those reviewed by a qualified person before signing?

      • Yes - every AI-drafted clause reviewed by a solicitor or licensed agent (score 5)
      • Reviewed informally (score 2)
      • Used as drafted (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: AI-drafted contract terms can introduce ambiguous or unenforceable provisions, miss state-specific requirements, or invent doctrinal references. Review before signing - and document the review.

    56. Q56 (MDC, weight 2): When AI is used to translate listing material or open-home brochures, do you have the translation reviewed by a competent speaker before publication?

      • Yes - human translator review (score 5)
      • Spot-checked (score 2)
      • Published as translated (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: AI translation routinely produces fluent-sounding but materially wrong text - particularly with measurements, currency, legal terms, and idiomatic claims. Have a competent speaker review any AI-translated material before publication.

    57. Q57 (MDC, weight 2): Are you familiar with the AI / advertising provisions in your industry-body code (REIA, REINSW, REIV, REIQ, REIWA, REISA, REIT, REINT)?

      • Yes - and our AI use is mapped against the relevant code (score 5)
      • Aware of the code, not specifically the AI provisions (score 2)
      • No / Don't Know (score 0)

      If a weak option is selected: REIA and most state institutes have updated guidance on AI use in advertising and client communication during 2024–2026. Review the relevant code and map your AI use to it - non-compliance can affect membership and may be cited in disciplinary or licensing complaints.

    58. Q58 (MDC, weight 2): Do you disclose to consumers when content (listing copy, response emails, chatbot replies) is AI-generated?

      • Yes - clear disclosure on AI-generated content (score 5)
      • Sometimes (score 2)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: Disclosure of AI-generated content is a Voluntary AI Safety Standard guardrail (Guardrail 6 - transparency) and is increasingly expected by regulators and consumers. Even where not legally mandated, disclosure reduces ACL s18 exposure when something goes wrong.

    59. Q59 (MDC, weight 3): Are you aware of the defamation risk in AI-generated tenant references, agent profiles, or rental history summaries?

      • Yes - and we don't publish AI-generated assessments of identifiable individuals without legal review (score 5)
      • Aware in principle (score 2)
      • Hadn't considered it (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: AI tools can produce false statements about identifiable individuals - 'this tenant has a history of arrears' when they don't, 'this agent has had complaints' when they haven't. These statements can be defamatory regardless of the AI source. Don't publish AI-generated content about identifiable individuals without legal review.

    60. Q60 (MDC, weight 2): Do you have a documented fact-check process for any AI-generated material before it leaves the agency?

      • Yes - written checklist applied to every AI output before release (score 5)
      • Informal (score 2)
      • No / Don't Know (score 0)
      • Not applicable to our use of AI (score 0)

      If a weak option is selected: A documented fact-check process - even a simple checklist (source data, names spelled correctly, no invented facts, no protected attributes used as criteria) - is your defence against ACL s18, defamation, and discrimination claims arising from AI output.

    Guidance

    Privacy & PII Fundamentals

    Before you can assess any AI or API decision, you need to know what you're protecting. The OAIC's current real-estate sweep is testing exactly the basics in this category - APP 1, APP 3, APP 5, APP 6, and APP 11.

    • Confirm your APP entity status in writing (Within 14 days · Privacy Officer): Most established agencies are APP entities. Confirm yours: turnover threshold, health information, contracted-service-provider status. Record the basis in your privacy file.
    • Itemise PII categories by party type (Within 30 days · Privacy Officer): Update your privacy policy to list what you collect from vendors, buyers, tenants, and applicants - separately. Generic 'name, address, contact details' descriptions don't satisfy APP 1.4.
    • Set retention periods by data type and enforce them (Within 60 days · Privacy Officer + IT): Open-home enquiries: 12 months from last contact. Declined applications: 6 months. Settled transactions: 7 years (tax/AML). Marketing contacts: until opt-out plus 30 days. Build automated deletion.
    • Test your NDB response by walking through a tabletop scenario (Within 90 days · Privacy Officer): Pick a realistic scenario (laptop theft, vendor breach, mis-sent email). Walk through 30-day assessment, OAIC notification, affected-individual notification. Document what worked and what didn't.

    Cross-Border & Vendor Risk

    APP 8 is the exposure that most agencies underestimate. Once you're using AI tools, marketing platforms, or cloud services, your data is almost certainly crossing borders - and you're accountable for what happens to it.

    • Build a vendor inventory with data residency and sub-processors (Within 60 days · Privacy Officer + IT): List every tool that touches PII. For each: vendor, jurisdiction, data residency, sub-processors, training-opt-out status, contract end date. CRMs, PMS, AI tools, email, SMS, chat, transcription, accounting, marketing.
    • Document APP 8 'reasonable steps' for every overseas tool (Within 90 days · Privacy Officer): For each overseas vendor, document either (a) reasonable steps you've taken to ensure APP-equivalent handling, or (b) the consent that authorises cross-border transfer. SOC 2 reports, ISO 27001 certifications, IRAP assessments, and signed DPAs are all evidence.
    • Verify training opt-out on every AI tool (Within 14 days · IT lead): Consumer AI accounts default to training-on. Switch to enterprise/business plans where training opt-out is verified, take screenshots of the setting, and store with your vendor records. PII pasted into a training-on model is a permanent leak.
    • Renegotiate breach-notification SLAs at every renewal (Process from now on · Operations): Your NDB clock starts at awareness; a vendor's slow notification eats into it. Push for 24–48 hour notification SLAs at every contract renewal.

    Automated Decisions

    From 10 December 2026, APP 1.7 requires you to disclose AI and automated decision-making in your privacy policy. The Voluntary AI Safety Standard 2024 sets the practical bar to clear in the meantime.

    • Build an AI/ADM inventory (Within 30 days · Privacy Officer + IT): List every tool that scores, ranks, recommends or auto-decides anything about clients. CRMs (lead scoring), PMS (tenant ranking), marketing tools, chatbots, LLM-powered drafting tools all count.
    • Map each tool against the 10 DISR Voluntary AI Safety Standard guardrails (Within 90 days · Privacy Officer): Accountability, risk management, data governance, testing, human control, transparency, contestability, supply chain, records, stakeholder engagement. For each tool, score yourself and document the gap.
    • Draft your ADM disclosure section (Before 10 Dec 2026 · Privacy Officer + legal review): Plain-English explanation of each ADM tool, the data it uses, the decisions it influences, and how clients can request human review. Get drafted by October 2026 to leave time for legal review and rollout.
    • Document human-in-the-loop oversight with audit trails (Within 60 days · Operations): For every AI tool that influences a decision, document who reviews, what they're checking, how the review is logged. 'A human approved this' only stands up if you can prove it.

    AI in Tenant & Vendor Decisions

    Tenancy decisions sit at the intersection of privacy, anti-discrimination, and consumer law. AI tools introduce new ways to fail every one of those frameworks at once.

    • Map prohibited questions and grounds per state (Within 30 days · Property Management lead): NSW, Vic, Qld, WA each have different RTA prohibitions. Build a per-state checklist and review your application form, AI screening criteria, and reference-checking questions against it.
    • Run a bias audit on actual AI screening outcomes (Within 90 days, then quarterly · Property Management lead): Pull data on applications received vs shortlisted vs approved, segmented by protected attribute (age, family status, etc) where you collect it. Investigate any disparity. Document outcomes.
    • Require human approval for every adverse tenancy decision (Process from now on · Property Management lead): Auto-rejection by AI is the highest-risk pattern. Configure your tools so a human always sees the application before a rejection email is sent, and log the review.
    • Provide written reasons and a human-review pathway for adverse decisions (Within 60 days · Property Management lead): State RTAs increasingly expect reasons; the ADM regime expects them generally. Standard adverse-decision template: reason, evidence, contact for human review, timeframe.

    API Access & Data Egress

    When someone asks for an API key - vendor, family member, AI agent - the request is in trade-off territory between operational convenience and regulatory exposure. Treat every request like you'd treat a stranger asking for the office keys: in writing, scoped, logged, revocable.

    • Inventory every existing API key, integration, and credential share (Within 14 days · IT lead): List every issued API key, who holds it, what systems it accesses, what data it can pull, when it was last rotated, and whether there's a written DPA. Anything you can't fully account for is revoked the same day, then re-issued under proper controls.
    • Build a written request-to-access process before any new API key is issued (Within 30 days · Director + IT lead): Mandatory before access is granted: written request, specific systems, specific endpoints, documented purpose, scoped key, logging, audit, rotation schedule, revocation procedure, signed DPA. Same process for related parties as for unrelated vendors.
    • Verify your PMS/CRM TOS on credential sharing (Within 30 days · Operations): Confirm in writing whether your Property Tree, PropertyMe, Console Cloud, Vault RE, Inspect Real Estate, Rex, Eagle, Box+Dice or other PMS/CRM contract permits API key sharing with related parties or AI agents. If silent or prohibited, get vendor consent before sharing.
    • Set up logging, alerting, and monthly log review on API access (Within 60 days · IT lead): Log every API call with key, endpoint, data returned, timestamp. Alert on unusual volumes, off-hours access, or new endpoints. Review monthly. Logs you don't review aren't evidence of APP 11 compliance.
    • Verify training opt-out on any AI agent that touches PII (Within 14 days · IT lead): If a related party's AI agent will pull PII through an API, the agent's LLM provider must have training opt-out enabled. PII fed into a training-on model is a permanent unrecoverable leak. No exceptions for 'we trust the AI provider'.

    Misleading & Deceptive AI Output

    ACL s18 doesn't care that the misleading statement came from an AI. You published it; you wear it. Hallucinations in listing copy, contracts, translations, and tenant references are the highest-frequency AI failure mode in real estate right now.

    • Document a fact-check checklist for every AI-generated output (Within 30 days · Sales Manager + Property Management lead): Source data verified. Names spelled correctly. No invented facts (rooms, dimensions, features, schools, zoning). No protected attributes used as criteria. No defamatory statements about identifiable individuals. Apply to every AI output before it leaves the agency.
    • Require licensed-agent review of AI-drafted listing material (Process from now on · Sales Manager): Every AI-drafted listing description, brochure, social post or marketing email reviewed against the contract data and source photos by a licensed agent before publication. Document the review.
    • Require solicitor review of AI-drafted contract clauses (Process from now on · Director): AI-generated contract terms, special conditions, or disclosure language reviewed by your solicitor before signing. AI tools invent doctrinal references and miss state-specific requirements.
    • Add 'AI-generated' disclosure to consumer-facing AI content (Within 60 days · Marketing lead): Where chatbots, AI-drafted emails, or AI-generated listings reach consumers, disclose that AI is involved. Voluntary AI Safety Standard Guardrail 6 expects it; reduces ACL s18 exposure when something goes wrong.

    Disclaimer

    General disclaimer

    This assessment is an indicative self-diagnostic tool and does not constitute legal, regulatory, or compliance advice. It reflects the regulatory landscape as of April 2026, including the Privacy and Other Legislation Amendment Act 2024 and the Voluntary AI Safety Standard 2024 published by the Department of Industry, Science and Resources.

    Privacy advice

    Privacy Act compliance involves factors specific to each agency's operations, systems, and contractual relationships. For a definitive privacy compliance review - particularly before granting API access or sharing customer data with a related party, vendor, or AI provider - consult a qualified privacy lawyer.

    AI and automation advice

    AI vendor due diligence is not a substitute for legal review. Vendor questionnaires, SOC 2 reports, and self-attestations from AI providers do not on their own discharge your obligations under APP 8, APP 11, or the emerging ADM disclosure regime. Get written advice before you let any third party - including a related party - connect to your systems.