Australian Regulators Come Together on Privacy, Online Safety

Australia’s digital regulatory landscape is consolidating as eSafety and the Office of the Australian Information Commissioner (OAIC) formalise cooperation through a memorandum of understanding. By aligning the mandates of the Privacy Act and the Online Safety Act, the two bodies can jointly tackle cross‑cutting threats such as biometric data misuse, age‑verification gaps, and the rapid emergence of large‑language‑model AI. The MoU also establishes clear liaison channels, reducing duplication and accelerating the response to incidents that affect both privacy and safety, a move that industry observers view as a template for other jurisdictions grappling with overlapping digital mandates.

The first joint action under the MoU targets the gaming sector, where eSafety has issued enforceable transparency notices to four major platforms—Roblox, Minecraft, Fortnite and Steam. The notices demand detailed reporting on child‑protection policies, moderation staffing, and design choices that could enable grooming or extremist content. Non‑compliance carries steep penalties of up to AU$49.5 million (about US$35.5 million) per breach or AU$825,000 (≈US$590 k) per day, signaling a shift from advisory guidance to punitive enforcement. Roblox, already facing a US$35.8 million settlement with American states over child‑safety claims, now faces heightened scrutiny in Australia, where its age‑tiered accounts and privacy settings will be closely audited.

Internationally, the Australian crackdown resonates with concerns in Canada, where a public‑safety brief has singled out Roblox as a conduit for youth radicalisation. Both governments are exploring stricter age‑verification regimes, reflecting a broader trend of treating immersive gaming platforms as social media equivalents subject to the same safety standards. As regulators tighten the net, platforms will need to invest in robust identity checks, AI‑driven content moderation, and transparent reporting to avoid costly penalties and preserve user trust. The coordinated Australian approach may therefore set a precedent that shapes global policy on digital safety and privacy.