As organisations accelerate their use of digital platforms and AI, privacy risk is no longer driven by what they intentionally do, but by what they overlook.

This article highlights five commonly forgotten privacy issues that continue to surface across digital and AI ecosystems: failing to account for personal information that is held (not just collected), ignoring personal information created by AI, retaining chatbot and GenAI conversations by default, underestimating the scope of automated decision‑making obligations, and falling behind the heightened security expectations under APP 11.3.

Each issue represents a quiet but material risk - regulatory, reputational and operational. More importantly, each presents a practical opportunity for organisations to strengthen privacy governance and demonstrably build trust with customers, individuals and regulators.

Addressing these gaps now delivers quick compliance wins, reduces future exposure, and signals that an organisation understands what responsible use of digital services and AI really requires.

Download the full article below.