The Australian Government’s 2025-26 budget was released on Tuesday. In this short blog post, elevenM’s Piotr Debowski has a look at some of the privacy, cyber security and tech wins and losses.
Additional $14M in funding to the Office of the Australian Information Commissioner (OAIC)
The OAIC will receive an additional $8.7M in general-purpose funding spread across three years. Given that at the backend of 2024 the OAIC lost up to 30% of its workforce due to a $11M government funding roll-off, this doesn’t bring them back into the black, but it is a positive step towards re-equipping the regulator.
The OAIC was busy in 2024, dealing with a 20% increase in privacy complaints and undertaking various regulatory action, including litigation which resulted in an enforceable undertaking by Meta, and investigations into several retail giants use of biometric technology leading to determinations in 7-Eleven and Bunnings.
The OAIC is going to need all the extra money they’ve been promised, as 2025 promises to be no quieter, with the OAIC hiring two new Executive General Managers (compliance and reforms) as well as being tasked with developing a Children’s Privacy Code by the end of 2026 following tranche one Privacy Act reforms (for which they received separate funding in the 2024 MYEFO).
It’s also worth noting that the Privacy Act reforms have given the OAIC new civil penalty and infringement notice powers, which they will need budget to use. And with the latest mandatory data breach notification report showing an uptick in data breach notifications, it seems likely that they will have more work than available budget.
As well as general funding, this budget has allocated $5.3M in 2025-26 to the OAIC so it can deliver its oversight role of the Government’s digital identity and document verification services. The OAIC has recently released a new Digital ID regulatory strategy, which would indicate that they are planning an active role in this space.
Countering scams which are costing Aussies billions
Since 2020, Australians have been collectively losing billions to scams. Scams peaked in 2022 costing Australians an estimated $3.1B. In 2025, the Australian Government noticed and passed the Scam Prevention Framework, administered by the Australian Competition and Consumer Commission. The number of scams and their impacts have been going down, but the government hasn’t released the accelerator yet, announcing an additional $3.4M to strengthen the Framework.
An additional $6.7M has also been earmarked in 2025–26 to extend the operation of the National Anti-Scam Centre to continue protecting Australians from scam activity. This builds on the over $180M the Government has invested since 2022–23 across a range of anti-scam initiatives, which has seen annual scam losses decrease by over $1B since 2022.
Silent on investing in artificial intelligence, but loud on delivering and modernising existing technology
The budget did not include any explicit line items on new funding for investment in fields such as artificial intelligence or quantum technology, but that’s not to say that work isn’t being done in this space, given that Australia does have a National Quantum Strategy.
The Treasurer did comment that “AI could contribute up to $600B annually to the economy by the end of the decade”. It’s worth noting that last year’s budget included $39M over five years for safe and responsible AI, but this is not guaranteed if there is a change of Government.
Instead, the budget has a couple of explicit line items centred around modernising and delivering technology to more Australians, including $228.7M to further implementation of the My Health Record, and $3B to complete the rollout of the National Broadband Network.
Light on cybersecurity, this time
The last two budgets saw significant investment in cyber security, and this year’s budget has been criticized for being “light” in this area, which is particularly interesting given the Australian Government’s 2030 Cyber Strategy to be “a world leader in cyber security by 2030”. It’s also worth noting the passing of several key pieces of cyber security legalisation last calendar year, that we might have expected to attract additional funding for implementation and oversight.
Notwithstanding this, Budget Paper 1, which provides an overview, only talks about cyber security half a dozen times, with the most detailed paragraph referencing the $60M that the Government has invested in cyber security for small business since 2023-24.
There is additional (but unspecified) funding for the Department of Prime Minister and Cabinet to strengthen IT systems across the Government. But beyond this, with no additional mentions of cyber security in Budget Paper 2 (which provides line items on additional funding for specific departments or projects), there is clearly no additional funding for cyber security in this round.
In conclusion
The Government is clearly giving some support to the OAIC’s mandate by bringing their general funding up slightly (rather than just funding for specific projects). But overall, with light spending in this and in cyber security, the focus of this budget seems to be more on addressing cost of living to win votes at election time, with privacy, cyber security and digital trust coming in as lesser priorities.
Contact us
If you’re interested in support with cyber security or privacy in your organisation, please contact us.