Google's New AI Training Setting Puts Australia on Notice

Google’s New Default AI Training Setting Puts Australia on Notice

Google’s new default AI training settings impact Australian workplaces. Learn how to manage data privacy and Google Search, Lens, and Translate usage.

Jul 9, 2026

For most Australian employees, Google Search, Lens, and Translate aren’t optional AI tools they’ve chosen to try; they’re simply how work gets done, on company laptops and personal phones alike. That’s what makes Google’s latest change different from the usual AI product update.

The shift isn’t simply about another AI feature. It changes what can happen to the screenshots, photos, voice queries, and other media people routinely upload while solving everyday work problems. Because these Google services are already embedded into daily workflows, a default setting can influence far more people than those who intentionally sign up for AI tools.

That reach is difficult to ignore. Google holds roughly 88% of Australia’s search market and more than 90% on mobile, according to Statcounter Global Stats. Now, the company has begun using saved media, images, files, audio, and video generated through everyday interactions with Search, Lens, and Translate to train its AI models unless users manually opt out, according to a Google support document.

That’s a meaningfully different kind of data than Google has trained on before. It isn’t public web pages being crawled; it’s the screenshot an employee just took, the document they photographed, or the voice query they ran while troubleshooting a client issue.

Australia is tightening how AI can use personal data

The timing matters. From 10 December 2026, entities covered by Australia’s Privacy Act must disclose in their privacy policies how personal information is used in automated decision-making. The Office of the Australian Information Commissioner (OAIC) is due to publish formal guidance on those disclosure obligations by September 2026.

Canberra has also opted against a standalone AI law for now, choosing instead to rely on the Privacy Act, Consumer Law, and a newly launched Australian Artificial Intelligence Safety Institute to police AI risk under the National AI Plan. That “technology-neutral” approach still leaves default data-collection settings, like the one Google just introduced, squarely inside the scope of the Privacy Act.

Australians have been here before. In 2024, Meta’s global privacy director admitted to a Senate inquiry that the company had scraped nearly two decades of public Facebook and Instagram posts from Australian users to train its AI, with no local opt-out available, unlike in the EU. Google’s Search change follows the same pattern industry-wide: default collection, opt-out rather than opt-in, and a privacy policy most users will never read in full.

When a screenshot becomes a business record

The practical risk for Australian organisations isn’t a single Lens search. It’s a habit. Employees routinely use Google Search, Lens, and Translate to solve small work problems: screenshotting an error message, translating a supplier document, snapping a photo of a faulty product, or Lens-searching a part number. Each action feels routine, but under the new setting, that media may now be retained and used to train Google’s models unless the employee has already switched off related activity settings.

That default matters more than it looks. IT and security teams cannot assume staff have opted out simply because a company has an AI policy on file; the setting is on unless someone actively turns it off.

Google, too, has confirmed that disabling it going forward does not delete media already saved. A consumer privacy choice, in other words, can quietly become a corporate data governance issue the moment the uploaded image contains customer information, contract terms, source code, or an unreleased product. That argues for data classification and staff awareness ahead of any new setting, not just a policy update after the fact.

Advertisement

More Google coverage

Another consumer AI tool lands on an already crowded governance stack

Australian organizations are not managing this in isolation. Roy Morgan’s recent research found that 13.6 million Australians used AI tools such as ChatGPT, Google Gemini, and Microsoft Copilot in an average four-week period during the March 2026 quarter. Gemini alone reached an estimated 5 million users.

Many of those organizations are simultaneously rolling out Copilot or Gemini through managed enterprise agreements while employees separately use the consumer versions of Search, Lens, and Translate on personal and work devices alike.

Google’s change adds one more consumer-facing surface that can absorb work-related content, and it does so across both managed and unmanaged devices, which is precisely where enterprise AI governance tends to break down.

What Australian IT and security teams can do now

Australian organizations don’t need to wait for the OAIC’s September guidance to act. A few concrete steps:

  • Turn off Save Media for company-managed Google accounts via My Google Activity, under Search Services History, and confirm the change applies across managed device fleets, not just individual accounts.
  • Update acceptable-use policies to explicitly name Google Search, Lens, and Translate, alongside existing rules for ChatGPT, Copilot, and Gemini, rather than relying on a general “AI tools” clause.
  • Extend BYOD guidance to specifically cover Search app uploads, since Lens and Translate are mobile habits that often bypass corporate device controls.
  • Flag that opting out doesn’t retroactively remove previously saved media, so any past uploads of sensitive material need separate deletion requests, not just a settings change.

Australia’s decision to regulate AI through existing laws rather than a dedicated AI Act means defaults like this one will keep testing the edges of the Privacy Act rather than triggering new rules written specifically for them. Until the OAIC’s guidance lands, the practical burden of catching them sits with employers, not regulators.

Joseph Ofonagoro

Joseph is a technical writer with about three years of experience creating clear, practical content across consumer technology, startups, tutorials, and cybersecurity. He is also advancing a career in cyber threat intelligence, driven by a strong interest in the responsible use of technology and its role in protecting people, organizations, and digital systems. His passion for cybersecurity grew out of a broader commitment to helping others understand technology safely and effectively. As an undergraduate at the National Open University of Nigeria, he leads a community of technology enthusiasts, guiding beginners, sharing learning resources, and helping students build confidence as they explore careers in tech. Joseph’s writing combines technical curiosity with an accessible, beginner-friendly style. In addition to his editorial work, he periodically shares cybersecurity case studies and research reports on social media, covering threat trends, security lessons, and practical insights for readers interested in cyber awareness and digital safety.