AI Hiring and Performance Tools Under Australia's Positive Duty: What HR Must Control, practitioner guidance from TheAICommand
← HR & AI
Practical guidance

AI Hiring and Performance Tools Under Australia's Positive Duty: What HR Must Control

AI screening, ranking and performance tools sit squarely inside the positive duty under the Sex Discrimination Act, the Fair Work Act and the Privacy Act. Here is the control framework Australian HR teams need before they deploy.

People & Culture. Written for Australian HR and people teams. General information only. Not legal or HR advice. Employment decisions stay with people.

Quick answer

AI hiring and performance tools fall within the positive duty in section 47C of the Sex Discrimination Act 1984. HR must take reasonable and proportionate measures to prevent unlawful discrimination, including bias testing, human review, candidate transparency, vendor due diligence and record-keeping. The AHRC has enforced this duty since 12 December 2023.

Australian HR teams are deploying AI to screen resumes, rank candidates, score video interviews and flag performance outliers. The productivity case is real. The legal exposure is too, and it has changed shape. Since the Respect at Work reforms, the question is no longer only "did this tool discriminate against someone who complained". It is "did the organisation take proactive steps to stop discrimination happening in the first place". That shift puts AI tooling squarely inside the positive duty, and it makes HR the accountable owner.

This article sets out the legal architecture an Australian HR function needs to understand before it buys, configures or keeps running an AI hiring or performance tool, then gives a control framework you can operationalise.

What is the positive duty, and does it actually reach AI tools?

The positive duty sits in section 47C of the Sex Discrimination Act 1984 (Cth). It requires employers and persons conducting a business or undertaking to take "reasonable and proportionate measures to eliminate, as far as possible" unlawful sex discrimination, sexual harassment, sex-based harassment, conduct creating a hostile workplace environment, and related victimisation. It applies to every Australian business with obligations under the Act, regardless of size, from sole traders to government, as the Australian Human Rights Commission explains.

Two dates matter. The duty itself commenced on 12 December 2022. The AHRC's compliance and enforcement powers commenced a year later, on 12 December 2023. This is not a complaints-driven scheme. The Commission can act when it "reasonably suspects" non-compliance, and the consent of the organisation is not required to start an inquiry.

The duty is a duty of action, not a duty triggered by a victim. An AI screening tool that systematically disadvantages women returning from parental leave is a hazard the duty expects you to identify and control before anyone is harmed. The fact that the bias is buried in a model rather than written into a policy does not move it outside scope. If anything, an opaque tool that nobody has tested is harder to defend as a "reasonable and proportionate measure".

How can an AI screening or ranking tool produce unlawful discrimination?

Most AI hiring tools will not discriminate directly. They are unlikely to be coded to reject women or older applicants. The risk is indirect discrimination, and Australian law has a specific test for it.

Section 7B of the Sex Discrimination Act deals with a condition, requirement or practice that has, or is likely to have, the effect of disadvantaging people of a particular sex, marital or relationship status, pregnancy, or other protected attribute. Such a condition is unlawful unless it is "reasonable in the circumstances". The matters relevant to reasonableness are the nature and extent of the disadvantage, the feasibility of overcoming or mitigating it, and whether the disadvantage is proportionate to the result the organisation is seeking.

An AI tool is a condition, requirement or practice. When you require every applicant to pass an automated CV ranking, or to record a video interview scored by an algorithm, you have imposed a practice on the whole applicant pool. If that practice scores one group lower on average, you have a disadvantaging effect to justify.

Concrete ways this happens in practice:

  • A model trained on a historically male-dominated workforce learns that the existing high performers share features correlated with sex, and ranks similar candidates higher.
  • A resume screener penalises employment gaps, which disproportionately affects women who have taken parental leave and people with disability or caring responsibilities.
  • A video interview tool scores speech patterns, accents or facial expressions in ways that disadvantage people from non-English-speaking backgrounds, people with disability, or neurodivergent candidates.
  • A performance tool that ranks staff by raw output or hours logged disadvantages part-time and flexible workers, who are more likely to be women and carers.

Crucially, section 7C of the Act places the burden of proving reasonableness on the person who imposed the condition. If a candidate or employee establishes the disadvantaging effect, the organisation must prove the tool was reasonable. "The vendor told us it was unbiased" is not proof. Bias testing evidence, a documented business rationale and a record of less-discriminatory alternatives considered is what discharges that burden.

How do the Fair Work Act and the Privacy Act change the picture?

The Sex Discrimination Act is not the only exposure. AI hiring and performance decisions sit at the intersection of three regimes.

The Fair Work Act 2009 (Cth) protects employees and prospective employees. Under section 351, an employer must not take adverse action against a person, including a prospective employee, because of attributes such as sex, race, age, physical or mental disability, marital status, family or carer's responsibilities, pregnancy, religion or political opinion. Refusing to employ a candidate, or offering less favourable terms, can be adverse action. If an AI tool filters a candidate out and the filtering is connected to a protected attribute, a general protections claim is available, and these claims carry a reverse onus on the reason for the action. The protection reaches the recruitment stage, not just existing staff, which is exactly where automated screening operates.

The Privacy Act 1988 (Cth) governs the personal information these tools ingest and generate. The OAIC's guidance on privacy and the use of commercially available AI products, published on 21 October 2024, is directly relevant to HR. It confirms that personal information entered into an AI system, and personal information the system infers or generates, both attract Australian Privacy Principle obligations. Three principles bite hardest in hiring:

  • APP 3 and APP 6: collecting candidate data and feeding it to an AI tool must be reasonably necessary, and using it for AI scoring may be a secondary purpose the candidate did not reasonably expect. Inferred attributes count as a fresh collection.
  • APP 10: you must take reasonable steps to ensure personal information is accurate, and the OAIC says that standard rises with the risk. An AI tool that infers a candidate's suitability from noisy signals raises accuracy risk that you must actively manage.

Read together, the message is consistent across all three regimes. You cannot outsource the judgment to a model and treat the output as a fact. A human has to own the decision, the inputs have to be lawful, and the disadvantage has to be tested and justified.

What does a defensible control framework look like?

The positive duty is satisfied by reasonable and proportionate measures, scaled to the size, nature and resources of the organisation. A large employer running AI across thousands of applicants will be expected to do more than a small business using a single off-the-shelf tool. The following controls map to what a regulator would expect to see documented.

Bias testing before and during use. Test the tool for disparate impact across protected attributes before go-live, and on a recurring schedule after, because models drift as the applicant pool and training data change. Measure selection rates by group, not just overall accuracy. Keep the results. If you cannot test a tool because the vendor will not give you the data, that is itself a finding you must act on.

Human review that is real, not a rubber stamp. A human must make the substantive decision, with authority and information to overrule the tool. Reviewers need to see why the tool ranked or scored someone, not just the score. Decisions that simply ratify the AI output without independent assessment will not look like a meaningful safeguard if challenged.

Candidate and employee transparency. Tell people an AI tool is being used, what it assesses, and how to seek a review or an adjustment. Transparency supports your Privacy Act notification obligations and gives candidates with disability the chance to request reasonable adjustments, which itself reduces discrimination risk.

Vendor due diligence. Before procurement, obtain the vendor's bias testing methodology and results, the data the model was trained on, the personal information flows, and contractual commitments on accuracy, data handling and your right to audit. The OAIC guidance makes clear that using a third-party product does not transfer your privacy obligations to the vendor. The same is true of discrimination liability.

Record-keeping. Keep evidence of the business rationale for each tool, the alternatives considered, the bias testing, the human review steps, and the transparency provided. This is the material that discharges the reverse burden under section 7C and demonstrates reasonable and proportionate measures under section 47C.

What should HR never do?

A short list of moves that convert manageable risk into indefensible exposure:

  • Never deploy a screening or ranking tool with no disparate-impact testing and no plan to test it. An untested tool is the clearest example of failing to take reasonable measures.
  • Never treat the AI score as the decision. If the human "review" cannot in practice change the outcome, you do not have human review.
  • Never feed candidate or employee personal information into a consumer AI tool that is not approved, contracted and assessed for privacy. Free chatbots are not a hiring system.
  • Never rely on a vendor's marketing claim of "bias-free" or "compliant" as your evidence. Get the underlying data, or treat the absence of it as a red flag.
  • Never assume the duty only applies once someone complains. The AHRC can inquire on suspicion alone, and the duty is owed continuously.

Where to start this quarter

If you are using AI in hiring or performance now, the first step is an inventory: which tools, what they assess, what personal information they touch, and whether any disparate-impact testing exists. Most HR teams discover tools running inside their applicant tracking system or assessment platform that were switched on without a governance step. Map them, test the highest-volume ones first, install a genuine human review gate, and document a clear business rationale for each. That sequence is both the privacy-safe path and the evidence trail that satisfies the positive duty. The goal is not to abandon AI. It is to be able to show, on demand, that you took reasonable and proportionate measures to use it without discriminating.

TheAICommand. Intelligence, At Your Command.

Frequently asked questions

Does the positive duty apply to small businesses using a single AI hiring tool?
Yes. The positive duty in section 47C of the Sex Discrimination Act applies to all employers and businesses with obligations under the Act, regardless of size. What counts as reasonable and proportionate scales with the organisation's size and resources, so a small business is expected to do less than a large one, but the duty still applies.
Can a candidate sue if an AI tool screens them out?
Potentially under several regimes. They may bring an indirect discrimination claim under the Sex Discrimination Act if the tool disadvantages a protected group, or a general protections claim under section 351 of the Fair Work Act, which protects prospective employees. The AHRC can also inquire into the employer's compliance with the positive duty independently of any complaint.
Who bears the burden of proving an AI tool was not discriminatory?
The employer. Under section 7C of the Sex Discrimination Act, once a candidate shows a condition or practice had a disadvantaging effect, the burden of proving it was reasonable falls on the person who imposed it. For an AI tool, that means producing bias testing, a business rationale and evidence of less-discriminatory alternatives considered.
When did the AHRC get powers to enforce the positive duty?
The AHRC's compliance and enforcement powers commenced on 12 December 2023, one year after the duty itself began on 12 December 2022. Under the Australian Human Rights Commission Act 1986, the Commission can inquire where it reasonably suspects non-compliance, issue compliance notices and accept enforceable undertakings, without needing the organisation's consent.
Can we put candidate resumes into a public AI chatbot to summarise them?
Not safely. The OAIC's 2024 AI guidance treats personal information entered into a commercial AI product as attracting Australian Privacy Principle obligations, including use limits under APP 6 and accuracy under APP 10. Candidate data should only go into an approved, contracted system that has been assessed for privacy, not a general consumer chatbot.
← Back to HR & AI

Read next

Hervey Bay Esplanade Dusk
HR & AIPeople & Culture·

AI Can Analyse Your Engagement Survey Without Surveilling Your People

AI can read every free-text comment in your engagement survey and turn a thousand of them into themes in minutes. Done well, it finally puts that feedback to use. Done badly, it turns a survey into surveillance. Here is the line, and a workflow that stays on the right side of it.

Read article
Albany Princess Royal Harbour Dusk
HR & AIEmployee Relations·

AI in Workplace Investigations: Organise the File, Not the Finding

AI can compress the administrative weight of a workplace investigation: planning, transcribing, organising evidence, drafting the framework. It cannot assess credibility, weigh the evidence or make the finding. Here is how to use it without compromising procedural fairness.

Read article
Geelong Johnstone Park Blue Hour
HR & AIPractical guidance·

AI Worker Monitoring in Australia: What HR Can and Cannot Do

A practitioner guide for Australian HR teams on the privacy, surveillance, Fair Work and WHS rules that govern AI monitoring of workers, including the new automated decision-making transparency duty from 10 December 2026.

Read article

Content disclaimer: This article is for general educational purposes only and does not constitute legal, HR, or professional advice. Employment, privacy, and workplace-relations obligations vary by circumstance. All AI outputs described in this article require human review before use.