AI Safety Institute risks becoming a 'toothless tiger' without sovereign capability
Australia now has a National AI Plan and a new AI Safety Institute on the way by early 2026, backed by nearly $30 million. The direction is right. The risk is real: if our core models remain foreign-built and foreign-hosted, the institute's influence will be limited where it matters most-procurement, security, and enforcement.
Why sovereignty matters for government
Simon Kriss, CEO of Sovereign Australia AI, backs the plan but warns that relying on offshore models exposes agencies to misaligned values and legal risks. He points to the US CLOUD Act, which can compel American companies to hand over data stored overseas-an obvious concern for sensitive government workloads.
"For Australian businesses to begin to trust in and adopt AI, we must be assured that the models we use are built under Australian law and that none of our data ever leaves Australian shores," he said. That expectation should be baseline for government systems.
CLOUD Act (US Congress) | Safe and responsible AI (Australian Government)
What the plan delivers
The government will establish the AI Safety Institute to support a safer AI ecosystem and set guardrails. It will also develop GovAI-a centralised, Australian-based hosting service to let agencies build secure, customised AI solutions at lower cost.
The plan recognises the upside of local models: better cultural context, stronger data security, and a path to genuine sovereign capability. It also commits Australia to active international rule-setting as a responsible middle power.
The security reality: new and unknown threats
The plan is blunt: AI will amplify existing national security issues and introduce new ones. Home Affairs and law enforcement will take a proactive posture, but agencies should not assume central teams can absorb all the risk.
Threats won't wait for perfect frameworks. Procurement, architecture, and data handling decisions made this quarter will set your exposure for years.
What government agencies should do now
- Mandate data residency and sovereignty in procurement: Australian hosting, no cross-border transfer, no US CLOUD Act exposure via sub-processors.
- Prefer locally developed or locally hosted models for workloads with citizen data, policy advice, or operational intelligence.
- Adopt GovAI as the default platform as soon as it's available; plan migration paths now.
- Run legal and risk due diligence on vendors: ownership chain, jurisdiction, data access pathways, model update pipelines, and audit rights.
- Segment workloads: use higher-assurance models for sensitive tasks; confine experimentation to non-sensitive sandboxes.
- Build evaluation pipelines for bias, security, model drift, and data leakage. Treat AI like software plus policy risk, not a plug-and-play tool.
- Stand up incident response for AI-specific failures: prompt injection, data exfiltration, synthetic media, and model supply chain issues.
Procurement guardrails to bake in
- Explicit bans on training or fine-tuning on your data without written approval.
- Transparent model lineage, training sources, and safety testing results.
- Local key management, logging, and administrator access controls.
- Independent security assessments and routine red-teaming for high-impact systems.
- Clear exit plans: data deletion timelines, model portability, and IP boundaries.
Building capability across the public service
The institute and GovAI create a foundation. For it to stick, agencies need skills-policy, legal, data, and engineering-inside the building. That includes literacy for executives and hands-on training for delivery teams.
If your team needs practical upskilling for safe AI adoption in government, see these resources: AI courses by job and popular AI certifications.
Bottom line
The National AI Plan is a strong step. But without sovereign models and firm procurement rules, the AI Safety Institute will be stuck advising on systems it can't fully influence.
Build locally where it counts, set hard requirements where you must, and treat AI as critical infrastructure-because that's what it's becoming.
Your membership also unlocks:
