Weekly Digest

Week of 8 Dec 2025

8 Dec 2025 – 14 Dec 2025 · Generated 16 May 2026, 02:22 PM AEST · 5 items across 2 sections

This week at a glance

This week brings a cluster of significant Australian AI governance developments that practitioners will need to work through before the end of the year. The release of the National AI Plan, the APS AI Plan 2025, and the announcement of a $30 million Australian AI Safety Institute represent the most substantive shift in the domestic policy landscape in some time, though the Government's own AI Expert Group has raised concerns about strategic clarity and regulatory adequacy that are worth understanding before advising on implementation. The DTA's new whole-of-government Cloud Policy, effective July 2026, adds a further structural consideration for AI deployment planning given its embedded governance and security requirements for non-corporate Commonwealth entities. Rounding out the week, NIST's evaluation of a PRC-origin open-weight model offers a useful methodological reference for agencies assessing AI supply chain risk, while OECD findings on AI impact assessment practice—noting that only a quarter of member countries conduct thorough assessments—provide comparative context for Australia's own measurement approaches.

Headlines

primary source commentary

Australian Government4 items

Good Ancestors – AI Policy & Governance Newsletter(Multi) (undated)

AI Policy and Governance Newsletter — December 2025

Good Ancestors' December 2025 newsletter leads with the Australian Government's release of the National AI Plan and announcement of the Australian AI Safety Institute, a $30 million body due to operate from early 2026. The newsletter notes broad support for the AISI but significant criticism of the Plan's voluntary, guidance-over-guardrails approach. Also covered are the DTA's APS AI Plan 2025, public concern data from ANU's National Security College (77% of Australians rate AI attacks as a major or moderate threat), Anthropic's reported AI-orchestrated espionage campaign, a wave of frontier model releases, Senator Pocock's deepfake bill, CSIRO restructuring, Trump's prospective AI executive order, and EU criticism over AI Act delays. Featured publications include IAPP's Australian AI governance analysis, RBA survey data on AI adoption, and the Tech Design Policy Institute's 'AI agency' discussion paper.

Key points

  • Good Ancestors' December 2025 newsletter covers Australia's National AI Plan, AISI announcement, and multiple international developments.
  • The Australian AISI ($30m, early 2026 start) and National AI Plan are the headline items, with APS AI Plan also featured.
  • Newsletter spans AI espionage, model releases, deepfake legislation, CSIRO restructure, and EU AI Act delays across 15+ distinct items.

Implications

  • Consider APS policy and strategy teams could engage directly with the National AI Plan and DTA's APS AI Plan 2025 — both are now live and shape the operating context for agency AI work.
  • Monitor Agencies may want to monitor the AISI's establishment trajectory, funding adequacy debates, and its integration into whole-of-government AI safety coordination from early 2026.
  • Monitor The ANU survey finding that AI attacks rank as Australians' top national security concern is worth tracking for implications on public communications and risk framing in agency AI strategies.
DTA – Media Releases(AU) 8 Dec 2025

New Cloud Policy: Accelerating secure, modern government services

The DTA has released a new whole-of-government Cloud Policy, effective 1 July 2026, establishing a unified framework for cloud adoption across the APS. Applying mandatorily to non-corporate Commonwealth entities, the policy sets five core requirements: prioritising cloud solutions, leveraging contemporary platforms, adopting cloud responsibly and securely, improving cost transparency, and building cloud skills. DTA explicitly frames the policy as enabling responsible use of emerging technologies, including AI, by helping agencies move off legacy systems onto scalable, interoperable infrastructure. It integrates with Digital Investment Plans and advances the Data and Digital Government Strategy.

Key points

  • DTA's new whole-of-government Cloud Policy takes effect 1 July 2026 for non-corporate Commonwealth entities.
  • Policy explicitly positions cloud infrastructure as the foundation for AI adoption across the APS.
  • Five core requirements cover cloud prioritisation, security, cost transparency, interoperability, and workforce skills.

Implications

  • Implement Non-corporate Commonwealth entities should begin aligning digital investment planning and cloud transition roadmaps to the policy's five requirements ahead of the 1 July 2026 commencement.
  • Consider AI strategy and governance teams could assess how agency AI use case pipelines depend on cloud infrastructure maturity, and whether current environments meet the policy's interoperability and security expectations.
  • Monitor Agencies may want to monitor annual policy reviews and associated DTA guidance, as these will shape future digital investment approval processes and cloud procurement conditions.
NIST – AI News (topic 2753736)(US) 12 Dec 2025

CAISI Evaluation of Kimi K2 Thinking

NIST's Center for AI Standards and Innovation (CAISI) published a capability evaluation of Kimi K2 Thinking, an open-weight model released in November 2025 by China's Moonshot AI. The evaluation found it to be the most capable PRC-developed model at the time of release, though it trails leading US models across cyber, software engineering, science, and mathematics benchmarks. A notable finding is its strong censorship of Chinese-language content aligned with CCP narratives, while remaining relatively uncensored in English and other languages. Its limited adoption - downloaded far less than comparable models - is also noted. This evaluation extends CAISI's ongoing comparative work on frontier open-weight models from PRC developers.

Key points

  • CAISI evaluated Kimi K2 Thinking, finding it the most capable PRC-origin AI model at release but still behind leading US models.
  • The evaluation benchmarks cyber, software engineering, scientific knowledge, and mathematical reasoning - directly relevant to APS risk assessments of open-weight models.
  • Kimi K2 Thinking is heavily censored in Chinese but relatively uncensored in English, Spanish, and Arabic - a notable asymmetry.

Implications

  • Consider Agencies assessing open-weight AI models for procurement or deployment could consider CAISI's published benchmarks as one input to comparative capability and risk assessments.
  • Monitor Policy and security teams may want to monitor CAISI's ongoing evaluation series as it builds a comparative picture of PRC-origin model capabilities over time.
DTA – Media Releases(Multi) 8 Dec 2025

E-Leaders explore human centred design, measuring what matters, and rethinking investment

DTA's recap of Day 2 of the OECD E-Leaders meeting covers four sessions: human-centred design and data governance, digital identity system governance and cross-border interoperability, measuring AI's impact on government efficiency, and strategic digital investment management. OECD data shows only 25% of member countries conduct thorough AI impact assessments, with Australia's Investment Oversight Framework cited alongside Estonia, Korea, and the UK as a comparative approach. Broader themes include data interoperability gaps, agile funding models, and shared infrastructure. The item is descriptive and reflects Australia's active engagement in OECD digital government forums rather than announcing new domestic policy.

Key points

  • DTA hosted OECD E-Leaders Day 2, covering human-centred design, digital identity, AI measurement, and digital investment.
  • Only a quarter of OECD countries conduct thorough AI impact assessments; Australia's Investment Oversight Framework was highlighted as a comparative example.
  • AI measurement is one thread among several - the item is broader digital government practice than AI-specific governance.

Implications

  • Monitor Strategy and governance teams may want to monitor OECD E-Leaders outputs for international benchmarking data that can inform APS AI evaluation and investment frameworks.
  • Consider Agencies developing AI impact assessment approaches could consider how Australia's Investment Oversight Framework compares to OECD peer approaches highlighted in this forum.

Technical Developments1 item

Import AI – Substack (Jack Clark)(Global) 8 Dec 2025

Import AI 437: Co-improving AI; RL dreams; AI labels might be annoying

Import AI issue 437 covers four topics. First, a Facebook AI Research paper argues for 'co-improving' AI — humans and machines collaboratively developing superintelligence — rather than autonomous self-improvement, framed as safer but acknowledged as aspirational. Second, a discussion of EU product labelling complexity illustrates how apparently simple AI labelling mandates can impose heavy compliance costs, using IKEA's experience as an analogy. Third, researchers from multiple US universities have released SimWorld, an Unreal Engine 5 simulator for training and evaluating AI agents at scale. Fourth, DeepMind details SIMA 2, a Gemini-based game-playing agent that demonstrates strong generalisation and a self-improvement scaffold, with implications for robotics.

Key points

  • Import AI's issue 437 covers four distinct topics: co-improving AI, AI labelling policy complexity, SimWorld simulator, and DeepMind's SIMA 2 agent.
  • The AI labelling section directly illustrates why simple-sounding AI policy can impose significant compliance burdens on industry.
  • Coverage is research-forward and internationally focused; limited direct APS operational relevance but useful as a frontier signal.

Implications

  • Monitor Policy teams working on AI transparency or labelling requirements may want to monitor how EU labelling compliance burdens evolve as a reference case for proportionality design.
  • Consider Agencies tracking frontier AI capability could consider the SIMA 2 self-improvement findings as early signal for how autonomous agent capability is advancing beyond controlled game environments.

Implications are AI-generated. Starting points, not advice — see methodology for how they're framed.