For non AU domains, please see this article.
While it's possible to hide personal information on WHOIS for some domain extensions - it's not permitted when you register .com.au or any other .au domain names.
Domain privacy services work by replacing the real registrant's contact details with that of the service.
The practise is expressly prohibited in the auDA's (the body overseeing the .au name space) WHOIS Policy (2010-06) and Registrant Contact Information Policy (2010-07).
In the Registrant Contact Information Policy, the auDA notes in section 2.4, clause b) that the registrant must not:
"do anything which may have the effect of concealing the true identity of the registrant or the registrant contact (eg. by using a private or proxy registration service), unless specifically permitted otherwise by another auDA published policy."
Private registration can be useful, but it can also frustrate the efforts of Australian law enforcement agencies and consumer advocates when trying to track down issues relating to fraud and other criminal activities carried out online. It can also create headaches as the private registration service may be considered the legal owner of the domain.
Registrars that offer or appear to offer a private registration service for Australian domain names may be doing so in breach of the .au Domain Name Suppliers' Code of Practice (2004-04).
While personal information cannot be hidden, what is publicly accessible is limited; for example, the street address, telephone and fax numbers of registrants is not disclosed.
Even though an email address is revealed in WHOIS search results, the registrant is not compelled to nominate their own personal email address for their domain name record, but they must provide an email address at which they can be contacted.
On a related topic, it's very important to keep your details up to date. Aside from being an obligation as an Australian web address registrant, the details are utilised by the registrar to communicate important information, such as looming domain expiry. The email address is also used in cases where a registrant forgets the password and a new password has to be sent, or a transfer request is initiated.