An Outlaw AI Agent?

artificial intelligiencecybersecuritydata security
Written By Hennrietta Smith

In the preliminary injunction stage, a state court in Northern California has found that continued access by AI agents into a website that explicitly prohibits such agents from accessing user accounts may violate state and federal law – even when the user of the agent has given permission to that agent to access their own account. The case involves an Amazon account, to which the legitimate subscriber to that account sent an AI agent to access. The problem is that Amazon prohibits such access by agents unless those agents specifically identify themselves electronically, after which they are limited only to the public portions of the Amazon website. A user sent an agent called “Comet,” made by Perplexity AI, Inc., into the Amazon ecommerce site without meeting that requirement. Amazon therefore filed for a preliminary injunction to stop Comet from accessing Amazon user accounts. 

The court ruled that Amazon was likely to prevail on its claims under the federal Computer Fraud and Abuse Act (CFAA) and the California Comprehensive Computer Data Access and Fraud Act (CDAFA). A primary issue was whether the user’s consent for the AI agent to access their own account was sufficient to meet Amazon’s requirements. The court found that it was not, that the user did not have sufficient authority to authorize it, and that the Amazon policy barred such access. The court also noted that Amazon had sent a cease-and-desist order to Perplexity; it therefore further prohibited Perplexity from using any accounts to access Amazon’s protected computer systems and required Perplexity to delete any Amazon customer data that it collected using its AI agent on password-protected areas of Amazon’s website. Perplexity is currently appealing the verdict. 

Companies that want to ban such access to their websites are advised to issue clear-cut policies prohibiting same, and developers of AI agents that are intended to access password-protected accounts should have procedures in place to verify any restrictions or prohibitions in target accounts.

Hennrietta Smith
Previous

Emphasis on AI May Result in Cuts to Employee Pay and Workers’ Compensation
Next

AI Is Generating “Workslop”