Saturday morning, waking up with Cote Rotie fueled hangover, my 10y old bugging me to allow him to use his Nintendo Switch for 1 hour (yes, he’s only allowed 1 hour per day on the weekends). I say to my ChatGPT’s Atlas “Find a iPhone 17 Pro case under $40, decent reviews, fast shipping, not a sketchy brand.” – Yes, I broke the case last night …

Two minutes later, it logs in, checks my past orders, dodges three sponsored traps, applies a coupon I forgot existed, and tees up a one-tap checkout. I didn’t “browse.” I just made a decision. The agent did the grunt work.

That, in a nutshell, is why this lawsuit matters.

On November 4th, 2025, Amazon sued Perplexity over Comet, an “agentic” AI browser that can log into sites and complete tasks end-to-end. Amazon says Comet impersonated users and broke house rules. Perplexity says: users consented; the agent is their delegate; no server-side credential hoarding. So, is this permissioned automation, or automation that needs a platform permission slip?

What sparked my reflexion on the subject

I’ve spent years building safety and standards frameworks where “move fast” meets “don’t break trust.” The first time I watched an AI agent bulldoze an some online research, skip three “recommended for you” detours, compare total cost (shipping included), and buy the right thing in seconds, my marketer brain winced. My operator brain cheered. The online world just met its efficiency auditor.

The Facts, without the spin

• Parties: Amazon is suing Perplexity AI over Comet’s logged-in automations, alleging unauthorized access, policy violations, and misrepresentation. Perplexity argues the agent acts under explicit user consent and doesn’t store credentials server-side.
• What is Comet? A Chrome-based (hi Google), AI-native browser for “do this for me” workflows: shopping, comparisons, checkouts, the boring bits we avoid.
• Why now? Agents are collapsing click paths. When you compress “search → ad → landing page → cart” into “buy,” the economics (and control points) light up like a Christmas tree.

Why this case is a pivotal moment for agentic AI?

1. User autonomy vs. platform sovereignty Is my agent an extension of me across the web, or a bot that needs a hall pass from every platform? That’s the battle line.
2. Transparency norms for bots How should agents identify themselves? What house rules are reasonable? This will spill into banking, healthcare, travel, any login-to-do-something workflow.
3. CFAA & ToS in the agent era If using my credentials via an agent is “unauthorized,” expect a stretch of computer-misuse laws into user-delegated automation. That either clarifies safety or chills innovation.
4. The ad moat vs. a friction-killer Agents don’t impulse-buy your “sponsored maybe.” They optimize. ARPU will feel that. Follow the money; it’s louder than any legal brief.
5. We’ve seen cousins of this fight Travel aggregators, food delivery, fintech connectors, first “screen-scraping villains,” later standardized access, rate limits, and détente. Courts can nudge us there again.

How agentic shopping actually works

Tell your agent what you want. It authenticates, fetches, filters, price-checks, applies credits, and asks for approval. You keep intent and control; it kills busywork.

Humor beat: The internet has two modes: “please look at my ad” and “no, seriously, please look at my ad.” Agents quietly presses “skip.” Or “next” like the Bachelor, or the Democratic party …

Stakeholder voices (the real-world chorus)

• Consumer (me, you): “Save me time and money, just don’t buy from a knockoff or torch my rewards.”
• Merchant: “Send me real customers, not break-my-cart bots. Give me clean orders, clear attribution, fewer chargebacks.”
• Platform PM: “Identify yourself, respect rate limits, don’t mess with coupons or fraud controls, then we can talk certified access.”
• AI builder: “Give us a spec to implement: bot identity, consent scopes, least-privilege sessions, auditable logs.”
• Regulator: “Great … efficiency. Now show me the safety rails and recourse when things go wrong. We need Maythe5th clarity please”

The stakes

For consumers

Upside: Time back, consistent savings, fewer dark-pattern detours.

Risk: Over-optimization can ignore context (brand ethics, warranties, sustainability). And if platforms lock agents, your “assistant” becomes their chaperone.

For the bots (sorry, the AI industry)

Precedent on “agent rights.” A court calling user-delegated automation “trespass” would throttle open innovation, or shove it into pay-to-play partner programs.

For e-commerce

Revenue mix shock: Fewer ad impressions and upsells; more disciplined price-quality pressure. Expect “Certified Agent” toll lanes, access with SLAs, telemetry, and fees.

For regulators

Interoperability vs. safety: This rhymes with Right-to-Repair and data portability. The trick is consumer protection without gifting platforms a kill switch on user choice.

Quick takes (snackable)

• This isn’t scraping headlines; it’s logged-in transactions, the sharp legal edge of agents.
• Agents compress funnels. Platforms will respond with rules, not vibes.
• Clean narrative collision: user freedom vs. platform integrity. Both matter; neither should be absolute.

What to watch next

Early motions: I’m no lawyer but I believe a TRO would signal claimed immediate harm and set the temperature

Forensics: How Comet identifies itself, scopes access, and logs actions, today’s discovery is tomorrow’s standard.

Copycat cases: Win or lose, others will follow (retail, travel, fintech).

Standards proposals: Bot Identity (no human mimicry), Consent Scopes (search/compare/buy), Least-Privilege, Rate Limits, Auditable Trails.

A pragmatic path forward, I think

Skip the absolutism. Make it boring, auditable, and fair:

Agents must:

1. Disclose identity at the protocol level, no human cosplay.
2. Get explicit, revocable consent for logins, purchases, and data scopes (“search,” “compare,” “buy”).
3. Use least-privilege + velocity caps to prevent fraud, scraping abuse, and coupon churn.
4. Produce user-owned, verifiable logs that platforms can review under due process.

Platforms should:

• Offer a non-discriminatory Certified Agent Program with test suites, SLAs, and graduated access.
• Enforce rules evenly (bots and humans) and stop hiding ad arbitrage behind “safety.”
• Publish a bot behavior spec any responsible agent can implement, and any court can parse.

Result: users keep autonomy; platforms keep integrity; merchants get cleaner demand. Everyone loses a little control, and the ecosystem gains a lot of trust.

Call to action (and a dry wink)

If you use AI assistants, demand two things: transparency (what it did, under which scope, with which identity) and choice (switch agents without losing access).

If you run a platform, ship the spec, certify agents, protect customers,without turning the open web into a permission-only mall.

Humor beat: Think of agents like designated drivers for your online errands, sober, predictable, and slightly allergic to impulse buys.

Because the real question isn’t whether software can shop for us, it’s whether we still decide how it does it.

So, where should the line be? Should user-authorized agents have baseline access rights across the web, with transparency and limits, or should every platform get veto power over our digital delegates? And if we choose the latter, what exactly is left of the “open” in the open internet?

Sources: Americain Bazaar Online – Reuters – My Amazon Guy – Lunabase – Business Insider – CNBC – India Times – Reddit – Digital Commerce 360 – SDX Central – LW – The Register – TechCrunch – Talk about a rabbit hole …