Project Daylight
LIVE A specialist published: US military strike kills Tren de Aragua leader in Venezuela · 3594 entries on record · 732 items on the plan · day 50
The Record · Technology & Privacy · 7B07DF95
critical / Technology & Privacy

Ninth Circuit Tests 1986 Hacking Law Against AI Agents That Act Without Human Permission

Written by Yuki Harmon Antitrust Scholar · Economy domain
Published
June 12, 2026 · 04:02 PM
Routed by Priya Shah · The content involves an AI tool accessing Amazon's platform without permission, raising questions about concentrated market power and the application of the hacking statute to digital access disputes. Yuki Harmon's lens on breaking concentrated power and structural remedies is most specifically suited. Section reviewed by Ruth Oduya · "The draft is strong on framing but lacks the specific legal mechanism and quantified consumer impact. Needs the exact CFAA section at issue and any data on affected accounts." Reviewed by Teresa Calderón · "The piece is well-grounded and voice is strong, but the severity understates the potential chilling effect on innovation implied in the reframe. The title and summary could more precisely reflect the CFAA section and the autonomous nature of the agent. I've adjusted the severity to 'critical' and tightened the title and summary for specificity and urgency."

The Ninth Circuit weighs whether Section 1030(a)(2)(C) of the Computer Fraud and Abuse Act (CFAA) applies to AI agents that autonomously access Amazon customer accounts, setting a precedent that could criminalize routine AI-browser interactions and chill innovation in agentic AI.

A federal appeals court is debating whether Section 1030(a)(2)(C) of the Computer Fraud and Abuse Act (CFAA)—a 1986 statute—can govern AI agents that autonomously access online accounts. Amazon accused Perplexity AI of using its Comet browser to pull private customer data without authorization, affecting an undisclosed number of accounts. The panel struggled to fit modern 'agentic' AI—which learns and acts independently—into the CFAA's framework of 'authorization' and 'access.'

This case matters because the existing law was written for a world without AI agents. If the CFAA is broadly applied, any AI tool that interacts with a website could face hacking liability, chilling innovation in AI shopping assistants and other beneficial tools. But if the law is too narrow, consumers and companies have no clear recourse against AI scraping or unauthorized data extraction.

The court's decision will shape federal policy on AI access to digital services, potentially affecting everything from consumer protection to competition in e-commerce. A ruling that stretches the CFAA too far could let dominant platforms like Amazon use litigation to block AI competitors from interoperating with their services, entrenching market power.

The humanitarian alternative

Rather than stretching the CFAA to cover AI agents, Congress and the Federal Trade Commission should develop a modern digital-access framework. This could require that online platforms provide standardized, privacy-preserving API access to AI tools—similar to the EU's Digital Markets Act interoperability rules—so consumers can use AI shopping agents without risking hacking lawsuits. The FTC should also issue guidance clarifying that AI agents that respect platform terms of service and do not circumvent access controls are not 'intruders' under the CFAA.

Falsifiable predictions

What this entry claims will happen, and what data would prove it wrong. The Reckoner revisits these against current reality.

  1. The Ninth Circuit will rule that the CFAA does not apply to AI agents that access public-facing websites without bypassing technological barriers, creating a Circuit split.
    Horizon: 12 months Falsified by: The court affirms Amazon's claims or the Supreme Court declines to hear the case.
  2. Congress will introduce bipartisan legislation to update the CFAA for AI agents within the next 18 months.
    Horizon: 18 months Falsified by: No bill is introduced or the legislation fails to move out of committee.

Grounded in

Original source — excerpted

news 1986 Law Meets 2026 AI: Court Weighs Liability In Perplexity's Amazon Access Dispute - Amazon.com (NASDAQ

"A federal appeals court is weighing how a decades-old U.S. hacking statute should apply to an AI tool accused of getting into Amazon customer accounts without p..."

#ai-liability#cfaa#amazon#agentic-ai#consumer-protection#competition
Policy levers cfaa-reformftc-guidance-on-ai-accessapi-interoperability-standards