Menu
Sign In Create Account
SEO

Amazon vs. Perplexity: The Landmark CFAA Case Determining the Future of AI Agents

Home » Blog » Amazon vs. Perplexity: The Landmark CFAA Case Determining the Future of AI Agents

by theanh June 3, 2026

Introduction: A Legal Battle Over Digital Agency

The intersection of artificial intelligence and internet law is facing a critical test in the case of Amazon vs. Perplexity. At the heart of this dispute is the use of ‘Comet,’ an AI-powered browser developed by Perplexity that allows users to delegate tasks—such as shopping and account management—to an autonomous agent. The outcome of this legal battle will determine whether AI agents, acting under explicit user authorization, have the legal right to visit and interact with password-protected sections of a website.

This case isn’t just about two tech giants; it is the first major U.S. legal test of ‘agent-as-visitor’ rights. The ruling will set a precedent for every e-commerce platform, SaaS provider, and booking site globally, redefining who is considered an ‘authorized visitor’ in an era of delegated AI autonomy.

Timeline of the Conflict: From Injunction to Appeal

The legal skirmish accelerated rapidly between March and May 2026, moving through three pivotal stages:

  • The Initial Lawsuit: Amazon sued Perplexity, alleging that Comet’s ability to log into user accounts and complete checkouts constituted unauthorized access to Amazon’s computer systems. Amazon further claimed trademark infringement and unfair competition due to how Comet renders Amazon pages within its own interface.
  • The Preliminary Injunction: On March 10, 2026, U.S. District Judge Maxine Chesney ruled in favor of Amazon, granting a preliminary injunction. The court found that Amazon’s Terms of Service (ToS) govern access, and a user’s permission to an AI agent does not automatically grant that agent authorization from the website owner.
  • The Appellate Pivot: Shortly after, the Ninth Circuit Court of Appeals paused the injunction. This procedural move was significant, as appellate stays of preliminary injunctions are rare and suggest the court may find Perplexity’s arguments compelling. On May 8, 2026, Perplexity filed its appellate brief, supported by digital-rights groups like the Electronic Frontier Foundation (EFF) and Mozilla.

Decoding the CFAA: Hacking vs. Delegation

The primary legal weapon in Amazon’s arsenal is the Computer Fraud and Abuse Act (CFAA) of 1986. Originally designed to combat malicious hacking, the CFAA has been stretched over decades to cover web scraping and account sharing. However, the 2021 Supreme Court ruling in Van Buren v. United States narrowed the scope, stating that accessing a system for an ‘improper purpose’ does not necessarily mean the access itself was ‘unauthorized.’

Amazon’s Argument

Amazon posits a three-pronged theory: First, their ToS explicitly forbids automated access. Second, once Comet logs in, the agent—not the human—becomes the visitor. Third, since Amazon never authorized the software, the access is a violation of the CFAA, regardless of the user’s intent.

Perplexity’s Counter-Argument

Perplexity argues through the lens of the legal-agency doctrine. They contend that the user is the principal and Comet is merely the tool. In this view, the AI agent’s actions are imputed to the user. Therefore, if the user is authorized to access their account, the agent acting on their behalf is also authorized. Perplexity suggests that treating this as a criminal violation would create a ‘trap’ for any modern user who employs AI to manage their digital life.

The Stakes: Why This Matters for the Entire Web

The Ninth Circuit’s decision will establish the ‘load-bearing precedent’ for the agentic web. There are two primary potential outcomes:

Scenario A: Amazon Wins

If the court affirms the lower ruling, the CFAA becomes a powerful tool for websites to block AI agents. This would allow retailers to stop AI price-comparison agents, banks to block AI financial managers, and SaaS platforms to prevent AI-driven workflow automation. The Terms of Service would essentially override user intent.

Scenario B: Perplexity Wins

A victory for Perplexity would push the CFAA back into its narrow lane of anti-hacking. Websites would lose the ability to use federal criminal law to block delegated agents. Instead, they would have to rely on technical blocks (like robots.txt), civil contract disputes, or the creation of partnership APIs to manage AI traffic.

Strategic Recommendations for Website Owners

Regardless of the June 11 oral arguments in Seattle, website owners should proactively decide their ‘agent posture’ rather than relying on outdated defaults:

  • Audit Your Terms of Service: Check if your ‘automated access’ clauses were written for 2010-era scrapers or if they address modern AI agents acting for users.
  • Review Access Controls: Evaluate your robots.txt and WAF settings. Are you blocking user-centric bots like ChatGPT-User or PerplexityBot by default?
  • Choose a Posture: Decide if you want to Welcome (accept and optimize for agents), Block (use technical and legal barriers), or Partner (build dedicated APIs for AI agents to interact with your data without scraping).
Tags:
#AI Agents#Amazon#CFAA#Digital Rights#Generative AI#Perplexity AI#Technology Law#Web Scraping
Share:
Previous Post What Google’s New AI Guide Actually Debunks (And What It Doesn’t)
Next Post Comfort Meets Content: A Peek Inside Google India’s YouTube-Themed Event Space

Leave a Reply