The Federal AI AGENT Act: Consumer Protection in AI Clothing?
Overview of the Proposal
On June 29, 2026, Senator Mark Warner (D-VA) released a discussion draft of the Artificial Intelligence Access, Gatekeeper Exchange, and Nondiscriminatory Transfer Act of 2026 (the AI AGENT Act), a proposed federal framework for governing how consumer-focused autonomous AI agents interact with large online platforms. The proposal would require covered platforms to permit authorized third-party AI agents to access the platform functionally "on the same terms as a user" through interoperable, non-discriminatory interfaces.
Although not yet introduced, the draft bill represents one of the first serious federal efforts to regulate consumer-facing "agentic" AI systems—autonomous tools capable of acting on behalf of users to transact, communicate, manage accounts, and interact with online services—and could significantly reshape the structure of online commerce and platform competition if enacted. And, while framed primarily as a consumer-protection measure, the proposal would also alter longstanding assumptions about who controls digital platform ecosystems—with potentially substantial downstream implications.
The draft bill would apply primarily to "large online platforms," defined as platforms with more than 50 million U.S. customers or subscribers in any month during the prior 12-month period. As drafted, the proposal could reach a broad range of consumer-facing services, including social media companies, e-commerce providers, fintech platforms, communications services, digital assistants, and AI providers. The scope of coverage, however, is likely to generate substantial debate if the proposal advances.
The Federal Trade Commission (FTC) would serve as the principal enforcement authority, while the National Institute of Standards and Technology (NIST) would play a substantial standards-development role.
Key Components
The draft has four principal components: (1) covered platforms must allow users to delegate their access rights to AI agents; (2) covered platforms must meet interoperability obligations so that registered agents can function on the platform; (3) AI agents are subject to non-waivable, fiduciary-style duties covering data use, privacy and cybersecurity; and (4) the FTC will administer a registration framework for AI-agent providers certifying compliance with agents' obligations.
User Delegation Rights and Platform Interoperability Duties
At the center of the proposal is a "right of delegation." Users would be permitted to designate "custodial user agents" as authorized representatives for online interactions, electronic commerce decisions, user-generated content on covered platforms, and account settings on a covered platform on the same terms as a user. The proposal would therefore treat AI agents not merely as automated software tools, but as legally recognized intermediaries acting on behalf of users in specified contexts.
The draft does not address when an AI agent's conduct legally binds the user under existing agency, contract, payment, or electronic-transactions law. Those questions could become significant where an AI agent misunderstands instructions, exceeds authorization, or initiates unintended transactions.
To support the proposed delegation framework, covered platforms would be required to maintain transparent interfaces accessible to authorized AI agents on "fair, reasonable, and nondiscriminatory terms." The underlying assumption seems to be that AI agents would not simply control a user's browser—an architecture that would not seem to require an interface other than what already exists—but would instead enter covered platforms via a separate "door."
The proposal would prohibit platforms from excluding third-party AI agents or favoring proprietary platform-affiliated agents over competing services. These provisions—which echo common carrier provisions in the Communications Act (47 U.S.C. §§ 201-202), rules for licensing standard-essential patents, and even civil rights laws—have the potential to generate substantial technical and legal disputes. For example, the platforms would need to maintain interoperability with their own AI agents and to provide "functionally equivalent" access to competing agents. Questions concerning technical parity, interface functionality, and discriminatory treatment may well become important if the legislation advances.
At the same time, the draft would permit platforms to impose privacy and security requirements, deny access while deficiencies are cured, revoke access for agents engaged in repeated fraudulent or malicious activity, and impose usage limits or cost-based fees. Denials of access would need to be reported to the FTC and would be subject to administrative review.
Fiduciary-Style Duties for AI Agents
The draft assumes that many consumers will obtain AI agents from third-party providers rather than directly from platforms or by "DIY" coding. Based on that assumption, the draft would impose a series of non-waivable obligations on AI agents and, effectively, on their providers as well.
Among other duties, AI agents would be required to safeguard user data, avoid self-dealing, avoid foreseeable harm to users, follow user instructions and expectations, maintain real-time auditable records of agent actions, and refrain from using, sharing, or retaining user data for advertising, behavioral profiling, or unrelated secondary commercial purposes—all while exercising "the care, skill, and diligence that an ordinarily prudent person would reasonably be expected to exercise."
Collectively, these obligations would place substantial pressure on business models that rely on behavioral advertising, consumer profiling, or monetization of user activity data. Although the draft does not expressly prohibit advertising-supported AI agents, the statutory duties could make certain compensation structures legally difficult to sustain. Agent providers may instead need to rely on subscriptions, flat-fee arrangements, enterprise sponsorships, or other models less likely to create conflicts between user interests, provider interests, and platform incentives.
Whether such models will prove commercially viable at scale remains uncertain.
FTC and NIST Oversight and Governance
The draft would establish a registration-and-oversight framework administered by the FTC. AI-agent providers would need to register before accessing covered platform interfaces. The FTC would also establish procedures for deregistering providers that fail to comply with statutory obligations governing AI-agent conduct.
Violations of the Act would be treated as violations of an FTC rule, potentially exposing both platforms and AI-agent providers to significant civil penalties. The proposal also would permit penalties to be assessed on a per-user basis.
In addition to registration and enforcement authority, the FTC would establish standardized terms governing delegation relationships, create sector-specific access rules, recognize independent certification bodies, and develop specialized requirements for platform-affiliated agents.
The draft also contemplates a broader technical-compliance ecosystem involving third-party certification organizations, interoperability standards, auditing requirements, and authentication frameworks. Certification by a recognized certification body would create a rebuttable presumption of compliance with the bill's duties governing AI agents.
Finally, the draft would require NIST to identify open protocols, or develop and publish standards if no such protocols exist, to enable scope-limited and verifiable real-time consent delegation and revocation, along with auditable verification of custodial user agent identity, registration status, and actions taken by custodial user agents on behalf of users. In this regard, existing protocols that NIST may choose to consult include those developed, or under development by the Internet Engineering Task Force, the Internet Identity Workshop (summarized here), and the IEEE.
Open Questions and Policy Implications
Liability for Unauthorized or Erroneous Agent Conduct
The draft bill is premised on the idea that AI agents will be used to act on behalf of users in ways that carry legal consequences. Yet many consumer AI agents are likely to rely on large language models (LLMs), which remain probabilistic systems capable of misunderstanding instructions, generating erroneous outputs, or acting unpredictably.
Those characteristics create challenging questions regarding liability allocation. Disputes may arise where an agent acts consistently with an ambiguous instruction, where an agent exceeds authorization due to hallucination or software error, or where an agent is manipulated through prompt injection or other forms of adversarial interference.
For example, a user instructing an AI agent to "book a good hotel in New York" may receive accommodations significantly more expensive than intended. Even more concerning, an agent could initiate plainly unauthorized transactions while still using valid credentials and authenticated access.
The draft does not directly resolve how losses should be allocated among consumers, sellers, platforms, and AI-agent providers in such circumstances. Existing statutory and regulatory frameworks governing unauthorized transactions, rescission rights, and consumer-payment protections may provide partial analogies, but they do not map neatly onto autonomous AI-agent conduct.
Prompt Injection and "Advertising" to AI Agents
The draft AI AGENT Act arrives amid growing concern regarding prompt injection attacks and manipulation of AI-agent behavior. Because LLMs can struggle to distinguish between user instructions and external content encountered online, websites and sellers may attempt to influence AI-agent conduct through content optimized specifically for machine consumption.
In some cases, such conduct could amount to fraud or manipulation designed to induce unauthorized purchases or disclosure of sensitive information. In other cases, however, sellers may simply seek to persuade AI agents to select their products over competitors offering similar terms.
As AI agents become more common intermediaries in online commerce, questions concerning acceptable influence, manipulation, and "advertising" directed toward AI systems are likely to become increasingly important. The distinction between legitimate persuasion and impermissible interference may prove difficult to administer in practice.
Potential Disruption of Existing Online Business Models
The draft's fiduciary-style obligations could also disrupt significant portions of the existing online advertising ecosystem. Much of today's digital economy depends on observing user behavior and then influencing consumer decision-making through targeted advertising, personalized recommendations, and behavioral optimization techniques. AI agents operating under statutory duties of loyalty, however, will likely respond differently than human users. Agents acting solely in users' interests, for example, may be designed to ignore many forms of conventional advertising, avoid impulse-purchase inducements, and prioritize price, efficiency, and users' pre-defined preferences.
As AI agents proliferate, online platforms and sellers may shift toward efforts to influence the agents themselves rather than the underlying human users. The proposal, therefore, raises broader questions not only about consumer protection and platform competition, but also about how AI agents may alter the economic assumptions underlying much commerce on the modern internet.
Looking Ahead
The discussion draft of the AI AGENT Act reflects a significant early effort to establish a legal and technical framework governing the conduct and use of consumer AI agents. Its core objectives are to ensure that users can deploy AI agents across major online platforms while limiting discriminatory practices and constraining potential abuses by AI-agent providers.
At the same time, the draft leaves a range of important questions unresolved, including liability allocation when agents act unpredictably, the treatment of prompt injection and agent manipulation, and the broader economic consequences of widespread agent-mediated commerce.
As a discussion draft, the AI AGENT Act is likely to evolve substantially. Even in its current form, however, it provides an important indication of how policymakers may begin approaching the regulation of consumer AI agents and platform interoperability.
+++
Katherine Sheriff is a senior associate and head of DWT's mobility and transportation industry group, and Christopher Savage is a partner in DWT's Washington, D.C. office. DWT will continue monitoring developments relating to the AI AGENT Act, including any revisions or formal introduction of the bill, as well as other federal AI policy proposals. Senator Warner has invited public comment on the draft legislation, and we are available to assist clients in preparing and submitting comments. If you have any questions or would like assistance, please reach out to the authors or another member of our artificial intelligence, privacy & security, or technology teams. To stay informed about these or other developments, sign up for our alerts.