On March 9, 2026, Judge Chesney granted a preliminary injunction in Amazon v. Perplexity, ruling that Amazon was likely to succeed on its Computer Fraud and Abuse Act (CFAA) and California Penal Code section 502 claims against Perplexity's Comet browser and shopping agent. The case represents the first major federal court test of how traditional computer-access law applies to agentic AI—AI systems that don't just answer questions but actively perform tasks on behalf of users, like buying products or coordinating multi-step workflows through logged-in accounts.
What Makes This Different From Web Scraping
Agentic AI isn't scraping data; it's acting as a delegated representative executing user preferences in real time. Perplexity's Comet allowed software to shop for users through Amazon using their own credentials—essentially automating the boring parts of e-commerce that humans hate but still require judgment to complete. The author argues courts have treated this like standard unauthorized-access litigation when it raises fundamentally different questions about whether a platform can veto any third-party agent, even one operating at a user's explicit direction.
The Power Ventures Problem
The court applied the Power Ventures framework—a precedent where login credentials plus a cease-and-desist letter equals CFAA liability. This means if there's a password anywhere in the flow, platforms can usually crush unwanted integrations regardless of how benign or socially useful they are. But Perplexity's factual situation differs from Power Ventures: Comet wasn't building a competing service or harvesting user data for marketing purposes. The user was still shopping on Amazon; they simply delegated parts of the workflow to software. The opinion makes 'zero effort' to analyze whether AI agents should be treated like browsers, human assistants using delegated credentials, or something else entirely under agency-law concepts.
Anti-Competitive Implications and the Ad-Blocking Problem
Perplexity's core argument is that Amazon dislikes a user tool that routes around its preferred shopping and advertising experience. AI agents 'don't have eyeballs' for the ads Amazon uses to monetize its marketplace. This framing exposes how intermediaries threaten incumbents by reducing friction, reordering presentation, or weakening monetization levers—the same dynamic that made search engines, price-comparison tools, browser extensions, and API integrations controversial at various points in internet history.
The Public Interest Question Wasn't Serious
The court acknowledged Perplexity's argument about consumer choice and innovation but dismissed it with reasoning the author calls 'as thin and fragile as overcooked spaghetti.' The court's position essentially boiled down to: the platform says it's not allowed, therefore it's not allowed, and preventing unauthorized access serves the public interest. This circular logic makes the CFAA 'one giant circle of enforcing platform preferences' rather than a law against actual hacking or malicious automation.
Key Takeaways
- Judge Chesney's preliminary injunction treats agentic AI like traditional web scraping despite fundamental technical differences
- The Power Ventures doctrine lets platforms veto any logged-in integration by simply sending cease-and-desist letters
- Courts haven't analyzed whether AI agents should be treated like browsers, human assistants, or a new legal category entirely
- Anti-competitive concerns are real: if AI agents don't see ads, they threaten e-commerce giants' monetization models
The Bottom Line
The CFAA is becoming whatever large platforms want it to be—not a law against hacking but a legal cudgel against unwanted interoperability. Until courts acknowledge that users should be allowed to delegate tasks to software that they're legally permitted to perform themselves, the 'agentic web' will remain at the mercy of platform preferences rather than genuine security concerns.