A landmark legal battle between Amazon and Perplexity is about to test whether AI agents acting under explicit user authorization count as authorized visitors to websites. The Ninth Circuit Court of Appeals will hear oral arguments on June 11, 2026, in Seattle, in a case that could determine the future of AI shopping assistants, travel agents, and countless other automated tools that users delegate to handle online tasks.

What Is Perplexity's Comet, and Why Did Amazon Sue?

Perplexity's Comet is an AI-powered browser that can log into a user's Amazon account using stored credentials, browse products on the user's behalf, and complete purchases through Amazon's checkout system. Amazon filed suit in early 2026, arguing that this access violates the Computer Fraud and Abuse Act (CFAA), a federal law originally written in 1986 to combat hacking and unauthorized computer intrusion.

Amazon's legal argument rests on three key claims. First, Amazon's terms of service explicitly prohibit automated access and reserve the site for human browsing only. Second, when Comet logs in, the AI agent itself becomes the visitor from Amazon's perspective, not the user. Third, because Amazon never authorized Comet specifically, the agent's access is "without authorization" under the CFAA, regardless of whether the user gave permission.

How Has the Case Moved Through the Courts So Far?

The case has progressed through three distinct phases in just eight weeks. On March 10, 2026, U.S. District Judge Maxine Chesney granted Amazon a preliminary injunction, blocking Comet from accessing password-protected portions of Amazon.com, including account pages, order history, and checkout flows. The judge accepted Amazon's CFAA theory at this stage, ruling that a user's instruction to an agent does not extend authorization to the agent itself.

But roughly a week later, the Ninth Circuit Court of Appeals paused the injunction pending Perplexity's appeal. This procedural move was significant. Appellate stays of preliminary injunctions are uncommon enough to signal that the higher court may be skeptical of the lower court's reasoning. The pause allowed Comet to continue operating on Amazon's logged-in pages while the appeal proceeded.

On May 8, 2026, Perplexity filed its appellate brief, calling Amazon's CFAA theory "a fundamental misfit" for an AI agent visiting under explicit user authorization. The brief argued that the user is the authorized party at all times, that Comet acts under delegated authority, and that Amazon's contractual terms cannot create federal criminal violations out of lawful access on the user's behalf.

What Legal Principles Are at Stake in This Case?

The case hinges on two major doctrinal pressures that may explain why the appellate panel paused the injunction. The first involves a 2021 Supreme Court decision called Van Buren v. United States, which narrowed the CFAA's scope. That ruling held that a person with permission to access a system does not violate the CFAA by accessing it for the wrong reason. Perplexity argues that the District Court's ruling expands the CFAA in ways that contradict this narrowing.

The second pressure comes from the legal doctrine of agency, which has governed delegated transactions for centuries. When a person authorizes another party to act on their behalf, the agent's acts are imputed to the principal. Software acting under explicit user instruction is the modern, automated extension of this principle. Reading the CFAA to ignore that principle would create a federal criminal-law trap for any user who delegates online tasks to software, which is now most users.

Digital-rights groups have taken notice. Mozilla, the Electronic Frontier Foundation, and other organizations filed amicus briefs supporting Perplexity's position, signaling that the outcome could affect far more than just shopping agents.

What Would Happen if Amazon Wins This Case?

If the District Court's CFAA theory survives appellate review, the legal consequences would be straightforward and far-reaching. Every major website would gain a legal weapon for blocking AI agents from logged-in user accounts, even on accounts the user fully owns. The blueprint Amazon used against Comet would become the standard playbook for any platform that does not want its users employing AI agents.

The downstream effects would ripple across entire categories of online services:

• Retail and E-commerce: Retailers could block AI shopping agents from price-comparing on logged-in accounts or completing purchases on behalf of users.
• Travel and Booking: Booking websites could block AI travel agents from completing reservations, comparing prices, or managing itineraries on user accounts.
• Financial Services: Banks and investment platforms could prevent AI agents from accessing account information or executing transactions, even with explicit user permission.
• SaaS Platforms: Software-as-a-service providers could block AI agents from automating workflows, managing data, or performing delegated tasks within user accounts.

Most major websites would likely face this same question within the next 12 months, according to legal analysis of the case.

How to Understand the Competing Legal Arguments?

The case presents two fundamentally different ways of thinking about who counts as an "authorized visitor" to a website. Understanding these arguments helps clarify what's at stake:

• Amazon's Position: Authorization runs to the user, not to software agents the user has delegated to. When Comet logs in, Comet itself is the entity making the request, and from Amazon's perspective, the agent is now the visitor. Amazon never authorized Comet, so Comet's access is "without authorization" under the CFAA, regardless of the user's instruction.
• Perplexity's Position: The user is the principal, and Comet is the user's agent in the legal and mechanical sense. When the user instructs Comet to log into the user's own account and complete a transaction the user is authorized to complete, Comet's access is the user's access, channeled through software. There is no unauthorized party in the transaction.
• The Broader Principle: The CFAA was written in 1986 to target hacking-style intrusion and unauthorized break-ins, not to regulate software acting under explicit user delegation. Stretching the statute to cover agent-on-behalf-of-user access would expand it far beyond its original purpose.

The Ninth Circuit's decision on June 11 will set a precedent that applies to every retailer, marketplace, booking platform, and SaaS website facing the same question. The answer will define the legal landscape for AI agents in the United States for years to come.