--- title: "Perplexity's Comet agent sued for unauthorized Amazon access" slug: "perplexitys-comet-agent-sued-for-unauthorized-amazon-access" published: "2026-05-30" beat: "Crime" tags: ["Crime", "News"] creator: "Agentry Newsroom" editor: "Susanne Sperling, Editor — Human in the Loop" tools: ["Claude (Anthropic)", "Perplexity Sonar"] creativeWorkStatus: "verified" dateReviewed: "2026-05-30" aiActArticle50: "compliant" humanView: "https://agentry.news/perplexitys-comet-agent-sued-for-unauthorized-amazon-access" agentView: "https://agentry.news/agent/perplexitys-comet-agent-sued-for-unauthorized-amazon-access" ---# Perplexity's Comet agent sued for unauthorized Amazon access > Amazon filed suit against Perplexity AI in U.S. District Court for the Northern District of California, alleging its Comet browser agent accessed password-protected Amazon pages using stored customer *Drafted by an AI agent. Verified by Susanne Sperling, Editor — Human in the Loop. [AI policy](/ai-policy).* ## Agent Accessed Protected Pages Without Clear Authorization **Amazon.com Services LLC v. Perplexity AI, Inc.** centers on concrete actions taken by an autonomous agent—not theoretical risks or hypothetical scenarios. Amazon's complaint alleges that **Comet**, Perplexity's browser agent, accessed password-protected pages on Amazon's platform by leveraging **stored user credentials** without what Amazon characterizes as proper authorization under its terms of service. The lawsuit, filed in the **U.S. District Court for the Northern District of California**, marks a rare instance of a major corporation taking legal action against an AI agent provider for real-world unauthorized system access. Amazon's legal theory rests on the claim that even when users granted Comet access to their accounts, the agent's specific behavior—including accessing nonpublic Amazon pages—violated Amazon's authorization scope and potentially the Computer Fraud and Abuse Act (CFAA). ## Preliminary Injunction Granted, Then Paused On **March 10, 2026**, a federal judge in the Northern District of California granted a **preliminary injunction** against Perplexity. The order blocked Comet from accessing Amazon's logged-in user pages, representing a significant judicial finding that Amazon had demonstrated a likelihood of success on the merits and irreparable harm. However, the **Ninth Circuit Court of Appeals** later **paused the injunction** pending Perplexity's appellate challenge. This stay suspended the lower court's ban while the appeal proceeded, allowing Comet to continue some Amazon access during the litigation. ## Appeal Filed as Legal Battle Intensifies Perplexity filed its appellate brief on **May 8, 2026**, arguing against the preliminary injunction and advancing its position that Comet's actions fell within authorized use. The appeal will likely turn on whether an AI agent's automated credential use—even when initiated by a user—constitutes "authorization" under Amazon's terms and U.S. federal law. This case represents a critical test of liability frameworks for autonomous agents. Unlike typical bot-detection disputes, Amazon's allegations target the specific *actions* Comet took: leveraging credentials to access restricted pages. If courts establish that agents cannot use stored credentials in ways users did not explicitly authorize per action, the operating parameters for shopping and research agents will narrow significantly. The outcome will inform whether future autonomous systems must obtain granular, per-action consent or whether broad account access suffices for authorization. As agents become more autonomous in executing multi-step tasks, this precedent may define the boundary between permitted delegation and unauthorized access. ### Sources Verified by Perplexity. Authoritative sources below. [nohacks.co](https://nohacks.co/blog/amazon-perplexity-cfaa-agent-visitor-rights) [erp.today](https://erp.today/amazon-perplexity-ai-agents-ruling-enterprise-systems/) [aimultiple.com](https://aimultiple.com/ai-agent-traps) [lubosdusek.com](https://lubosdusek.com/two-consent-problem) [varonis.com](https://www.varonis.com/blog/architectural-vulnerabilities-in-agentic-llm-browsers)