Abstract editorial illustration of a glowing FTC registry seal connected to a credentialed AI agent silhouette and a verified human operator, navy and teal palette

Warner AI AGENT Act sets the first US rules for autonomous agents

AIntelligenceHub
··7 min read

Sen. Mark Warner released a discussion draft of the AI AGENT Act on Monday, the first US federal bill to set baseline rules for autonomous consumer AI agents and the dominant platforms they have to interoperate with.

Sen. Mark Warner released a discussion draft of the AI AGENT Act on Monday, the first US federal bill aimed at autonomous consumer AI agents. The acronym stands for the Artificial Intelligence Access, Gatekeeper Exchange, and Nondiscriminatory Transfer Act. The bill is open for public comment, and is the strongest signal yet that the Senate Intelligence Committee chair intends to put agent governance on the legislative map for the back half of 2026.

The bill arrives at a moment when agentic AI has crossed the threshold from developer novelty to consumer product. A Morgan Stanley estimate cited by CyberScoop puts the share of Americans who made a purchase using AI over a 30-day window at 23 percent, and the same bank projects that agentic shoppers could account for up to $385 billion in US e-commerce sales by 2030. The Office of the Director of National Intelligence added weight to the timing in May when ODNI's annual threat assessment named agentic AI among the technologies that will reshape both the threat surface and the labor market by 2030. Warner's office is betting that consumer agents, not frontier model safety, will be the part of AI policy that voters feel first and that members of Congress will be forced to act on.

The Senate Intelligence Committee chair framed the bill as consumer protection legislation rather than a safety or compute bill, and the framing matters. The draft is built around five concrete obligations, and the load-bearing one is a Federal Trade Commission registry of trusted AI agents. The FTC would certify independent bodies to vet agent vendors against baseline standards for privacy, data security, and acting in the user's interest, and the bill would require every certified agent to be linked to the identity of its human operator. A user would be able to grant or revoke an agent's authority to act on their behalf through a built-in control surface, and the agent would have to make that authority visible to any third-party site it interacts with. A large online platform, defined as one with more than 50 million monthly active users or subscribers, would be required to allow at least one registered agent provider to interoperate on standard terms. The commission cannot bar a platform from doing business with non-registered agents, but it can deregister a vendor that violates the trust standards.

The second obligation is a duty of loyalty. The draft summary obtained by CyberScoop reads the duty of loyalty as a fiduciary-like requirement: any agent that has access to a user's email, e-commerce accounts, or payment methods has to act in that user's best interest. That language is the strongest of the five obligations, and it is the one that the largest platform operators are most likely to push back on. The bill does not create a private right of action, which keeps the legal risk on the FTC rather than the courts, but it does set the precedent that an autonomous system operating against a user's stated preferences can be treated as an unfair or deceptive practice. That is the same statutory hook that the FTC has used for the last decade against data brokers and dark-pattern UI, and applying it to agents is the policy novelty.

The third obligation is technical standards work delegated to the National Institute of Standards and Technology. NIST would identify the technical standards and open protocols that make online services accessible to agents and would push consensus-based work on authentication, intent signaling, and the audit trails that an agent leaves when it acts on a user's behalf. The fourth is a public-comment window built into the draft, which Warner is using to pull in industry, civil society, and academic input before the formal introduction. The fifth is a research mandate that the Commerce Department, working with the FTC and NIST, study the consumer-protection implications of agent-to-agent commerce, including the case in which AI bots start buying from AI bots without a human in the loop at any point. That study is the part of the bill that pulls in the same agent-to-agent risk that the Linux Foundation's Agent Name Service work is trying to address at the protocol layer.

What the AI agent act requires of platforms and vendors

The platform-side obligation is the part of the bill that will draw the most comment, and it is the part that is most likely to be amended before introduction. The draft defines a covered platform as a service with more than 50 million monthly active users or subscribers, and the obligation is to allow at least one registered agent provider to access the platform on the same terms a human user would. The language is intentionally close to the European Union's Digital Markets Act gatekeeper rules, and the policy intent is the same: keep the largest platforms from using their control over identity, authentication, and rate limits to favor their own agents and to disadvantage third-party agents acting on a user's behalf. The bill does not require a covered platform to expose every internal API to every registered agent. It does require that the platform not actively block or degrade the requests of a registered agent, and it gives the FTC the authority to define what active blocking means in a rulemaking.

The vendor-side obligation is the part of the bill that smaller AI startups will be tracking most closely. Any agent vendor that wants to be on the FTC registry has to pass an independent certification against a privacy, security, and duty-of-loyalty baseline, link every agent to a verified human operator, and maintain the technical control surface that lets a user grant or revoke authority. The certification cost is real, and it will be passed on. The bill is silent on who pays for the certification body, which is the kind of detail that gets negotiated into a manager's amendment during mark-up. Warner is signaling that he wants the certification scheme to be light enough that a startup can pass it without a six-figure audit, and the draft text gives the FTC discretion to set the certification fees.

The timing matters for two reasons. The first is the export-control fight around Anthropic's Mythos 5 and Fable 5, which the Commerce Department pulled on June 12 over a reported jailbreak and which Anthropic was allowed to redeploy on July 1 after a multi-week negotiated framework. The second is the broader agent governance stack that has been shipping all year, including the Linux Foundation's Agent Name Service for AI agent identity, the Cisco WideField Security acquisition, and the AppViewX Agent Identity Security product. The AI agent act is the first federal proposal that tries to legislate the rules of the road for the same agent identity layer that the industry has been building out on its own. The bill and the industry work are not in conflict, but the bill is the first time a federal regulator would be the final arbiter of what a trusted agent looks like.

The Warner draft's three remaining gaps

The bill is a discussion draft, and the parts that are missing or soft are the parts that the comment period is meant to fill. The first gap is the duty-of-loyalty enforcement mechanism. The draft text says the FTC can deregister an agent that violates the duty, but it does not spell out the standard the FTC would use. The second gap is the interaction with state-level AI legislation, which has been the dominant US regulatory story in 2025 and 2026. The bill does not preempt state law, and the lack of preemption is the part that is most likely to change as industry and state AGs file comment. The third gap is the international dimension. The bill defines a covered platform in US-user terms, but the agents it covers will operate globally, and the same draft text does not address how the FTC registry would interact with the EU AI Act's provider registry, the UK AI Safety Institute's evaluation regime, or the Singaporean and Japanese agent governance frameworks that have been moving in parallel.

Warner is also using the bill to pull a thread that has been in his legislative portfolio for years. He introduced the Augmenting Compatibility and Competition by Enabling Service Switching (ACCESS) Act in 2019, which anticipated the rise of consumer agents and would let users designate a trusted third-party service to manage their privacy and account settings. He sent a letter to Treasury Secretary Scott Bessent earlier in 2026 encouraging Treasury to develop rules for agentic AI in the financial services sector. The AI agent act is the consumer-side companion to those efforts, and the discussion draft is meant to be the consolidation point. The comment window is open, and the bill is expected to be formally introduced in the Senate before the August recess.

Senate timing, comment window, and the path to introduction

The full text of the discussion draft, the section-by-section summary, and the public comment portal are on Warner's Senate press release announcing the AI AGENT Act. CyberScoop's explainer from Derek B. Johnson covers the FTC certification mechanism and the 50-million-user platform definition, and the CBS News MoneyWatch piece from Megan Cerullo is the cleanest short summary of the duty-of-loyalty language. For the broader agent identity context that the bill is legislating, the Linux Foundation Agent Name Service launch is the right industry-side read, and the Enterprise AI Governance Checklist for 2026 is the evergreen reference for any team that has to map this kind of federal framework onto an existing agent rollout.

Weekly newsletter

Get a weekly summary of our most popular articles

Every week we send one email with a summary of the most popular articles on AIntelligenceHub so you can stay up-to-date on the latest AI trends and topics.

One weekly email. No sponsored sends. Unsubscribe when you want.

Comments

Every comment is reviewed before it appears on the site.

Comments stay pending until review. Posts with more than two links are held back.

Related articles