A recent technologist op-ed piece in The Guardian on AI liability seems to miss the forest for the trees. Or, to stretch the metaphor for the lawyers who asked me to look at this, the trees themselves are individually flawed to the point where they could never grow into a forest.
First, perhaps most importantly, the post centers on an example where the customer is liable. It says liability follows whoever deploys the agent, and then it asks whether Visa will answer for an agent the customer deployed. This example contradicts the principle.
AI agents are agents of the person or organization that deploys them – and should be treated by the law as such. […] It makes no sense for a company to be able to honor its statements when it wants to and disavow them when it doesn’t.
Visa and OpenAI recently announced a partnership to build personal AI agents to, among other things, make purchases on our behalf. This is just one of many similar projects in the works, as companies race to provide us all with AI assistants. Will Visa take responsibility when its AI makes a purchase in your name that you don’t want? And if Visa won’t, why would anyone trust the system? Properly allocating liability is key to make this kind of thing work.
Are agents deployed by Visa, or they are deployed by the customer who owns a Visa agent, like they own and deploy a Visa card? The example kills the article. I can’t emphasize enough that if you are going to write an article about liability for errors, you shouldn’t dump a giant, steaming error on the page. Or at least that page should not work. A liability argument that can’t allocate liability in its own hypothetical, not only has no argument, it demonstrates the kind of lack of liability it argues against.
I believe this is called a mic drop. Shall I continue?
Failures in the op-ed actually have names in an old and established field of liability literature (Calabresi in 1970 on who should bear the cost, Shavell in 1980 on when liability backfires and in 1984 on when courts can’t do the job at all). That field settled these questions decades before this op-ed ran without mentioning any of them.
There’s a lot more wrong, after it fails its own premise, and leaves out the entire field it seems to want to reinvent, so I’ll continue here just for the sake of practicing integrity checking.
Second, the post predicts liability will fix Google and then flips itself and predicts liability will kill AI doctors. Same rule, two teams get opposite scores, meaning the author sees themself as a referee handing out the trophies before the game: Google jumps, shoots, wins, while AI doctors can’t dribble and go extinct. Based on what? No mechanism, no threshold, no reason the identical rule fixes one business and blocks the other. What is this FIFA? A referee who declares winners without transparency in the rules for scoring goals is just an integrity breach waiting to happen. I mean, come on, show the criterion, or admit that this theory predicts everything and therefore predicts nothing.
Third, a lawsuit is presented as the remedy. I’m not opposed to this, yet its own statistic is a rate of 16,000 erroneous summaries per second, with the post itself conceding most are benign. Nobody really sues successfully over a wrong restaurant summary. The author wants us to take harms so small and so frequent that courts could never hear them, in the same breath courts get prescribed to hear them as the fix. Flooding the courts with low-quality reports is the inversion of integrity. Anyone familiar with the AI-generated bug-bounty noise should already know this context. The authors must have put on a blindfold in order to propose this remedy that already doesn’t work.
Fourth, the post never says what counts as fault. Quality has a line. Failure has a line. Somewhere. Every liability regime in history starts by drawing it. “Liable for inaccuracies” is a standard that no doctor, lawyer, or newspaper (*cough* The Guardian *cough*) has ever faced. The post demands parity with human professionals and then quietly writes a rule far stricter than the one humans have today. See point one, above.
Fifth, I’m getting tired of making points. The post sees only the company’s temptation to hide behind an agent, and never admits that a customer has temptation to hide behind one. Full corporate liability for agent purchases means every regretted purchase becomes “agent fault.” The central Visa paragraph presents a question with an answer called… wait for it… both sides can cheat! Shocker, I know.
Sixth, are we still going? The post argues over a default rule between parties who already have a contract, and never notices the contract. The tension is kind of easy to imagine being resolved in the most usual way. Visa will wave its hand and move the liability claims to page one of the terms of service. When a huge firm simply writes around the objection, the magical remedy that a courtroom victory would bring instead gets written out of existence a minute after any case really threatens that outcome.
Seventh, the post expects a company facing unbounded per-error exposure to keep investing until the numbers come under control. Deep pockets facing unbounded exposure do the opposite and simply withdraw the feature. They can afford to throw it away and avoid liability because economics. The supposed happy path in the post is claiming a plausible outcome that its own numbers make the least plausible.
Whew. This is a lot wrong.
Back to the fundamental flaw that really caught my eye. If the authors’ say “deploy” to mean the infrastructure, then Visa deploys, and their own rule makes Visa the principal for purchases made in the customer’s name with the customer’s authority, a result that lawyers tell me agency law flatly rejects and that no court would reach. Yet if “deploys” means directs the agent to act for oneself, then the customer deploys, and their question “will Visa take responsibility” contradicts their own rule sitting directly above it.
There’s no third reading.
Google’s overview speaks for Google to users.
Air Canada’s chatbot speaks for Air Canada to passengers.
The AI doctor gives advice to the patient.
In every case presented the harm flows from the AI deployer outward, toward a third party. The Visa agent is the one example in the piece where the agent acts for the user, and the harm question (“a purchase you don’t want”) flows from the agent back to its own principal. See the logic trick?
The op-ed built a rule to flow one direction and then it applied that rule to flow the opposite direction. With that trick revealed, the best answer to “will Visa take responsibility” is not a simple hand wave.
- Visa answers for the tool’s defects (product-liability, agent malfunctions, agent execution failures)
- The customer answers for authorized transactions they merely regret (agency)
The piece never separates these layers when they say someone “deploys”. That’s an integrity breach.
And this is payment card 101 stuff for anyone familiar with how the networks have allocated liability for decades: zero liability for unauthorized transactions, chargebacks for defective ones, full responsibility for purchases the cardholder actually authorized, and loss shifted to whichever party skipped the required controls such as those specified under PCI DSS.
Bottom line, any one of the seven should be treated as an integrity failure of the post. It has so many, it becomes deeply ironic for a piece whose entire subject is liability design. It seems like the release process for the post didn’t have quality gates in place to catch basic flaws before it shipped. So now, really, who is liable? Is it the author, or was it their agent?


