New paperGrounding Promises in the Sandbox: an environment-grounded commitment protocol for trained autonomous agents.Read now
Teleperson
All posts
Industry

Who's to blame when an agent gets it wrong?

An agent commits to something the person would never have approved. Four parties could be at fault, and most discussions name only two. The missing parties are why agent adoption stalls.

Jesse Hollander · May 13, 2026 · 4 min read

Here is the scenario that quietly governs how fast agentic commerce actually arrives.

A consumer's agent negotiates a new wireless plan. The plan it accepts costs more than the consumer would have approved if anyone had asked them directly. The brand on the other side acted in good faith and has a signed record of the agreement. The consumer wants it unwound. Who eats the loss?

Most people, asked this, reach for two parties: the consumer and "the company." That instinct — collapse it to two, assign blame between them — is exactly why the question feels unanswerable. The transaction did not have two parties. It had four.

The four parties

Every agent-mediated transaction involves four distinct actors, and the fault, when something goes wrong, almost always sits with one of them specifically:

  1. The principal — the person the agent acts for. They granted the authority and defined its scope.
  2. The agent provider — the company that built and operates the agent. Responsible for it behaving within its declared capabilities.
  3. The marketplace — the neutral layer where the two agents met and transacted. It set the protocol and produced the record.
  4. The counterparty — the brand (or its agent) on the other side, entitled to rely on that record.

Two-party thinking can't locate the fault because it has nowhere to put two of the four actors. The agent provider and the marketplace get absorbed into "the company," and the moment that happens, the actual question — which of these four made the mistake — becomes unaskable.

The fault is usually findable

Once you can see four parties, the failure modes separate cleanly. In the wireless example, the most common one is a principal scope error: the consumer authorized a scope — "get me a better plan" — that was too broad for them to have meaningfully understood. The agent acted inside that scope. It did not malfunction. The consent was real but uninformed.

That's a different problem, with a different owner, than an agent execution error (the agent acted outside its scope or did something no reasonable agent would), or a marketplace protocol error (the rules permitted a transaction that should have required a confirmation step), or simple counterparty bad faith.

Four failure modes, four owners. The blame is not unknowable. It was just unlocatable inside a two-party frame. We laid out the full allocation framework in The Liability Question.

Why this is a product problem, not a legal one

It's tempting to file this under "wait for the courts." That's a mistake, because the question is not primarily settled in court. It's settled — or not — in the design of the system, before the dispute ever happens.

Two design decisions do most of the work:

Confirmation behavior. The single most effective defense against principal scope error is the agent checking back before anything binding. The consumer said "get me a better plan"; the agent comes back with "here's the plan, here's the new price, confirm?" A scope that was too broad becomes survivable, because the broadness is caught at the moment it would have mattered.

The signed record. When a dispute does happen, you resolve it with evidence: what was committed, by whom, on what authorization, against what protocol. Not a chat transcript — a structured, attributable record. That's the difference between a dispute that has an answer and one that's just two parties asserting. We've written about this trust layer in Trust at Machine Speed.

A system built with both is one where, when an agent gets it wrong, you can say which party erred and why — and unwind it accordingly. A system built without them produces exactly the unanswerable mess the two-party frame predicts.

The real stakes

This is not an edge case to handle later. It is the gating factor on the whole category. A consumer will not delegate real authority to an agent until "what happens when it's wrong" has a credible answer. A brand will not accept agent-driven transactions until the same is true on their side.

"Who's to blame" sounds like a question for lawyers. It is actually a question for whoever is designing the agent, the marketplace, and the record — and they have to answer it in the architecture, well before anyone ends up in front of a judge.

Related