Publishers and advertisers face new AI agent oversight hurdles 

Their fears come amid a rise in the number of tools: from Salesforce to Adobe to Microsoft and Optimizely, platform providers are introducing agentic AI tools that don’t just assist users but act on their behalf. These systems make decisions, learn from behavior and adapt automatically.

Meanwhile, protocols like Model Context Protocol and Google’s open-source A2A (agent-to-agent protocol) are laying the groundwork for AI agents to log into websites and use APIs on behalf of users, stressed Marc Maleh, chief technology officer at Huge. Over time, these agents can run jobs automatically in the background — like swapping out ad creative when the weather changes in a given region, he added. But, as agents increasingly take instructions from other agents, the murkier the data and accountability trail gets.

Maleh believes this isn’t theoretical, but a concrete inevitability. And the data seems to point that way. AI agents are flooding the web with (more) non-human traffic, according to the latest report from TolBit, released last week. And they’re starting to outstrip human traffic: TolBit data saw a 9.4 percent reduction in human visitors between Q1 and Q2. The report also pointed to an increase in activity from autonomous headless browsing, which AI engines like Perplexity are using, but appear as human visits in site logs, TolBit claims.

Maleh believes businesses need to put guardrails in place so they can avoid potential instances where AI agents run wild. “If you’re a brand and you don’t have a governance framework in place and you have a multi-agent system, and you didn’t think through, ‘Well, I’m accessing Marc’s credit card information with this agent, and that agent is making an assumption that this other agent can access that same information — how am I being informed about that?’ Suddenly, I bought a product I didn’t want to buy because this multi-agent system did so. So it’s not just a tech or a data problem, it’s also a brand problem,” he added.

When Huge has engaged in data and AI work with clients like NBCUniversal and Planet Fitness, this topic has come up frequently. Conversations have ranged from how model decisions get documented and communicated, to what mechanisms ensure traceability of agent actions — like audit trails and data logs. Accountability has been another hot topic: if an agent acts with bias, if it’s had harmful outputs, been mis-executed, who is on the hook: the agency, vendor, brand or end-user agent?

How consumer or customer data privacy is protected is another dominant conversation, along with establishing what controls prevent collusion or unintended outcomes when agents interact with third-party agents, he added.

Orchestration doesn’t guarantee governance 

Agentic orchestration platforms, like Adobe’s Agent Orchestrator, or Microsoft’s Copilot Studio’s orchestration layer, do bake in governance features, like permissions, logging, intervention points and audit trails. But it’s still possible to have orchestration without governance — agents passing tasks with no accountability.

Agent orchestration is about how agents run; agentic governance is about whether they run responsibly. So while orchestration can enable governance, without clear policies, it risks becoming automation without accountability.

“It’s only a matter of time before consumers start to care how their data is being used by multi-modal agentic systems, according to Clive Henry, head of partner solutions at Adobe. 

Just as personalization sparked data privacy regulations like the General Data Protection Regulation and California’s Consumer Privacy Act, agentic workflows are in their early days — the rules are still being developed, but the aim is better outcomes for consumers, stressed Henry.

“Companies that are going to open up their web experiences to these kinds of agentic flows, they’re eventually going to want to know that they’re safe from legal recourse from consumers or consumer groups, based on how they receive and store these kinds of data,” said Henry.

Pushing for agentic governance frameworks within businesses is what’s needed to ensure the necessary guardrails are in place, he added. 

For media companies, it’s just as big a risk as it is for advertisers. Say, for example, someone is choosing what to watch on TV. In theory, an agent could log into their streaming apps, scan their libraries, and return recommendations based on your mood, favorite genres, or actors. But that raises questions, stressed Henry. If an agent is doing the browsing, who controls the ads that normally appear on these platforms, and what data is used to target them? And if another person uses the same interface, will that agent apply the same username and password as the previous person who watched something earlier?

“I think these are the kind of problems that would lead a media company that has a subscription platform to say ‘I would prefer not to open up my interfaces to agents until we have standards for these kinds of things,’” he added. 

Will marketers be advertising to humans or agents? 

CMOs need to ensure that they are working to ensure the knock-on effect to consumers is raised early on, that this isn’t left solely to CTOs and CIOs, according to David Berkowitz, founder of AI Marketers Guild, a community for marketers, brands, and technologists focused specifically on how AI is changing marketing. “This could radically shape a world of — are you even creating messaging for humans — or bots? And if it’s just seen as some tech policy or implementation, then it’s very possible the CMO is going to get left out,” he said. 

Perplexity’s Comet browses autonomously to create a daily digest of news. Based on Tolbit’s tests, it looks just like a human using Chrome. Perplexity’s Comet browser doesn’t identify itself as an AI tool in site logs, in the tests Tolbit’s team ran. Instead, it fetches pages under a standard “Chrome” user agent and uses the human’s residential IP. So even if a user only sees a summary, publishers’ analytics record it as a normal (human) visit — when in fact it’s the AI doing the browsing and clicking in the background, claimed Tolbit’s report released last week. 

“All parties of sorts, whether you’re a human business, whether you’re an advertiser, a publisher, an agency, is going to have some kind of agentic representation, and some way to have an automated version of that entity that can make decisions and act on the party’s behalf,” said Berkowitz.

AI posing as people shows why agentic guardrails matter.

If agents are more proactively going out and trying to find the right customers, the right visitors, and the right audience targets, then that could radically change advertising, marketing, media and more, added Berkowitz. “How do we prepare for a future where there are different agents — essentially bots — talking to each other, often without human intervention? There are a lot of different rules in play here and I don’t think we want to be in a situation where we just like, let this happen, and see where this goes,” he said.