Who Controls Your Account When an AI Agent Acts for You? A proposal for “delegation rights” and conditional certification
Researchers study a narrow but important question: when a user lets an AI agent act inside their digital account, who should control that mode of action — the platform, the user, or a conditional certification system? They call the relevant entitlement a “delegation right.” This right is the user’s power to let an authorized, revocable, limited agent act with the user’s existing account privileges while preserving the user’s identity.
To study the problem the authors build a simple economic model with three parties: a User, an AI Agent provider, and a Platform. The model is an “incomplete-contracts” framework, which means many future details cannot be written into a contract in advance. Each party can make relationship-specific investments. Because those investments are hard to specify ahead of time, who controls whether an agent may operate inside the account affects incentives to invest.
The paper compares three control regimes. Under Platform Control the platform can block automated proxies. That helps protect infrastructure, identity checks, privacy boundaries, fraud detection, and third parties. But platform discretion creates a “hold-up” problem: after the user and agent invest, the platform can threaten exclusion or extract value. Anticipating that risk, agent and user investment falls. Under User Control the user has a protected right to delegate. That reduces hold-up and encourages investment in automation. But unconditional user control can leave some safety and third-party risks insufficiently internalized by the agent provider or the user’s private incentives.
To balance these trade-offs the authors propose Certified Delegation. Certification is a conditional access regime. A certified agent gets a protected access path if it meets verifiable conditions such as explicit user authorization, revocability, auditability, compliance with rate limits, data minimization, and other risk-reduction measures. Certification is not just a technical safety test. It is a conditional allocation of the residual power to determine the mode of account execution: certified agents are treated differently from uncertified ones.