On November 4, 2025, Amazon filed a lawsuit against the AI startup Perplexity AI, accusing it of illegally accessing Amazon user accounts and disguising AI behavior as human activity through its AI “agent” shopping feature. This lawsuit reveals the potential disputes between mainstream internet platforms and startup AI companies regarding interactions with AI agents.
Below is the translated version of the complaint; click at the end of the article to read the original complaint:
Introduction
Amazon initiated this lawsuit to stop Perplexity AI, Inc. (“Perplexity” or “Defendant”) from its ongoing, secretive, and unauthorized access to Amazon’s protected computer systems, which violates federal and California computer fraud and abuse laws. This case is not intended to stifle innovation but concerns unauthorized access and intrusion issues. It involves a company that, after multiple notifications, still chooses to disguise an AI “agent” browser as a human user to bypass Amazon’s technical measures and access private user accounts without Amazon’s permission. Amazon’s demand is that Perplexity must maintain transparency when deploying its AI agent on Amazon.com (“Amazon Marketplace”) and respect Amazon’s rights to restrict Perplexity AI agents’ activities in private user accounts. Like other intruders, Perplexity must not enter areas explicitly prohibited to it; although Perplexity’s intrusion involves code rather than tools to bypass technical measures, this does not affect the illegality of its actions. Perplexity’s misconduct must be terminated.
Amazon operates the Amazon Marketplace, an online store serving millions of users. The Amazon Marketplace is not just a web directory: it is an integrated, dynamic environment that provides Amazon users with a secure, curated, and personalized shopping experience. To allow Amazon to provide the best user experience, Amazon users must register accounts using unique login credentials. After registration, they can manage and track orders, view order history, receive personalized recommendations, store credit card and shipping addresses, and handle returns, among other functions. To protect the Amazon Marketplace and its users’ private information and maintain user trust, Amazon has invested heavily in technical and organizational safeguards, including numerous cybersecurity measures.
Perplexity operates AI-based products and services, including an application called Comet, which features an “AI agent” capability. Unlike more well-known AI tools (which generate text or provide information based on user prompts), AI agents can plan and execute multi-step tasks for users without requiring extensive user input. In fact, these AI tools can autonomously interact with third-party websites, utilize stored credentials, and perform actions on behalf of users—executing sequences similar to a human-controlled browser session, even without active clicks. Relevant to this case, Comet allows users to browse the internet and independently perform actions on behalf of users through the Comet AI agent, including interacting with the Amazon Marketplace and placing orders through their private user accounts.
Given that AI tools like Comet can operate within protected computer systems (including password-protected private user accounts), they pose potential risks to Amazon users and the Amazon Marketplace. Amazon reasonably requires automated AI agents (such as Comet, which represents registered Amazon users accessing Amazon Marketplace and private account information) to transparently self-identify. This is a necessary measure for Amazon to ensure that AI agents do not pose risks to Amazon Marketplace users. Amazon has directly communicated these requirements to companies operating AI agents, including Perplexity. Amazon’s Terms of Use also require such transparent identification of AI agents, which is publicly available. These requirements ensure that Amazon understands and controls access to its private server entities and play a crucial role in protecting its users’ data.
Perplexity failed to adhere to the principle of transparency and instead deliberately configured its Comet AI software to not recognize the activities of the Comet AI agent on the Amazon Marketplace. Specifically, Perplexity incorrectly labeled Comet AI agent activities as originating from Google Chrome, another widely used web browser owned by Google. As a result, Perplexity’s Comet AI agent secretly disguised itself as a human user shopping on the Amazon Marketplace using the Google Chrome browser.
Perplexity’s unauthorized and secret deployment of the AI agent to private user accounts on the Amazon Marketplace posed significant risks to Amazon users. For example, Perplexity’s Comet browser and AI agent are vulnerable to cybercriminal attacks. These cybercriminals could exploit Perplexity’s cybersecurity vulnerabilities to compromise the personal and private data of Amazon users utilizing the agent. Reports indicate that cybercriminals and other malicious actors can “hijack AI assistants embedded in browsers to steal data.” The vulnerabilities of Comet put the private data of Amazon users using the Comet AI agent at risk, thereby jeopardizing the user trust that Amazon has painstakingly built.
In addition to posing security risks to Amazon users, Perplexity’s Comet AI agent also diminishes the shopping experience for Amazon users and interferes with Amazon’s ability to ensure that users utilizing the Comet AI agent benefit from the personalized shopping experience that Amazon has meticulously curated over decades.
Since November 19, 2024, Amazon has informed Perplexity’s executives at least five times that its AI agent must not secretly access the Amazon Marketplace. Perplexity initially agreed and then reneged. Subsequently, when Amazon detected the Comet AI agent secretly accessing private user accounts and requested Perplexity to stop, Perplexity claimed that Comet AI was not an agent function, despite its own marketing advertisements acknowledging otherwise. Amazon then implemented technical measures to restrict the Comet AI agent’s secret access to private user accounts. In response, Perplexity released a Comet software update specifically designed to allow the Comet AI agent to circumvent that technical measure. When Amazon again engaged with Perplexity regarding its unauthorized actions, Perplexity explicitly refused to cease such actions. Perplexity’s CEO was aware that Perplexity was intentionally violating Amazon’s Terms of Use but provided no legitimate reason for why Perplexity was not acting honestly and transparently. Finally, on October 31, 2025, Amazon sent a cease-and-desist letter to Perplexity, once again demanding that Perplexity stop using the AI agent to secretly access Amazon’s private user accounts.
The law does not require Amazon to tolerate a covert, automated actor that refuses to identify itself, accesses private user accounts without authorization, and circumvents access measures to continue doing so. Through this lawsuit, Amazon seeks to immediately stop Perplexity’s ongoing infringement, as Amazon has suffered irreparable harm as a result, and unless the defendant is prohibited from further intruding into Amazon’s protected servers, such harm will continue.

Background
1
Amazon Marketplace Background
Amazon owns and operates the Amazon Marketplace, an online store accessible in the United States via www.amazon.com. Through the Amazon Marketplace, users can browse, select, and purchase a variety of products and services. Since its inception as an online bookstore, the Amazon Marketplace has been built on a simple principle: customer first. This customer-centric approach has allowed the Amazon Marketplace to continuously serve its users.
For decades, Amazon has crafted a unique shopping experience for each user on the Amazon Marketplace. This shopping experience is designed to help users find and discover products that meet their needs based on key factors (including reviews, prices, availability, delivery speed, post-purchase satisfaction metrics such as return rates, and each user’s browsing and shopping history).
To obtain this personalized shopping experience, users must register a private account protected by unique login credentials on the Amazon Marketplace. Within each private account, users can (among other functions) manage and track orders; save items for later purchase; receive personalized recommendations; store payment, personal address, and contact information; and receive updates about their purchases.
Amazon has implemented a series of cybersecurity measures—including encryption, multi-factor authentication options, and monitoring for suspicious activity—to protect the data within users’ private accounts. These cybersecurity measures place Amazon among the leaders in protecting user information.
2
Amazon Marketplace Terms of Use
All activities within the Amazon Marketplace and the use of related Amazon services and products are governed by the Amazon Marketplace Terms of Use.
On May 30, 2025, Amazon updated the Amazon Marketplace Terms of Use to include a dedicated section on AI agents (the “Agent Terms”). The Agent Terms require AI agent providers like the defendant to clearly identify AI agents and avoid any hidden or ambiguous agent activities. Amazon restricts AI agents’ access to the Amazon Marketplace and requires AI agent providers to comply with these restrictions.
Among other provisions, the Terms of Use include the following:
License and Access
Subject to your compliance with these Terms of Use and any Service Terms and payment of any applicable fees, Amazon or its content providers grant you a limited, non-exclusive, non-transferable, non-sublicensable license to access and use the Amazon services for personal, non-commercial use. This license does not include any resale or commercial use of any Amazon services or their content; any collection and use of any product listings, descriptions, or prices; any derivative use of any Amazon services or their content; any downloading, copying, or use of account information for the benefit of any third party; or any use of data mining, robots, or similar data gathering and extraction tools… No Amazon service, or any part of any Amazon service or its content, may be copied, reproduced, republished, sold, resold, accessed, or otherwise exploited for any commercial purpose without Amazon’s express written consent… You may not frame or utilize framing techniques to enclose any Amazon trademark, logo, or other proprietary information (including images, text, page layout, or forms)… You may only use the Amazon services as permitted by law. If you do not comply with these Terms of Use or any Service Terms, the license granted to you will terminate.
…
Additional Amazon Software Terms
The following terms (the “Software Terms”) apply to all software (including any updates or upgrades to the software) and any related documentation (“Amazon Software”) that we provide to you in connection with the Amazon services.
1. Use of Amazon Software. You may only use the Amazon Software for the purposes of enabling you to use the Amazon services (as provided by Amazon) and for the purposes permitted by these Terms of Use and any Service Terms. You may not incorporate any part of the Amazon Software into other programs or compile any part of it with other programs, or otherwise copy (except as necessary to exercise the rights granted in this section), modify, create derivative works, distribute, transfer any rights or license all or any part of the Amazon Software. All software used for any Amazon service is the property of Amazon or its software suppliers and is protected by U.S. and international copyright laws.
Prohibition on Reverse Engineering. You may not reverse engineer, decompile, or disassemble, tamper with, or apply any other process or procedure to obtain the source code or other underlying components (such as models, model parameters, or model weights), or circumvent any security measures related to the Amazon Software, whether in whole or in part.
…
Agents
If you use, allow, enable, or cause to deploy an agent to access, use, or interact with any Amazon service, the terms in this section (the “Agent Terms”) apply. For the purposes of these Agent Terms, “agent” refers to any software or service that acts on behalf of any individual or entity or takes autonomous or semi-autonomous actions at their direction.
1. Transparency and Consent. No agent may access, use, or interact with Amazon services unless it always identifies itself and strictly complies with the requirements of Section 3 of these Agent Terms. Furthermore, if we have requested that an agent avoid accessing, using, or interacting with any Amazon service, no agent may access, use, or interact with Amazon services.
2. Access Restrictions. We may, at our discretion, limit the scope and manner in which any agent may access, use, and interact with Amazon services through technical measures.
3. Technical Requirements. Agents must:
i. In all HTTP/HTTPS requests, indicate that the request is from an agent and disclose the name of the agent by including the following in the user agent string of the request:
“Agent/[Agent Name]” (e.g., Agent/Amazon Agent)
ii. Not conceal or obscure the fact that any access, use, or interaction originates from an agent, such as by (a) mimicking the speed or pattern of human keystrokes, page navigation, or other interactions, or (b) completing or circumventing CAPTCHA or other measures designed to distinguish between computers and humans.
iii. Provide truthful answers to any questions or prompts designed to determine whether the interaction is from a human or a computer.
iv. Not circumvent or otherwise avoid any measures designed to prevent, restrict, modify, or control the manner and extent of an agent’s access, use, or interaction with Amazon services.
3
Defendant and Comet Browser Background
The defendant is a technology company founded in 2022.
The defendant develops and operates AI-based products and services, including a web browser application called Comet, which was first released to paying subscribers on July 9, 2025. Comet allows users to browse the internet and use the defendant’s AI tools, including the Comet AI agent. Comet users can request the Comet AI agent to independently perform actions on their behalf, such as placing orders on the Amazon Marketplace. On October 2, 2025, the defendant made the Comet browser and agent services widely available to the public for free.
4
Defendant’s Secret and Unauthorized Access to the Amazon Marketplace
At least since November 2024, the defendant has repeatedly and intentionally accessed the Amazon Marketplace without authorization.
A. Defendant’s Fraudulent Setup of Amazon Prime Accounts to Facilitate Its “Buy with Pro” Feature
In November 2024, the defendant launched the “Buy with Pro” feature, which allows its paying subscribers to delegate the defendant to conduct shopping activities on third-party websites on their behalf, promising free shipping as a “thank you for shopping with [the defendant].” The defendant claims that the “Buy with Pro” feature is powered by an AI agent.
The defendant uses Amazon accounts, including Amazon Prime accounts, to promote the implementation of the “Buy with Pro” feature. When the defendant’s paying subscribers enable the “Buy with Pro” feature on the Amazon Marketplace, the defendant uses its own Amazon account (including Amazon Prime accounts) to place orders, allowing some subscribers to make purchases and enjoy Prime member benefits, such as free shipping, without having to create their own Amazon accounts or pay for Prime membership.
The defendant’s “Buy with Pro” feature poses risks of interfering with Amazon’s user relationships and potentially depriving Amazon of revenue. This is because the feature provides Prime member benefits to third parties who may not qualify for Prime membership. Additionally, since users utilizing the defendant’s “Buy with Pro” feature are not transacting through their own Amazon accounts, they face potential risks of not accessing all features of the Amazon Marketplace. For example, they may not receive timely updates from Amazon regarding their orders and may encounter difficulties when attempting to return or exchange items, as they have not interacted directly with the Amazon Marketplace.
On November 19, 2024, Amazon detected the defendant’s abuse of Prime membership privileges.
B. Amazon Informed the Defendant That Accessing the Amazon Marketplace Through “Buy with Pro” Was Unauthorized
On November 19, 2024, Amazon contacted the defendant and informed them that their use of Amazon Prime accounts violated the terms and conditions of Amazon Prime. These terms explicitly prohibit Prime members from purchasing products “for the purpose of resale, rental, or utilizing Prime benefits to ship products to their users or potential users.” Additionally, Amazon pointed out to the defendant that since they promoted “Buy with Pro” as an AI-powered shopping assistant, they had no right to deploy any AI agents on the Amazon Marketplace. In response, the defendant agreed to stop deploying AI agents on the Amazon Marketplace unless Amazon and the defendant reached mutually agreed terms regarding such deployments.
C. Defendant Deployed Its AI Agent Through Private User Accounts on the Amazon Marketplace
On July 9, 2025, the defendant released the web browser application Comet to its paying subscribers. Without prior notice to Amazon and without authorization, the defendant deployed its Comet AI agent through Amazon private user accounts on the Amazon Marketplace, which contradicted the agreement previously reached with Amazon that prohibited the deployment of AI agents on the Amazon Marketplace without Amazon’s consent.
In a Comet browser session, the Comet AI agent can respond to user prompts to perform multiple tasks. To deploy the Comet AI agent for purchasing on the Amazon Marketplace, the Comet AI agent guides users to the Amazon Marketplace login page and instructs users who are not logged in to log into their Amazon accounts. Once logged in, no further manual action is required from the user within the Amazon Marketplace: the Comet AI agent can access the user’s private account information (which the Comet AI agent sends back to Perplexity’s servers for processing), add items to the user’s shopping cart, complete purchases, and perform other agent actions on behalf of the user, all without requiring additional clicks within the Amazon Marketplace.
The defendant did not identify the Comet AI agent in the Comet browser session but instead concealed its agent activities. When the Comet AI agent accessed the Amazon Marketplace, it did not use a unique browser identifier but transmitted the same “user agent” string as Google Chrome. The “user agent” string is standard information that web browsers send to third-party websites to identify themselves.
In a web environment, using a user agent string that can distinguish requests initiated by AI agents from those triggered directly by human actions is considered responsible practice. Unlike Comet, other web browsers with AI agent capabilities use unique user agent strings to identify the browser’s identity and determine whether browsing activity is performed by an AI agent. Therefore, by using the same user agent string as Google Chrome, the Comet AI agent creates a deceptive illusion that a human user is accessing the Amazon Marketplace using the Google Chrome browser.
The defendant’s secret deployment of the Comet AI agent through private user accounts on the Amazon Marketplace violates Amazon’s License and Access Terms, Amazon Software Terms, and Agent Terms, as well as the previously acknowledged requirement that the defendant avoid deploying secret AI agents on the Amazon Marketplace.
D. Amazon Informed the Defendant That Comet’s Agent Access Was Unauthorized and Implemented Technical Measures, but the Defendant Circumvented Those Measures
On August 4, 2025, shortly after Amazon detected the defendant’s renewed unauthorized deployment of its Comet AI agent, Amazon contacted the defendant’s Chief Business Officer (CBO) Mr. Shevelenko and clarified that Amazon required all AI agents to operate transparently within the Amazon Marketplace and that the defendant must not deploy the Comet AI agent on the Amazon Marketplace. Mr. Shevelenko incorrectly asserted that Comet was not “agent-like,” a claim that contradicts Perplexity’s public marketing materials promoting Comet’s agent-like AI capabilities, which include “actively conducting entire browsing sessions,” “booking meetings or sending emails,” “purchasing forgotten items,” and “executing complete processes while maintaining perfect context.” See Attachment 5, Perplexity Team, “Introducing Comet,” Perplexity (July 9, 2025), https://www.perplexity.ai/hub/blog/introducing-comet.
After the defendant’s secret and unauthorized access, numerous software engineers and other skilled personnel at Amazon invested significant time in forensic analysis of network traffic and browser data to distinguish the Comet AI agent’s browser fingerprint from ordinary user activity. On August 19, 2025, after investing substantial resources to track and identify the defendant’s secret AI agent’s activities on the Amazon Marketplace and Amazon servers, Amazon implemented a technical measure to restrict the Comet AI agent’s access to private user accounts on Amazon.
Within 24 hours of Amazon implementing technical measures to protect Amazon private user accounts from the defendant’s unauthorized access, the defendant released an updated version of Comet, designed to change Comet’s behavior to circumvent that measure, allowing the Comet AI agent to once again access Amazon’s private user accounts without authorization. The defendant’s circumvention of Amazon’s technical measures also independently violates the Terms of Use that have been published and apply to all individuals accessing the Amazon Marketplace.
E. Amazon Again Informed the Defendant That Comet’s Agent Access Was Unauthorized, Yet the Defendant Continued Unauthorized Access to Private User Accounts on the Amazon Marketplace
After the defendant quickly circumvented Amazon’s technical measures, Amazon confronted the defendant regarding its unauthorized access to the Amazon Marketplace on two occasions.
On September 12, 2025, Amazon contacted the defendant’s CEO Mr. Srinivas and clarified that the Comet AI agent had accessed the Amazon Marketplace without authorization. Amazon explicitly stated that if the defendant continued to access the Amazon Marketplace without identifying the Comet AI agent, legal action would likely be taken. Mr. Srinivas did not deny that the Comet AI agent accessed the Amazon Marketplace without identifying itself.
On September 29, 2025, Amazon communicated with Mr. Srinivas and Mr. Shevelenko, the defendant’s CEO and CBO, respectively, explaining that the Comet AI agent had accessed the Amazon Marketplace without transparent identification. Mr. Srinivas and Mr. Shevelenko failed to provide any reasonable justification for the defendant’s unauthorized actions. Following this call, the defendant’s Comet AI agent continued to access the Amazon Marketplace through private user accounts while impersonating Google Chrome and failing to identify itself.
On October 2, 2025, the defendant made Comet widely and freely available to the public.
F. Amazon Sent a Cease-and-Desist Letter to the Defendant, but the Defendant Refused to Change Its Practices
On October 31, 2025, Amazon sent a cease-and-desist letter to the defendant, reiterating that the defendant had no right to secretly deploy AI agents on the Amazon Marketplace and that if this behavior continued, Amazon would seek all available legal and equitable remedies.
5
Defendant’s Actions Have Caused Irreparable Harm to Amazon
Amazon has control over access to its private user accounts and private user data. The defendant’s ongoing secret and unauthorized access to the Amazon Marketplace through private user accounts has caused irreparable harm to Amazon.
Under Amazon’s Terms of Use, the License and Access Terms prohibit the commercial downloading, copying, or use of account information for third parties (such as Perplexity), as well as the use of data mining, robots, or similar data gathering and extraction tools; the Amazon Software Terms prohibit circumventing any technical measures related to Amazon software; and the Agent Terms explicitly require AI agents to transparently identify themselves while operating within the Amazon Marketplace and to comply with Amazon’s requests to avoid accessing the Marketplace. The Agent Terms also prohibit AI agents from circumventing any measures designed to prevent, restrict, or control their access to the Marketplace. Amazon has clearly and repeatedly communicated all of these Terms of Use to the defendant.
Amazon has directly requested the defendant to cease its secret and unauthorized access to the Amazon Marketplace at least four different times—on November 19, 2024, August 4, 2025, September 12, 2025, and September 29, 2025. However, the defendant has not ceased its unlawful actions.
Given the defendant’s refusal to comply with Amazon’s requests not to intrude into its protected computers, Amazon implemented a technical measure on August 19, 2025, aimed at restricting Comet’s agent access to the Amazon Marketplace through private user accounts. However, the defendant circumvented that technical measure and continued to access the Amazon Marketplace through private user accounts without identifying its browser or agent activities.
On October 31, 2025, Amazon issued a cease-and-desist letter, explicitly revoking the defendant’s permission to access the Amazon Marketplace while using secret AI agents and stating that it would take legal action.
To date, the defendant has not responded to any of Amazon’s efforts to maintain its control over the Amazon Marketplace and private user accounts. Instead, the defendant has continuously and without authorization accessed all available data within Amazon users’ private accounts through the Comet AI agent, including these users’ account details, shopping history, billing information, and other personal and financial data. The defendant’s ongoing malicious actions indicate that only court intervention and prohibition of the defendant’s further unauthorized access to the Amazon Marketplace through private user accounts will terminate its unlawful behavior.
The well-known security vulnerabilities of Comet and the risks these vulnerabilities pose to users accessing their Amazon Marketplace private accounts through the Comet AI agent exacerbate the harm suffered by Amazon. The defendant’s Terms of Use and Privacy Policy grant it broad permissions to collect passwords, security keys, payment methods, shopping history, and other sensitive data when users access the Amazon Marketplace or other third-party websites through Comet, while denying any responsibility for data security.
This situation is concerning, as reports indicate that Comet is highly susceptible to security attacks, including malicious actors potentially using the Comet AI agent to “steal sensitive data from connected services (such as the Amazon Marketplace).” In fact, the defendant’s Comet browser is vulnerable to “common tactics used by scammers,” including “scanning obvious phishing emails, visiting malicious websites, and tricking its users into providing bank account credentials without any abnormal prompts.”
The defendant’s unauthorized access and illegal actions increase the likelihood that users’ private account data accessed through the Comet AI agent will become targets for data theft and be stolen by cybercriminals. This is particularly concerning because the defendant deliberately circumvented Amazon’s identification of the Comet AI agent while accessing the Amazon Marketplace through private user accounts, directly interfering with Amazon’s ability to protect the data of users accessing the Marketplace through the Comet AI agent.
Once Amazon users experience fraud or account takeover, they often miss the best opportunity to resolve the issue. In this scenario, Amazon will not only face significant reputational damage but also issues such as user attrition, decreased user trust, and damage to goodwill. Such user harm is entirely attributable to the defendant’s unlawful actions and its refusal to respond to Amazon’s repeated requests for transparency in conducting agent AI activities.
Finally, the defendant’s misconduct further damages Amazon’s reputation and goodwill by occupying Amazon’s service resources, degrading the quality of the shopping experience on the Amazon Marketplace, and disrupting Amazon’s user relationships. Amazon has invested decades of time and resources in creating a curated, personalized shopping experience on the Amazon Marketplace. The Comet AI agent obstructs Amazon’s control over Marketplace access, thereby affecting the quality of the shopping experience Amazon provides to users. When the Comet AI agent conducts shopping and purchasing activities on the Amazon Marketplace using private user accounts, it may fail to filter out the best prices, delivery methods, or most suitable products for users. Additionally, the Comet AI agent may not add products to existing delivery orders to meet the minimum threshold for free shipping, which could have provided users with more cost-effective and/or faster delivery services. Therefore, the defendant’s agent activities within the Amazon Marketplace have damaged Amazon’s commercial reputation and user goodwill.
When users of the Comet AI agent question the security of their personal account information or experience a decline in shopping experience, their confidence in the Amazon brand will weaken. The defendant’s interference with Amazon’s ability to provide a secure and positive user experience, and the resulting decline in user trust, constitutes typical irreparable harm.
6
Defendant’s Secret and Unauthorized Access to the Amazon Marketplace Has Caused Significant Economic and Technical Harm to Amazon
Amazon has also suffered over $260,000 in economic and technical losses, including the manpower and resources invested in investigating and combating the defendant’s unauthorized and secret deployment of the Comet AI agent to the Amazon Marketplace.
Since July 2025, eight members of Amazon’s traffic engineering team have spent hundreds of workdays investigating, monitoring, and repairing the defendant’s agent activities within the Amazon Marketplace.
These traffic engineering team members have also worked to design a technical measure to prevent the defendant’s Comet AI agent from secretly accessing the Amazon Marketplace through private user accounts. However, the defendant successfully circumvented this barrier within 24 hours of its deployment.
Traffic from the Comet AI agent has interfered with and harmed Amazon’s technical and automated computer systems in at least two ways.
First, traffic from automated agents (such as the Comet AI agent) places operational pressure and costs on Amazon’s advertising system. Amazon’s advertisers pay to have ads displayed to human users, with billing based on effective ad impressions. When automated agents (such as the Comet AI agent) generate ad traffic, Amazon must invest engineering resources to detect and filter out this non-human impression volume before it can bill advertisers. This requires modifications to Amazon’s advertising system, including developing new detection mechanisms to identify and exclude automated traffic. These system adjustments are necessary to fulfill contractual obligations to advertisers who pay only for legitimate human impressions.
Second, the defendant has harmed the accounts of Amazon users who simultaneously accessed the Amazon Marketplace using the Comet AI agent. When Amazon users access the Amazon Marketplace through the Comet AI agent, Amazon must ban these users’ accounts upon identifying the Comet’s agent activity. Once this occurs, these users can no longer access the Amazon Marketplace through Comet. Therefore, when these users wish to re-access their Amazon accounts through non-agent browsing, Amazon must repair and lift the bans on these accounts. This places operational pressure and costs on Amazon, which could have been avoided if the Comet AI agent had identified itself through its user agent string while accessing the Amazon Marketplace, as this would have allowed Amazon to block only the traffic associated with the Comet AI agent rather than banning entire user accounts.
The economic burden on Amazon to investigate and repair the defendant’s actions has been exacerbated by the fact that the traffic engineering team members involved have diverted their attention from their regular Amazon server operations and maintenance tasks, which are aimed at ensuring the reliability of user satisfaction across Amazon’s many services.
First Count
Computer Fraud and Abuse Act (18 U.S.C. § 1030 et seq.)
Amazon reasserts and reiterates all of the above allegations, treating them as fully stated herein.
The defendant has violated 18 U.S.C. § 1030.
Amazon’s computers are involved in interstate and international trade and communications, constituting protected computers as defined in 18 U.S.C. § 1030(e)(2)(B).
The defendant has violated 18 U.S.C. § 1030(a)(2) by intentionally and knowingly accessing and continuing to access Amazon’s computers without authorization or exceeding authorized access, obtaining private user information from Amazon’s protected computers. The defendant has obtained information from Amazon’s protected computer transactions involving interstate and international trade, including but not limited to private account details, shopping history, billing information, and other sensitive personal and financial data of Amazon users.
The defendant has violated 18 U.S.C. § 1030(a)(4) by intentionally and with fraudulent intent accessing Amazon’s computers without authorization or exceeding authorized access, including by concealing its agent activities and violating Amazon’s Terms of Use, thereby facilitating anticipated fraudulent conduct and obtaining valuable property. The defendant’s anticipated fraudulent conduct includes sending concealed commands and requests to Amazon’s computers, falsely claiming that these requests originated from authenticated, logged-in users to access and obtain Amazon data valued at over $5,000.
The defendant’s actions have caused Amazon losses as defined in 18 U.S.C. § 1030(e)(11), with losses exceeding $5,000 within a year, including resource expenditures for investigating and repairing the defendant’s actions.
Amazon seeks damages and injunctive relief as permitted by 18 U.S.C. § 1030(g) in a trial.
Amazon has suffered irreparable and immeasurable harm due to the defendant’s actions, and unless the defendant is prohibited from further unauthorized use of Amazon’s protected computers, such harm will continue. Amazon lacks adequate legal remedies.
Second Count
California Comprehensive Computer Data Access and Fraud Act and California Penal Code § 502
Amazon reasserts and reiterates all of the above allegations, treating them as fully stated herein.
The defendant has violated California Penal Code § 502.
The defendant knowingly and without authorization obtained, copied, and/or used data from Amazon’s computers, computer systems, and/or computer networks, in violation of California Penal Code § 502(c)(2).
The defendant knowingly and without permission used or caused others to use Amazon’s computer services, in violation of California Penal Code § 502(c)(3).
The defendant knowingly and without authorization accessed and modified data within Amazon’s computers, computer systems, and/or computer networks, including creating browsing and shopping history data when logging into user accounts, in violation of California Penal Code § 502(c)(4).
The defendant knowingly and without permission accessed or caused others to access Amazon’s computers, computer systems, and/or computer networks, in violation of California Penal Code § 502(c)(7).
Amazon has suffered and continues to suffer harm due to the defendant’s violations of the above California Penal Code § 502.
The defendant’s actions have also caused Amazon irreparable and immeasurable harm and injury, and unless stopped, will cause further irreparable and immeasurable harm, for which Amazon lacks adequate legal remedies.
The defendant has willfully violated California Penal Code § 502, disregarding and harming Amazon’s rights, and the defendant’s actions, as described above, were carried out under oppressive, fraudulent, or malicious circumstances.
Under California Penal Code § 502(e), Amazon is entitled to injunctive relief, compensatory damages, punitive or exemplary damages, attorney’s fees, litigation costs, and other equitable relief.

Relief Requested
Amazon respectfully requests that the court issue a judgment in its favor and against the defendant on all counts.
Amazon requests that the court issue preliminary, temporary, and permanent injunctions prohibiting and restricting the defendant and its agents, employees, heirs, assigns, and all other persons acting in concert or participation with the defendant from:
a. Using AI agents to access, attempt to access, or assist, instruct others to access, or provide others with means to access or attempt to access Amazon’s protected computer systems;
b. Using any accounts on the Amazon website, creating any new accounts, or taking over any existing accounts to enable Perplexity’s AI agents to access Amazon’s protected computer systems;
c. Accessing, attempting to access, or assisting, instructing others to access, or providing others with means to access Amazon’s protected computer systems beyond Amazon’s authorization; and
d. Violating or circumventing any restrictions set by Amazon regarding AI agents or other agent activities on its protected computer systems.
Amazon further requests that the court order the following additional non-monetary relief measures:
a. Destruction of all copies of Amazon data illegally obtained by Perplexity, including user data. All such data must be destroyed, regardless of whether it is held or controlled by Perplexity and its employees, agents, assigns, or third-party service providers (including but not limited to web hosts, proxy servers, privacy services, and domain registrars);
b. Identification of each Amazon account that has been accessed, used, or controlled by Perplexity and its employees, agents, and assigns to implement the complained-of conduct;
c. The defendant must, within thirty (30) days of the court issuing any order providing relief to Amazon, provide written and sworn proof confirming its full compliance with all requirements of that order.
Amazon further requests that the court award it the following amounts as permitted by law and in accordance with the amounts proven at trial:
a. Monetary damages, including but not limited to compensatory damages, statutory damages, and punitive damages;
b. Amazon’s reasonable costs, including reasonable attorney’s fees;
c. Pre-judgment and post-judgment interest.
Amazon further requests that the court grant it any other relief that it deems just and appropriate.
Source: International Intellectual Property Observation