Artificial Intelligence, Blockchain, Digital Assets, Electronic Health Records, Intellectual Property, Privacy, Risk Management, Technology Law

Birthing the Agentic Web

On May 19, 2025, Microsoft blogged the following potentially prophetic words:

We envision a world in which agents operate across individual, organizational, team and end-to-end business contexts. This emerging vision of the internet is an open agentic web, where AI agents make decisions and perform tasks on behalf of users or organizations.

In the current mad rush to advance AI agents – which represent autonomous tools operating in the “real world” picking and choosing what comes after a user’s initial AI prompts, companies are paying little heed to existing guardrails.

Indeed, commerce titans are falling all over themselves to get in front of Agentic AI. MasterCard recently announced its launch of an Agentic Payments Program, Mastercard Agent Pay. According to MasterCard’s April 29, 2025 press release, this “groundbreaking solution integrates with agentic AI to revolutionize commerce.”

A day later Visa released information regarding its own Visa Intelligent Commerce which “enables AI to find and buy.” Not to be left out in the colde, PayPal released its own Agent Toolkit that same day. PayPal’s toolkit enables existing agent frameworks, such as OpenAI’s Agents SDKVercel’s AI SDKModel Context Protocol (MCP)LangChain, and CrewAI, to integrate with PayPal’s APIs. 

An agentic web lacking in “privacy by design”, strong cybersecurity hygiene, and proper adherence to regulatory and common law constraints regarding consent, will not likely mainstream agentic AI no matter how many developers are tasked with moving this infrastructure forward.

To fully grasp what needs to be done in this area, all one needs to do is read a description of Stanford Health Care’s implementation of Microsoft’s healthcare agent orchestrator. According to Microsoft, the healthcare agent orchestrator “has helped the Stanford team build and test autonomous AI agents that consult disparate data sources and collaborate on tasks that might otherwise take hours – building a chronological patient timeline, synthesizing current literature, referencing treatment guidelines, sourcing clinical trials and generating reports – using clinically grounded knowledge to deliver accurate and reliable results.”

The compliance landmines referenced in this short blurb read like they are straight from a law school exam.