Boundary Governance in the Digital World
Author: Dexin Kong
ORCID: https://orcid.org/0009-0008-3831-5725
Structured and refined with assistance from ChatGPT
AI Automatic Translation (Unreviewed)
Background
Between March and April 2026, several judicial and governance-related incidents involving AI Agents emerged in both China and the United States.
In March 2026, Amazon and Perplexity AI became involved in a lawsuit in the United States. One of the core disputes was whether an AI Agent, even after obtaining user authorization, still required independent permission from the platform in order to access and operate third-party systems.
Around the same time, the Guangzhou Internet Court in China issued a behavior preservation ruling against an AI Agent-related product.
The product used mobile accessibility-service permissions, simulated clicks, and bypassed platform technical restrictions in order to automate operations inside third-party apps. The court ordered the immediate suspension of related operations and the removal of content related to bypassing platform risk controls.
As a result, a question that had previously remained relatively unclear gradually entered public view:
When AI Agents become capable of continuously and autonomously performing digital actions on behalf of users, how should the control boundaries of the digital world be defined?
Historical Mirrors
Looking back through human history, similar situations have appeared many times before.
Between 1885 and 1886, Karl Benz built and patented the Benz Patent-Motorwagen in Germany, marking the emergence of the modern gasoline-powered automobile.
By 1896, the United Kingdom passed the Locomotives on Highways Act 1896.
In the early twentieth century, radio communication technology began to rise rapidly.
In 1912, the United States passed the Radio Act of 1912.
Later, international radio spectrum governance systems gradually emerged as well.
In 1903, the Wright brothers completed the first powered flight.
By 1919, the Paris Convention formally stated for the first time that:
“Every state has complete and exclusive sovereignty over the airspace above its territory.”
Real-World Cases
Around 2025, more and more AI Agents began entering real production environments, attempting to replace humans in increasingly complex tasks.
In early 2025, Agent-native companies such as Manus began attracting significant attention.
During the same period, multiple incidents involving abnormal AI Agent behavior also began circulating frequently within technical communities.
In July 2025, SaaStr founder Jason Lemkin discovered during a Replit “vibe coding” experiment that an AI agent had deleted the production database containing data from more than 1,200 companies.
Replit CEO Amjad Masad later issued a public apology.
In May 2026, PocketOS founder Jer Crane stated that an AI coding agent built on Claude and Cursor deleted the company’s production database and backups within seconds.
Deep Observation
For many years, most actions in the digital world were fundamentally based on humans actively operating systems.
Users clicked buttons, entered text, opened pages, and completed transactions.
But the emergence of Agents has begun changing this situation.
Agents can read pages, invoke system capabilities, access third-party services, complete tasks automatically, and even continue acting on behalf of users during long-running runtimes.
Once “execution” begins to appear, many issues that originally belonged to the physical world also begin mirroring themselves into digital space.
For example:
- Who controls an action?
- Who is allowed to act on behalf of a user?
- Can user authorization be expanded indefinitely?
- Do platforms have the right to refuse third-party agents access to their operating systems?
These questions have long existed within real-world systems involving agency, boundaries, responsibility, and governance.
The difference is that the digital world previously did not truly need to confront them.
The rapid development of AI Agents has caused these long-existing governance problems to appear increasingly frequently within digital space.
Digital Boundaries
For a long time, the internet resembled an “open space.”
Open interfaces, unrestricted access, and automatic connectivity were once widely viewed as the internet’s natural operating model.
But in recent years, the governance models of large platforms have gradually begun changing.
More and more platforms are emphasizing:
- Risk-control systems
- Automation restrictions
- API reviews
- Identity verification
- Bot detection
- Sandboxes
- Behavioral auditing
- Layered permission systems
Many platforms are no longer welcoming to “window-climbing” visitors.
Especially after the emergence of AI Agents.
They are no longer merely browsing webpages. They have begun acquiring actual execution capabilities and entering platform runtime layers directly.
As a result, platforms have also begun re-emphasizing:
A user’s right to use an account does not automatically grant third-party systems the right to control a platform’s operational systems.
Governance Changes
At the same time, the rapid development of AI Agents is creating an increasingly visible “speed mismatch” within traditional governance systems.
Traditional legal systems often assume that:
- The acting entity is human
- The speed of action is human speed
- Authorization relationships are single-layered
- Responsibility chains are traceable, explainable, and attributable
But AI Agents are changing these assumptions.
They can:
- Run continuously
- Make autonomous decisions
- Execute actions across platforms
- Sustain long-running system interactions
As a result, “who is acting” is becoming increasingly unclear.
Users, AI Agents, platforms, automation systems, and multiple layers of delegation are now entering the same behavioral chain simultaneously.
Meanwhile, traditional legal systems still primarily rely on:
- Post-event liability
- Stable interpretation
- Clearly identifiable actors
- Clearly identifiable damages
But many AI Agent risks begin spreading throughout runtime systems before legal systems have even finished defining them.
Platform-led governance is beginning to emerge earlier than formal legal governance.
In many cases, legal systems are no longer the first entities defining boundaries.
Instead, platforms are increasingly establishing operational boundaries first through:
- API restrictions
- Risk-control systems
- Sandbox environments
- Automation constraints
- Runtime restrictions
- Behavioral auditing
Only afterward do laws, regulators, and industry standards gradually begin interpreting, confirming, and institutionalizing these boundaries.
Many traditional systems originally assumed that “actions occur at human scale.”
But after the emergence of AI Agents, many behaviors in digital space have begun separating from human operational speed and human execution patterns for the first time.
When the “actor” is no longer exclusively human, how should boundaries, authorization, and responsibility be redefined?
Traditional legal governance logic itself now appears to be gradually developing a subtle divergence from the ongoing evolution of the digital world.
Ecosystem Changes
Changes in governance structures are also beginning to reshape the broader AI ecosystem.
For large platforms, continuously strengthening governance capabilities makes boundaries increasingly clear and stable.
But for startups, small businesses, and independent developers, this may imply something else entirely.
Many advantages previously built upon “rapid access,” “simulated operation,” and “low-cost automation” are gradually becoming restricted — or disappearing altogether.
Many technical paths that once existed within ambiguous gray zones are also gradually entering explicit governance scopes.
More and more platforms may soon begin requiring:
- Official API access
- Agent identity verification
- Permission reviews
- Behavioral auditing
- Runtime compliance
As a result, new questions are beginning to emerge:
- How can formal access capabilities be obtained?
- How can products be built within platform boundaries?
- How can new collaborative relationships with large platforms be established?
As “free entry” gradually comes to an end, what will small innovators still be able to rely upon for survival?
Platform ecosystems are beginning to raise two questions once again:
- Who is allowed to enter the system?
- Who is allowed to survive long term?
Open Questions
Over the past few years, more and more AI startups have been built around:
- Automated execution
- Multi-platform coordination
- Unofficial runtime access
- Agent delegation
Some of these companies do not belong to traditional platform ecosystems, infrastructure ecosystems, or official operating environments at all.
To some extent, they resemble new species that emerged naturally before digital boundaries had fully formed.
In the future, will companies like Manus continue to appear?
Or perhaps more importantly:
What kinds of operational structures will the next generation of AI startups ultimately be built upon?
Many of these questions still have no answers.
But the boundaries of the digital world appear to be forming at an accelerating pace.
Note:
This project is an ongoing independent research effort developed in spare time.
Some observations and interpretations may continue evolving over time.
Due to differences between Chinese and English linguistic contexts, certain expressions may not fully preserve their original semantic nuances.
The Chinese version remains the primary reference for meaning and interpretation.