AI agents under antitrust and consumer protection scrutiny: Risks and opportunities for compliance

There is persistent ambiguity around what “AI agents”, “AI chatbots” and “virtual assistants” mean in practice.⁵ This is because “[t]here does not appear to be one settled definition within industry on what exactly constitutes an AI agent or agentic AI”.⁶

At a high level, AI chatbots and virtual assistants can be considered as sub-types of conversational AI agents. AI chatbots simulate human conversation (text or speech) to provide information or complete limited tasks by interpreting user input, whereas “virtual assistants” have an intermediary role, as they enable users to access other services and/or control connected devices (e.g., Siri, Alexa, Google Assistant, Cortana).

What distinguishes true AI agents from both AI chatbots and virtual assistants is that they “do not merely assist, they sense (perceive their environment), decide and act”.⁷ For example, in its recent “Cloud and AI Development Act” proposal, the European Commission (“EC”) defines “AI agent” as “an AI system or a coordinated set of AI systems, that can perceive and act upon their environment, with a degree of autonomy, using tools as needed to achieve specific goals and adapt to changing inputs and contexts”.⁸

From a technological perspective, their distinguishing feature is their ability to proactively “continue their work without further input or human intervention”  and “even plan ahead and execute actions autonomously”,⁹ following an initial prompt. The added value is that AI agents can learn from previous input and adapt, and that “[t]hey possess enhanced connectivity, allowing them to accept (multi-modal) input from various sources (for example, voice, text, vision, sensors, or external applications) to effectively comprehend and carry out tasks”.¹⁰

Simply put, “AI assistants are reactive, performing tasks at your request. AI agents are proactive, working autonomously to achieve a specific goal by any means at their disposal”.¹¹

This distinction between AI agents, AI chatbots and virtual assistants is partly captured by the EU digital legislation which applies to various aspects of those technologies.

a) The Digital Markets Act

The Digital Markets Act (“DMA”)¹² is directly, albeit only partially relevant to the regulation of these AI services from the perspective of contestability, fairness, and broader competition.

The DMA applies to designated gatekeepers providing a Core Platform Service (“CPS”) listed in Article 2(2). “Virtual assistants” are included in the list of CPS and are defined as “software that can process demands, tasks or questions, including those based on audio, visual, written input, gestures or motions, and that, based on those demands, tasks or questions, provides access to other services or controls connected physical devices”.¹³ The last part of this definition points to virtual assistants’ key feature as a “bridge” connecting one technology to another. The DMA’s drafting history confirms that their inclusion as a CPS was driven by this intermediary role, notably for voice assistants in IoT contexts.¹⁴ Pure AI chatbots (which don’t have this intermediary role) should then fall outside the DMA virtual assistant concept, although they may still be relevant when integrated with other CPSs.

When it comes to true conversational AI agents, their status under the DMA is unclear. The DMA can apply when these are integrated into another CPS (e.g., when pre-installed into the operating system of a designated gatekeeper). It is questionable whether they could be designated under any of the existing CPSs – for example, the category of virtual assistants, as mentioned above, is arguably too narrow to encompass the breadth of AI agents, given AI agents’ much broader role and potential compared with what the DMA seems to define as virtual assistants.

However, there are signals that the EC considers that AI agents are (at least partly) caught by the DMA already, and that they will in the future have a clearer status under the DMA. In its recent DMA review,¹⁵ the EC lists a number of initiatives it has already taken in the broader AI area on the basis of the DMA, demonstrating the DMA’s relevance to the future development of services in this space.

Moreover, respondents to the DMA review consultation process have called for more gatekeeper designations for services that fall under existing CPS categories under the DMA, including “virtual assistants”.¹⁶ They asked for more CPSs, including “AI services”, to be added to the list of CPSs under Article 2(2) of the DMA, and for amended or additional obligations specifically for AI services.

In response to this feedback and based on the results of its review, the EC, in the “Accompanying staff working document to the DMA review”, highlights two complementary tracks for addressing contestability and fairness in relation to AI services and the broader AI value chain:¹⁷

• Use existing antitrust tools for conduct outside the DMA (the EC gives Google’s use of online content for AI¹⁸ and Meta’s policy excluding third-party AI providers from WhatsApp¹⁹ as examples).
• Consider extending the DMA’s application scope by assessing whether AI agents should be designated as virtual assistants (or even added as a new CPS) and whether existing obligations require updating. The EC states that it will be “monitoring whether certain AI services should be designated as virtual assistants or whether a market investigation pursuant to Article 19 of the DMA is needed to assess whether AI services need to be added as a new CPS as well as whether the existing obligations need to be updated”.²⁰ For example, in its decision on Article 6(11) DMA regarding Google search data sharing, the EC found that under Article 6(11) eligible beneficiaries can include AI chatbots that provide online search engine functionalities – a signal that AI-agent-like services may be treated as entitled to access where they perform “gateway” search functions and could be captured by the DMA. Even if framed as “AI chatbots”, the decision points to extending access concepts to AI services where they functionally resemble a gateway/search engine (e.g., Perplexity/ChatGPT in certain use cases). Moreover, it appears that the EC has already started taking the informal first steps to consider designating AI agents under the DMA, including by questioning platforms about their details on how many people use their AI assistants.²¹

There is therefore scope under the DMA for the EC to take enforcement initiatives to address contestability and fairness in the AI market, particularly with regard to AI agents, although the precise status of AI agents under the DMA, including which requirements apply to them and how, remains unclear. At this stage, as a top EC competition enforcer noted at a recent conference, AI is essentially a “natural experiment” for the DMA, as “[t]his is the first time [the EC is] not trying to undo something which has been there for 20 years, but […] to create conditions for a level playing field” as the technology advances.²²

b) The AI Act

The AI Act²³ takes a broader, effects-and risk-based approach, compared to the DMA. Its definition of an “AI system” (Article 3(1)) focuses on autonomy and the ability to generate outputs, such as predictions, content, recommendations, decisions, which can capture conversational AI agents generally. Recital 12 emphasises their “capability to infer”, i.e. the capability to generate outputs from inputs/data that may influence physical or virtual environments.

Article 50(1) then introduces transparency obligations for AI systems intended to interact directly with natural persons – primarily relevant to AI chatbots and virtual assistants. As specified in the draft guidelines on the implementation of the transparency obligations under Article 50 of the AI Act,²⁴ AI agents are covered by Article 50(1) AI Act if they are designed to interact with the persons instructing them and potentially with other natural persons in the execution of tasks. Given it may not always be possible for the provider to identify individual instances of interaction of an AI agent with other natural persons, in such circumstances the agent should be instructed to disclose itself as such in every situation where it is likely that the agent may interact with a natural person. This should happen in ways appropriate to the context where the interaction takes place, such as, for instance, an email generated by an AI agent sent to a natural person that features an AI label at the top, or AI identifiers or credentials (e.g. AI agents that disclose their AI identity, including as appropriate in a verifiable manner). Similarly, Article 50(2) requires providers of AI systems generating synthetic content to implement technical solutions that meet certain quality requirements for machine-readable marking and detection of their AI system outputs. These may be relevant for agentic AI systems that pursue goals, such as planning, making decisions, or taking actions while interacting with physical or virtual environments. Article 50(2) notably provides also the requirement for providers to ensure, insofar as technically feasible, that their solutions are, inter alia, interoperable, paving the way for potential (direct or indirect) applications of this provisions also in the context of competition and consumer enforcement.

While not considered high-risk themselves, conversational AI systems could qualify as high risk based on the classification rules laid down in Article 6, and therefore trigger relevant obligations. For instance, an AI-enabled chatbot (or a virtual spokesperson/agent) developed for use by political actors to interact with natural persons in a conversational manner, simulating political dialogue with voters to persuade them to support a candidate or policy, would fall within the relevant high-risk system use cases. Recital 119 of the AI Act also contemplates integration of “AI systems such as an online chatbot” into services (e.g., search engines) that combine information from multiple sources into a single output. In this regard, the draft EC guidelines on the classification of high-risk AI systems²⁵ further clarify that, when assessing whether a complex, interconnected AI system falls under the use cases of Article 6(2) AI Act, it is necessary to consider the combined configuration thereof, assessing split architectures as a whole. In other words, where the components of an AI system are intended to be used in one of the relevant use cases, the combined system will be classified as high-risk. This may be the case, for instance, for agentic AI systems that coordinate and interact through linked actions if these linked actions or components serve in conjunction an intended high-risk purpose.

While it applies to AI agents, the AI Act does not directly address competition risks across the AI value chain. In addition, enforcement is largely decentralised as national competent authorities will play the primary role in this context, thereby potentially leaving room for enforcement gaps and regulatory fragmentation.

c) The Digital Services Act

The Digital Services Act (“DSA”)²⁶ establishes a multi-layered regulatory framework for providers of intermediary services targeted to the nature and scale of the service. All providers of intermediary services are subject to a set of baseline obligations, including transparency reporting and cooperation with competent authorities. Additional obligations apply progressively to hosting service providers, online platforms, and to those that are designated as very large online platforms (“VLOPs”) or very large online search engines (“VLOSEs”).

Whether AI chatbots, virtual assistants or AI agents could fall within the DSA’s scope depends on the definition of “intermediary services”, which are defined under Article 3(g) DSA as “mere conduit”, “caching” or “hosting services”. On a literal reading, AI agents do not fit neatly within any of these three categories of services. However, the definition of “online search engine” under Article 3(j) DSA could provide argument supporting the view that they are included in the notion of “intermediary service”.²⁷

The definition of “online search engine” is functional: it covers any service that enables users to submit queries and receive results based on content indexed across websites, in any format. An AI agent equipped with retrieval capabilities could potentially be considered to fall in the scope of this definition. The fact that the search functionality is delivered through a conversational interface rather than a traditional search results page should not be determinative, since the DSA was designed to address the risks arising from services that intermediate users’ access to information, and this could be the role of AI agents too.

The issue is currently being formally addressed by the EC. In October 2025, following OpenAI’s disclosure that ChatGPT’s search feature had reached an average of 120.4 million monthly active users in the EU, the EC confirmed it is assessing whether ChatGPT meets the criteria for designation as a VLOSE.²⁸ The question under the EC’s consideration is  whether a service that synthetises answers from external sources, rather than returning indexed links, falls within the definition of “search engine” in Article 3(j) DSA. No formal designation has been announced at this stage.

While this issue is being assessed by the EC, it has been the subject of a jurisdictional dispute between the Italian Communications Authority (“AGCOM”) (i.e. the Digital Services Coordinator under the DSA for Italy)²⁹ and the Italian Competition Authority (“ICA”).

In the three proceedings (DeepSeek,³⁰ Mistral³¹ and Nova AI³²), the ICA rejected the view expressed by the AGCOM that AI agents qualified as an AI-powered search engine and therefore as “intermediary services” under the DSA, triggering transparency obligations the enforcement of which would fall within AGCOM’s competence rather than the ICA’s consumer-protection remit. The ICA rejected this view, finding that the chatbot’s optional, user-activated search function did not render the AI agent a search engine providing intermediary services under the DSA. The same reasoning was applied by the ICA in Mistral and Nova AI.

DeepSeek, Mistral and Nova form a line of three precedents establishing ICA’s position that generative AI chatbots do not, by virtue of an ancillary search functionality, become intermediary services subject to the DSA. These ICA decisions illustrate the challenge of scoping AI agents under existing digital regulation and demonstrate that the application of the DSA to AI agents is not straightforward.

As the above overview shows, each of these sets of rules can be relevant to address antitrust and consumer law issues related to AI agents, AI chatbots and virtual assistants. However, currently none of them fully capture the potential risks and opportunities created by AI agents for competition and fairness in deep-tech markets.

Antitrust and consumer protection regulators are therefore resorting to existing legislation, including competition and unfair commercial practices rules, to tackle issues that have been already manifesting in this space.

In particular, two enforcement areas are getting significant attention in this sphere: the integration and exclusion of AI agents with other platforms (see below, 2 and 3) and manipulation of consumer choice and hallucination risks (see below, 4).

Over recent years AI agents, AI chatbots and virtual assistants have become increasingly integrated into other platforms. For example, until recently, third-party AI providers (such as OpenAI, Elcano and Interaction) have used the WhatsApp Business API to provide AI chatbot and assistance services to WhatsApp users. This enabled users to interact with third-party AI chatbots within WhatsApp, for tasks such as answering questions, generating content or accessing customer support. However, this was ended by the recent decision by Meta to change the Terms and Conditions, by introducing a dedicated section called “AI Providers”, which excluded third-party AI chatbots from WhatsApp.³³

a) The “Meta AI WhatsApp” case

Meta’s decision has sparked important debate over how this conduct can be squared under the antitrust rules, shedding light on the issue whether and under which conditions can a platform, such as WhatsApp, prevent or limit third-party AI-providers from accessing its users, while ensuring compliance with competition law.

Meta’s policy change has attracted fierce reactions from antitrust authorities.³⁴ The ICA launched an investigation into Meta AI even before the change to Meta’s policy, as a reaction to the pre-installation of Meta AI into WhatsApp earlier that year.³⁵ At that time, the key concern underlying the investigation was that Meta had allegedly tied its separate AI and messaging services, and allegedly placed Meta AI in a more prominent position compared to third-party AI chatbots (which at that time were still available on WhatsApp). However, on 25 November 2025, the ICA’s investigation was extended in response to Meta’s policy change and the exclusion of third-party AI chatbots from WhatsApp.³⁶ On 22 December 2025, the ICA also adopted a separate decision to impose interim measures  on Meta, requiring the immediate suspension of the policy change in Italy.

As a follow-up, the EC launched a parallel antitrust inquiry with regard to the exclusion of third-party AI chatbots from WhatsApp,³⁷ and threatened to adopt similar interim measures to those adopted by the ICA. The EC’s investigation is still ongoing.

On 12 May 2026, Meta decided to suspend, for one month, the fees due by third-party AI providers, in order to appease the EC, and pre-empt the adoption of interim measures.³⁸ However, Meta also announced that the suspension of the fees will be limited, in that it will “start charging [rivals] once they hit a limit”.³⁹

While the circumstances surrounding the exclusion of third-party AI providers from WhatsApp were very specific, this will be a fundamental test case for future enforcement in this area, and set the benchmark for other platforms trying to limit AI providers from accessing their user base.

The platformisation of AI agents and the related reaction of incumbent platforms is of direct relevance to both the DMA and broader antitrust rules.

a) DMA

The purpose of the DMA, i.e. “ensure contestability and fairness for the markets in the digital sector in general, and for business users and end users of core platform services provided by gatekeepers in particular”,⁵⁰ is directly relevant to the “platformisation of AI agents” and the related integration with incumbent platforms. In particular, the north-star principle of “contestability”, which is aimed at enabling “undertakings to effectively overcome barriers to entry and expansion and challenge the gatekeeper on the merits of their products and services”,⁵¹ could support the case for enabling third-party AI providers to integrate with incumbent platforms.

In fact, two recent EC decisions, both related to Alphabet, already show how the DMA can impact the development of relationships between AI agents and gatekeeping platforms.

The first decision is based on Article 6(11) DMA, which concerns search data access and requires gatekeepers to provide third-party search engines with access on FRAND terms to ranking, query, click and view data. One of the goals of this decision is to specify which third-parties are eligible to receive search data under Article 6(11) of the DMA. Interestingly, the decision provides that “[t]he proposed measures specify that beneficiaries must operate an online search engine in the EEA to be eligible to receive the search data” and that “[t]his includes AI chatbots that provide online search engine functionalities.”⁵²

According to the EC, AI service providers can qualify as “search engines” and benefit from Article 6(11) data sharing requirements, even if they provide services which are not limited to search, insofar as they also provide “online search functionalities”. The difficulty lies in drawing the line between what constitutes an AI conversational agent and a search function. As mentioned above, in DeepSeek, Mistral AI and Nova AI,⁵³ the ICA has for instance taken the opposite view that the fact that these AI providers include an ancillary “search function” is not enough to qualify their service as a “search engine”; in those cases it was in relation to the DSA, but the same reasoning could theoretically apply in a DMA context, raising the question whether there is a disconnect between the EC and the ICA on this. A potential way of reconciling these positions could be to carry out the assessment of whether or not an AI agent qualifies as a “search engine” on case-by-case basis, in light of  the specific functionalities that AI agents provide. This functionality-based assessment could, however, prove complicated given the kinds of services that AI agents currently provide and their potential to further expand their reach in the future, as they expand their ability to meet broader user needs and become more autonomous.

At this stage, the key point is that, insofar as the EC considers AI providers could fall into the “search engine” category, then Article 6(11) and all other provisions in the DMA which apply to “search engines” could be relevant for AI agents too.⁵⁴

Perhaps the most important provision having regard to the issues raised by the “platformisation of AI agents” is Article 6(12) DMA, which concerns access to app stores, search engines and social networking services and requires a gatekeeper to provide FRAND access for business users to its app stores, search engines and social networks. This provision could potentially be relied upon by the EC in order to establish the framework for discussing under the DMA whether and how third-party AI agents can access application stores, online search engines and online social networking services provided by gatekeepers. However, the standards set in that context could also inform the approach by the EC in cases related to other platforms, such as WhatsApp in the related case concerning Meta AI. The implications are therefore potentially very far reaching.

The second decision concerns Google Android features for AI or AI-related services,⁵⁵ and is related to the specification of the measures Alphabet must implement to comply with Article 6(7) DMA and the interoperability obligations with respect to features which are relevant for third-party providers of AI services on mobile devices. In that decision, the EC notes that “[i]nteroperability with Google Android is […] critical for third-party AI service providers to compete with Alphabet’s AI-based services, such as Gemini.”⁵⁶ On that basis, it sets a number of requirements for Google to ensure interoperability, which include “[i]ntegration with first-party services”, specifying that “third-party AI assistants on Google Android do not have the same level of integration with Alphabet’s apps and services that is available to Alphabet’s AI services, such as Gemini” and that “Alphabet will have to provide effective interoperability with the features that are used to integrate Alphabet’s AI services with other Alphabet apps and services that are deeply integrated with Google Android. This includes access to the user’s personal context, subject to user consent […] [f]or example, third-party AI assistants will be able to help the user to schedule events in Google Calendar or find relevant photos in Google Photos. Third-party AI assistants will also be able to answer questions about YouTube videos or helping with navigation in Google Maps.⁵⁷

This points directly to the issue of enabling third-party AI agents accessing Android’s distribution network and users to provide their services, making Article 6(7) DMA potentially very relevant in the “battle” between AI agents and platforms.

Based on the above, there appear to be multiple angles through which the DMA could provide arguments for AI providers to seek integration with gatekeeping platforms, increasing compliance risks for platforms trying to limit access to their ecosystems.

Key takeaways from “Google Search Data sharing” and “Google Android - Features for AI-related services”

1. Factor in the risk that AI agents and chatbots providing search functionalities may be classified as “search engines” under the DMA, even if such features are secondary/ancillary. This classification would subject them to DMA provisions like Article 6(3) (changing default settings) and Article 6(12) (FRAND access to app stores, search engines, and social networks).
2. Article 6(7) DMA and the interoperability obligations could require gatekeepers to provide access on equal footing to third-party AI agents across multiple aspects, including (i) the “contextual invocation” of the AI service, (ii) the ability for the AI service to gather inputs and data to then understand and anticipate end users’ needs and provide suggestions across apps, (iii) the ability for the AI service to execute tasks on user’s behalf and (iv) the ability for the AI service to use sufficient hardware and software resources to execute their tasks.
3. Furthermore, Article 6(7) could require parity in first-party service integration. 

b) Antitrust rules

As noted above, enforcement by the EC in the AI space will take the form of a double track: DMA for conduct that is in scope and antitrust rules for those which are beyond the reach of the DMA.⁵⁸However, it would be a mistake to underestimate the role that antitrust rules can play in this context. As the investigations concerning the exclusion of third-party AI providers from WhatsApp suggest,⁵⁹ competition law will likely play a fundamental role in shaping enforcement in this area, rather than being secondary or ancillary to the DMA.

When it comes to limiting access of third parties to incumbent digital platforms, the key antitrust precedent which has set the benchmark for future cases is likely to be “Android auto”.⁶⁰ The case concerned Enel X Italia Srl’s request to Google to ensure that JuicePass, its electric car charging application, is interoperable with Android Auto. Some categories of third-party apps (media and messaging) could be integrated into Android auto by complying with certain templates developed and made available by Google. By contrast, JuicePass was denied access because it was considered a navigation service, for which Google did not make available any template, while Google’s proprietary navigation apps (i.e., Maps and Waze) were available on Android auto.

In those circumstances, the EU Court of Justice essentially ruled that, in order to comply with the prohibition on abuse of dominance set out in Article 102 TFEU, Google would have to take the necessary measures to ensure interoperability, which would include developing and making available the necessary templates to enable JuicePass to integrate with Android auto.

Two aspects of the Court’s reasoning on abuse are particularly relevant to the exclusion of third-party AI agents from incumbent platforms and were echoed in the ICA’s recent decisions on Meta’s exclusion of third-party AI providers from WhatsApp.⁶¹

• The “infrastructure” (for example Android Auto or WhatsApp) was developed from the outset by the dominant undertaking not solely for the needs of its own activities, but with a view to allowing the use of that infrastructure by third-party undertakings.⁶² This can be evidenced by the fact that the undertaking in a dominant position has already granted such access to such third-party undertakings.⁶³
• The refusal by the dominant undertaking to allow access to a third-party undertaking “has the actual or potential effect of excluding, obstructing or delaying the development on the market of a product or service which is at least potentially in competition with a product or service supplied or capable of being supplied by the undertaking in a dominant position and constitutes conduct which restricts competition on the merits, and is thereby capable of causing harm to consumers.”⁶⁴

Both these conditions appear to be relatively straightforward in both Android auto and Meta AI WhatsApp, since both platforms had granted access to third-party providers and the dominant firm’s competing product already existed and was itself available on the platform (Google Maps and Waze in Android auto, and Meta AI in WhatsApp). Outside this scenario, it is less clear when these conditions could be met. Particularly the second one, which would require identifying a situation of “potential competition” with a product that “can be provided” by the dominant firm.

Although its concrete implications are still to be explored, the “Android auto” judgment clearly provides an important angle from which to assess risks and opportunities with regard to the “platformisation of AI agents” and the broader issue of excluding, limiting or allowing third-party AI providers on incumbent platforms. Greater clarity will hopefully come from future rulings of the EU Court of Justice – this could be the case, for example, if Meta litigates any decision by the EC requiring it to give access to third-party AI providers, notably on the grounds of the “Android auto” case law.