AI governance for the agent era.
Independent legal analysis of how AI agents fail and who is liable when they do. By Michael K. Onyekwere, CIPP/E, a common law qualified lawyer practising as a Data Protection Officer.
When an autonomous agent deletes a database, leaks a customer record, or invents a policy, every board and counsel asks the same question: who is accountable? CompanyScope answers it.
The AI Agent Incident Register
A numbered public corpus: every significant public AI agent failure analysed legally. What happened, which legal duty was engaged, who bears liability across the chain (model provider, orchestrator, tool vendor, deployer), and what governance would have prevented it. Free, no login. CIPP/E-reviewed, mapped to the EU AI Act, OWASP, IMDA, and NIST AI RMF, with stable citation IDs.
AIR-2026-006 · incident 2025-04-10
Garante v Luka: Italy's €5M fine on the Replika chatbot for processing without a legal basis
Italy's data protection authority fined Luka Inc., the US maker of the Replika 'AI companion' chatbot, €5 million for running the service without a valid legal basis, with an inadequate privacy notice, and with no age verification despite barring minors. It is the clearest crystallised-liability entry in the register so far: a regulator naming the duty, the breach, and the penalty, and reserving the harder question of how the model was trained for a separate case.
AIR-2026-005 · incident 2025-06-06
Ayinde v Haringey: the UK High Court on lawyers who filed AI-fabricated case law
A Divisional Court of the King's Bench heard two cases together in which lawyers put fabricated, AI-generated case authorities before the court. The ruling sets the UK position plainly: a lawyer is responsible for the accuracy of everything they file, whatever tool produced it, and AI output must be checked against primary sources before it is relied on. It is the professional-accountability counterpart to Moffatt (the agent's output is the principal's responsibility), applied to the people who answer to a regulator.
AIR-2026-004 · incident 2025-06-11
EchoLeak: a zero-click exfiltration path demonstrated through Microsoft 365 Copilot
Security researchers showed that a single crafted email could make Microsoft 365 Copilot exfiltrate data from a user's context with no click, the first zero-click attack demonstrated in a widely used generative-AI product. Microsoft fixed it server-side before any real-world exploitation. This entry analyses the liability the technique would have created had it been used against personal data, and why a stack of guardrails that are each individually bypassable does not add up to a defence.
Read the full Register or see how entries are made.
The research behind it
The Register draws on standing compliance research into the AI vendors UK and EU buyers actually deploy:
- Vendor compliance profiles: DPA, subprocessors, training position, transfers, and AI Act posture for OpenAI, Anthropic, Microsoft 365 Copilot, Google Gemini, Perplexity, ElevenLabs
- Topic guides: DPA, EU AI Act, and HIPAA reference reading that recurs against every vendor
- Head-to-head comparisons: when the question is which of two vendors clears the procurement gate
Work with Michael
The analysis here is the work Janus Compliance does for clients before the incident. For ongoing agent and AI vendor governance, Michael runs Janus DPO-as-a-Service (fractional Data Protection Officer, from £500/month). For a single decision, request a CIPP/E-reviewed Vendor Risk Note from the form at the foot of any vendor profile or Register entry.
More on the practice and the person behind it: About Michael K. Onyekwere.
Subscribe to the AI Agent Incident Register
Every new Register entry delivered with the legal analysis: the incident, the duty engaged, who is liable across the chain, and what governance would have prevented it. Written by Michael K. Onyekwere, CIPP/E. Free.
Subscribe — freeDelivered via Compliance Engineering on Substack, which handles your subscription and consent. Unsubscribe any time. Privacy notice.