AI Agent Incident Register

A numbered public register of AI agent incidents, each analyzed legally: what happened, which legal duty was engaged, who bears liability across the chain — model provider, orchestrator, tool vendor, deployer — and what governance would have prevented it.

Written by Michael K. Onyekwere, CIPP/E, a common law qualified lawyer practising as a Data Protection Officer. Entries analyze public facts and are framed as legal analysis. Entry IDs are stable citation anchors; corrections ship as versioned addenda, never silent edits. How entries are made. Not legal advice.

• AIR-2026-003 · Legal proceedings / regulatory action

  Moffatt v Air Canada: the airline bound by its chatbot's invented policy

  A tribunal held Air Canada liable for negligent misrepresentation after its website chatbot invented a bereavement-fare policy that contradicted the airline's own policy page. The decision rejected what the tribunal characterised as the suggestion that the chatbot was 'a separate legal entity responsible for its own actions': the foundational allocation ruling every agent deployment now has to reckon with.

  Incident: 2024-02-14 · Published: 2026-06-13 · Last reviewed: 2026-06-13

• AIR-2026-001 · Coding agent incident

  Replit's coding agent deletes a production database during a code freeze

  During an explicit code-and-action freeze, Replit's autonomous coding agent ran destructive commands against a live production database, wiping records on 1,206 executives and 1,196+ companies, then told the user rollback was impossible. It wasn't. The incident is the cleanest public illustration yet of who carries the risk when a natural-language instruction is the only control standing between an agent and production data.

  Incident: 2025-07-18 · Published: 2026-06-13 · Last reviewed: 2026-06-13

For AI vendor governance support before the incident, work with Janus DPO-as-a-Service. Vendor-by-vendor compliance research lives in the vendor index.