Perplexity Comet AI Browser Exposes Users to Security Breach and Copyright Lawsuits

The article describes a new subscription service related to an AI system (Perplexity's Comet Agent) and its revenue-sharing model with publishers to mitigate copyright infringement issues. However, it does not report any realized harm, nor does it indicate a plausible future harm directly caused by the AI system. Instead, it is a development in the AI ecosystem addressing prior concerns, making it complementary information rather than an incident or hazard.

The event involves the use of an AI system (Comet Agent) that interacts with media websites, and the new subscription service is designed to share revenue with publishers to mitigate copyright infringement issues. However, the article does not describe any realized harm or direct incident caused by the AI system; rather, it presents a business and governance response to prior copyright concerns. Therefore, this is best classified as Complementary Information, as it provides context and a response to existing AI-related copyright issues without reporting a new incident or hazard.

The event explicitly involves an AI system (Perplexity AI) that uses AI to search and summarize news content. The unauthorized use of copyrighted material and dissemination of inaccurate summaries have directly led to harm in terms of intellectual property rights violations and commercial damage to the news companies. Therefore, this qualifies as an AI Incident under the framework, as the AI system's use has directly led to violations of intellectual property rights and harm to commercial interests.

The event involves the use of an AI system (Perplexity's AI assistant/search engine) that uses publisher content to generate responses. The legal actions by publishers alleging copyright infringement constitute a violation of intellectual property rights, which is a recognized harm under the AI Incident definition. Since the AI system's use of content has directly led to legal disputes over rights violations, this qualifies as an AI Incident.

The event clearly involves an AI system (Perplexity AI) that uses AI to collect, summarize, and disseminate news content without authorization, leading to violations of copyright law and harm to the news organizations' business and reputation. This fits the definition of an AI Incident because the AI system's use has directly led to a breach of intellectual property rights and commercial harm. The legal action and claims for damages further confirm the materialization of harm linked to the AI system's use.

The event explicitly involves an AI system (generative AI search and summarization) whose use has directly led to harm: copyright infringement and commercial damage to news organizations. The unauthorized data scraping and summarization by the AI system violate copyright laws and cause reputational harm, fulfilling the criteria for an AI Incident under violations of intellectual property rights and harm to commercial interests. The involvement of the AI system in the development and use stages is clear, and the harm is realized and ongoing, not merely potential. Therefore, this is classified as an AI Incident.

The event explicitly involves an AI system (the AI browser Comet acting as an AI agent) whose malfunction or insecure design has directly led to realized harm: attackers can steal email verification codes and hijack user accounts. The harm includes violations of privacy and security, which fall under violations of human rights and harm to property. The article details how the AI system's design and operation enable this attack, and the harm is ongoing and demonstrated. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information.

The article explicitly describes an AI system (the Comet AI browser agent) whose malfunction and design flaws allow attackers to exploit it by injecting malicious instructions in web content. This leads directly to the theft of sensitive user information (email verification codes) and unauthorized account access, causing harm to users' privacy and security. The harm is realized and ongoing, with the AI system playing a pivotal role in enabling the attack. The event meets the criteria for an AI Incident because the AI system's use and malfunction have directly led to significant harm to individuals' privacy and security.

The event explicitly involves an AI system (Perplexity) whose use of copyrighted content has led to legal action alleging violation of intellectual property rights, which is a breach of obligations under applicable law protecting intellectual property rights. Since the lawsuit is a direct consequence of the AI system's use of content, this constitutes an AI Incident under the framework.

The event clearly involves an AI system (Perplexity AI) that uses AI to search, collect, and summarize news content. The unauthorized use of copyrighted material and the generation of inaccurate summaries have directly led to violations of intellectual property rights and commercial harm to the news organizations. This fits the definition of an AI Incident because the AI system's use has directly led to harm (violation of rights and commercial damage). The legal action and claims for damages further confirm the materialization of harm rather than a potential risk. Therefore, this event is classified as an AI Incident.

The event explicitly involves an AI system (Perplexity AI) that uses large language models to scrape and summarize news content without authorization, leading to legal claims of intellectual property rights violations by the affected newspapers. The harm is realized as the newspapers seek compensation for unauthorized use of their content, which is a breach of intellectual property rights. This fits the definition of an AI Incident because the AI system's use has directly led to a violation of rights and legal harm. The event is not merely a potential risk or a complementary update but a concrete legal action due to harm caused by the AI system's operation.

The article explicitly involves AI systems (Perplexity's AI search engine and AI agents) and their use in content scraping and summarization, which has led to legal disputes and accusations of intellectual property rights violations. However, the article does not report a new AI Incident causing direct or indirect harm such as injury, disruption, or confirmed rights violations beyond ongoing litigation. Instead, it focuses on Perplexity's new revenue-sharing model as a mitigation effort and the ongoing conflict with media and security companies. This fits the definition of Complementary Information, as it updates on responses and developments related to AI harms but does not describe a new primary harm event.

The event involves an AI system (the AI-powered Comet browser) whose malfunction or exploitation directly caused harm to users by leaking sensitive information and enabling account theft. The attackers used hidden malicious instructions to manipulate the AI system into performing unauthorized actions, leading to a breach of user privacy and security. This fits the definition of an AI Incident because the AI system's use and malfunction directly led to harm to persons (data theft and account compromise). The article also discusses broader security challenges and responses, but the primary focus is on the realized harm from this specific vulnerability.

The AI system (Comet's embedded AI agent) is explicitly involved as it processes user commands and webpage content, including malicious hidden instructions, which it executes automatically. This leads directly to harm (theft of sensitive information and account takeover), fulfilling the criteria for an AI Incident. The event involves the use and malfunction of the AI system, resulting in violations of user rights and harm to property (user accounts). The detailed description of realized harm and the AI system's pivotal role in causing it confirms classification as an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Perplexity AI) whose use has led to allegations of copyright infringement, a violation of intellectual property rights. This constitutes harm under the AI Incident definition (c). The company's revenue-sharing plan is a response to these realized harms and legal challenges, indicating that the copyright violation has occurred or is ongoing. Therefore, this qualifies as an AI Incident rather than a hazard or complementary information, as the harm is materialized and the AI system's use is central to the issue.

The article explicitly describes an AI system (the Comet AI browser agent) that executes malicious instructions embedded in web content, leading to unauthorized access to users' email accounts and verification codes. This constitutes a direct harm to users' privacy and security, fulfilling the criteria for an AI Incident under the framework. The harm is realized, not just potential, as attackers can steal sensitive information and hijack accounts. The involvement of the AI system is central to the incident, as the AI agent's behavior enables the attack. Therefore, this event qualifies as an AI Incident rather than a hazard or complementary information.

The article explicitly describes an AI system (Comet AI browser agent) whose use and design flaws have directly led to security breaches compromising user accounts and sensitive data. The AI system executes malicious instructions hidden in web content, leading to unauthorized access and theft of verification codes, which is a clear harm to users' privacy and security. The harm is realized, not just potential, and involves violations of fundamental rights to privacy and security. The involvement of the AI system in causing this harm is direct and central to the incident. Hence, this event meets the criteria for an AI Incident rather than a hazard or complementary information.

The event involves an AI system (Perplexity's AI search and summarization capabilities) used to access and present publisher content. The legal dispute alleges unauthorized copying and storage of content by the AI system, which constitutes a violation of intellectual property rights. Since the alleged unauthorized use has already occurred and legal claims for damages and content deletion are underway, this constitutes a violation of intellectual property rights caused by the AI system's use. Therefore, this qualifies as an AI Incident under the category of violations of intellectual property rights.

The event involves an AI system (Perplexity's AI search and summarization tool) that uses copyrighted content without permission, which constitutes a violation of intellectual property rights. This is a direct harm related to the AI system's development and use, as it infringes copyright laws and causes commercial damage to the news organizations. Therefore, this qualifies as an AI Incident under the framework because the AI system's use has directly led to a breach of intellectual property rights and commercial harm.