Retail & Consumer
Agentic AI as Customer Support 2.0 and Sales Expert
Agentic AI represents a significant step forward for customer service bots in the retail and consumer sector. Unlike earlier generations of AI chatbots, which mainly answered simple queries or redirected customers to human representatives, Customer Service AI Bots 2.0 autonomously execute entire customer interactions end-to-end. These advanced AI systems proactively handle complex, multi-step tasks like processing product returns, authorising refunds, arranging replacements, or resolving complaints - fully independently.
The bots can leverage real-time data, transaction histories, and system integrations, enabling them to continuously learn and adapt, and deliver personalised, efficient support with minimal human input. The result: faster response times, lower operational costs, and consistently high service quality - even for complex tasks.
This evolution is further accelerated by the adoption of agentic protocols (e.g. UCP), which allow AI agents to independently negotiate and transact across different retailers and platforms, effectively creating a machine-to-machine economy.
Agentic AI goes beyond just customer support. It now acts as a strategic product manager - designing, launching, and personalising marketing campaigns based on user profiles, seasonal changes, and trends. From content creation to A/B testing and conversion tracking, the AI manages entire campaign lifecycles with minimal oversight. At the same time, it can guide individual purchases - serving as a style advisor, digital guru, or skincare consultant through smart mirrors - adapting recommendations in real time based on user feedback and preferences.
Agentic AI in customer service: efficiency gains vs. consumer law risks
While agentic AI can dramatically improve the efficiency of customer service operations, it still needs to be compliant with European consumer protection laws. These autonomous systems - designed to handle returns, complaints, and contractual communications without human oversight - could misinterpret or misapply statutory rights, creating both legal and reputational risks.
For example, an AI agent might wrongly inform a customer that the statutory 14-day withdrawal period has already expired, despite the deadline still being valid. On the other hand, the AI may authorise a return or issue a refund beyond what is legally or contractually required, potentially creating unjustified liabilities or commercial expectations. In either case, the consequences are more than technical errors - they can amount to legal violations.
Affected consumers may take legal action, but more importantly, consumer protection bodies or competitors could issue cease-and-desist letters under national unfair competition regimes. In Germany, for instance, such infractions can rapidly escalate into formal cease-and-desist relief proceedings, coupled with public scrutiny and reputational damage.
To mitigate these risks, companies deploying agentic AI in customer-facing functions will need to think about safeguards. These are likely to include regular legal audits of AI decision trees, automated logging of sensitive transactions (e.g. rejections of refund requests or limitation of warranty claims), and escalation protocols to human employees for extreme cases. Importantly, legal departments will want to define the Al's operational boundaries, especially in areas involving withdrawal rights, warranty terms, or cancellation procedures. This will help ensure that the system's autonomy does not compromise the company's compliance with consumer protection law.
Agentic AI in advertising: personalisation on the edge of compliance
When an agentic AI advises customers during the purchase process or promotes products and services in a personalised manner, it must fully comply with European advertising and consumer protection laws.
More broadly, agentic AI systems must follow the standard legal principles of advertising: fairness, transparency, and truthfulness. They must not mislead consumers, apply undue pressure, engage in unfair comparative advertising, or initiate unsolicited contact. For example, an AI sales agent that pushes products with countdown timers (“Only 10 minutes left!”), scarcity messages (“Only 2 items left!”), or personalised emotional nudges (“You deserve this - don’t miss out!”) may infringe the Unfair Commercial Practices Directive (2005/29/EC), especially if it exploits user vulnerabilities or targets minors.
The risk is particularly acute when the AI hallucinates product features, such as claiming allergy benefits, longer battery life, or exclusive availability, without factual basis. This kind of content could not only potentially violate advertising law, but, under the AI Act, it could trigger transparency obligations requiring clear labelling and explanation of Al-generated content (e.g. in case of deep fakes depicting a celebrity testimonial). A deep fake means AI-generated or manipulated image, audio or video content that resembles existing persons, objects, places, entities or events and would falsely appear to a person to be authentic or truthful. For instance, imagine a commercial in which a famous football player enthusiastically endorses an energy drink during a football game - even though in reality they never agreed to such a campaign.
In regulated sectors, such as cosmetics or supplements, even stricter rules apply. A virtual skincare adviser falsely recommending creams with "proven anti-aging molecules," would likely breach sector-specific marketing rules. For instance, dietary supplement recommendations must not contain unauthorised health claims under the Health Claims Regulation, such as overstated vitamin benefits or implied medical effects.
If use of agentic AI results in misleading or unlawful advertising, competitors or consumer associations may issue cease-and-desist letters for unfair commercial practices. While enforcement typically targets the company, the Al's autonomous behaviour raises unresolved questions about liability. Despite its independence, the system will likely be treated as an extension of the provider, placing full legal responsibility on the business deploying it.
To mitigate these risks, companies will want to think about compliance protocols. Decision trees are a good example of this. Governance can include legal vetting of training data and marketing claims, clearly defined intervention thresholds, and built-in fallback mechanisms when the AI proposes high-risk promotional content.
DSA and AI Act: dark patterns and prohibited practices in agentic AI
Agentic AI systems that autonomously sell, recommend, or promote consumer products, are subject to heightened regulatory scrutiny - particularly when they influence purchasing decisions without meaningful human oversight. Online platforms deploying such systems - like AI-powered storefronts, virtual sales agents, or dynamic in-game shops - may fall under Article 25 of the Digital Services Act (DSA), which prohibits dark patterns. These are interface designs that distort or impair the user's ability to make free and informed choices.
Practices that may attract regulatory scrutiny might include an AI that: persistently pushes purchase prompts after a user shows hesitation; highlights the “Buy Now” button in vibrant green while dimming “Cancel” or “Details;” or inserts artificial scarcity cues (“Only 1 left!”) for unlimited digital items. Another common pattern is price pressure: for instance, if the AI detects cart abandonment and responds with time-sensitive, dynamically increasing prices (“Hurry - price increases in 3 minutes!”), it may be engaging in unlawful manipulation - especially when targeting minors or vulnerable users with cognitive, emotional, or economic susceptibilities.
In parallel, the AI Act (Article 5(1)(a)) prohibits AI systems from exploiting behavioural or psychological vulnerabilities in a way likely to cause significant harm (i.e. adverse impacts on physical, psychological, health or financial interests). This applies across all sectors, including retail, entertainment, and wellness. Such a prohibition could be relevant if an agentic AI in a game tells younger players their character will "fall behind" without a certain in-game item, or if a fitness app aggressively markets weight-loss products to overweight users. Another potentially risky scenario is dynamic bundling, where the AI autonomously adds related items to the user's cart based on real-time behavioural signals, without transparent consent.
To mitigate such risks, businesses will want to establish strong oversight frameworks (covering the agent's motivations and goals). AI-driven user interface ("UI") changes - such as repositioning buttons, suppressing opt-out options, or modifying visual hierarchy - should be tracked and auditable. Significant modifications that affect decision-making (e.g. removing confirmation steps, pre-ticked subscription boxes) should trigger mandatory human review. Ethical design constraints should also be hardcoded into the Al's action space. For instance: no countdown mechanisms for minors, no "decoy pricing" for healthcare or wellness products; and parity in font size and layout between "Accept" and "Decline" choices.
Transparency is equally critical. Users must be explicitly informed when interacting with an AI, unless this is obvious from the point of view of a reasonably well-informed, observant and circumspect natural person, taking into account the circumstances and the context of use. Where required, transparency may take the form of clear labels ("AI Shopping Assistant"); in-context prompts ("This recommendation was generated by AI"); or visual design cues such as unique icons, badges, or behaviour patterns. For example, an AI recommending alcoholic beverages should carry a visible badge ("AI Sommelier") to avoid misleading users and to comply with sector-specific rules on alcohol advertising.
What to consider next:
- Retailers and consumer brands should consider guardrails for autonomous customer interactions. This includes defining the AI’s permitted scope in returns, refunds and complaints, ensuring legal review of marketing and recommendation logic, and implementing safeguards against misleading claims or dark-pattern UI changes.
- This is not only a legal challenge but a technical one, because a certain degree of determinism must be enforced in systems that are fundamentally non-deterministic. Robust escalation paths and audit trails will be essential to keep autonomy aligned with consumer-law compliance.