137AI > Agents > Physical Agents > Autonomous Physical Agents as Regulatory Category
Autonomous Physical Agents
Autonomous physical agents — robotaxis, humanoid robots, delivery and mobile robots, industrial mobile robots and cobots, autonomous trucks and platoons, drones, and the multi-agent fleets and swarms they form — do not fit cleanly into any of the regulatory regimes that govern their non-autonomous predecessors. Vehicle safety law was written assuming a human driver. Industrial machinery safety was written assuming a stationary or fixed-path machine in a controlled environment. Aviation regulation was written assuming a piloted aircraft with a licensed operator. Personal data law was written assuming discrete transactions, not the continuous capture autonomous physical agents perform as a byproduct of operation. Criminal law was written assuming human actors with the capacity to form intent. Each existing regime captures part of the surface that autonomous physical agents present. None covers the whole.
This piece argues that autonomous physical agents are a distinct regulatory category, requiring deliberate construction rather than piecemeal extension of the existing regimes. The argument is not that new legislation must precede deployment — the field is past the point where that is feasible — but that policymakers, regulators, courts, insurers, and operators should treat autonomous physical agents as a category in their own right when extending existing frameworks, rather than continuing to assume the autonomous variant of a category fits within the rules built for its non-autonomous predecessor.
What Makes the Category Distinct
Five properties separate autonomous physical agents from any of the prior categories the existing regulatory regimes were designed for. The first is mobility in public or shared space. A robotaxi shares the public road. A humanoid in a retail store shares space with shoppers. A delivery robot shares the sidewalk with pedestrians. The agent is not contained to a controlled environment where bystander interaction is bounded by design.
The second is manipulation and physical force. Humanoids lift, push, and apply force through tool use. Industrial mobile robots move payloads at speed in shared environments. Autonomous trucks operate vehicles with the kinetic energy of any other commercial truck. The agent is capable of changing the state of objects and bodies it encounters, not just observing or transporting them passively.
The third is autonomous decision in environments the operator did not specifically anticipate. Conventional automation executes a programmed sequence in an environment the engineer designed for. Autonomous physical agents make decisions based on perception of environments that vary continuously and contain elements the engineer cannot fully specify in advance. The agent's behavior is bounded by training and policy rather than by explicit programming for the specific situation.
The fourth is remote orchestration. The agent operates under instructions from a fleet management system, an operator interface, or a software agent layer that itself may be remote from both the physical agent and the environment it operates in. Authority for the agent's behavior is distributed across the physical platform, the operator's control infrastructure, and the upstream software that defines the agent's policy.
The fifth is fleet-scale operation. Autonomous physical agents are typically deployed at scale, with one fleet management system controlling many physical platforms. Coordinated misbehavior across the fleet produces consequences with no single-platform equivalent, and the fleet management plane is itself a system that exists outside any of the regimes that govern the individual platforms.
Together, these properties produce a category that no prior regulatory regime was designed for. Each existing regime addresses one or two of the properties at most. The gaps appear in the spaces between regimes, where the autonomous physical agent presents a surface that no single regulator's framework comfortably covers.
What Existing Regimes Cover
Each regulatory body brings a body of law and practice that addresses some portion of the autonomous physical agent surface. The work of constructing the regulatory category begins with seeing what each regime does and does not address.
| Existing Regime | What It Covers Well | Where It Falls Short for Autonomous Physical Agents |
|---|---|---|
| Vehicle safety regulation | Crashworthiness, mechanical safety, driver-vehicle interface standards, recall authority | Assumes a human driver as primary safety actor; limited treatment of fleet management compromise; no framework for coordinated multi-vehicle misuse |
| Industrial machinery safety | Force limits, safety interlocks, hazard analysis methodology, worker protection in proximity to machines | Assumes a stationary or fixed-path machine; limited treatment of mobile robots that move through human environments; no framework for autonomous decision in unanticipated situations |
| Aviation regulation | Airspace management, pilot licensing, airworthiness certification, accident investigation | Designed for piloted aircraft; remote ID and Part 107 cover some autonomous operation but leave gaps in coordinated swarm operation and low-altitude commercial use |
| Public-space regulation | Sidewalk use, building access, civic infrastructure, the rules governing what may occupy shared public space | Assumes human actors with legal accountability; municipal authority is fragmented; limited framework for the autonomous physical agent's presence in shared space |
| Cybersecurity regulation | Information system security, breach notification, cybersecurity requirements for regulated industries | Designed for IT systems; limited integration with physical safety regulation; UN-R 155 partially addresses connected vehicles but does not cover the broader physical agent category |
| Access control and trespass law | Authorized entry to property, building security, the rules governing presence in private space | Assumes human actors who can be granted or denied authorization; limited framework for autonomous physical agents that may appear authorized through uniform or behavior |
| Criminal law | Definition of criminal acts, allocation of intent and culpability among human actors | Categories like robbery, theft, assault, and trespass were defined for human actors; application to autonomous-agent-conducted activity is unsettled in most jurisdictions |
| Product liability | Manufacturer responsibility for defects in design, manufacture, or warning | Conventional defect analysis does not cleanly apply to behavior that emerged from training on data the manufacturer did not author; allocation of responsibility among manufacturer, operator, software vendor, and user is unsettled |
The Specific Legal Vacancies
Several legal questions about autonomous physical agents are not merely under-addressed by existing law. They are unanswered. Each one is consequential, and each one will be resolved by either deliberate legislation, judicial interpretation in early cases, or insurance and contractual practice that fills the gap before law catches up.
The first is the criminal characterization of autonomous-agent-conducted acts. When a humanoid under operator direction removes merchandise from a store, the applicable charge depends on whether the humanoid's physical presence and manipulation capability constitute the force or threat that distinguishes robbery from theft. Robbery statutes were drafted with human actors in mind, and the case law applying them to autonomous-agent-conducted activity is sparse. Some jurisdictions may treat the humanoid as a tool of the operator, making the analysis turn entirely on what the operator did. Others may treat the humanoid's capability as itself constituting force. The question is not academic. Sentencing exposure, prosecutorial discretion, and insurance coverage all turn on which characterization applies.
The second is the allocation of liability when an autonomous physical agent causes harm. A robotaxi collision involves the operator, the manufacturer, the software vendors that supplied components of the agent's stack, and potentially the rider who summoned the trip. A humanoid that drops an object on a passerby involves the operator who directed it, the manufacturer who built it, the AI vendor who supplied the model, and the facility that hosted it. Existing product liability law allocates responsibility based on defect analysis, but the behavior at issue may have emerged from training on data the manufacturer did not author, in response to inputs the manufacturer did not anticipate, executed by a model the manufacturer may not have fully understood. The allocation patterns are being worked out through litigation, contract, and regulatory commentary, with no settled doctrine yet.
The third is the insurance coverage of autonomous physical agent exposure. Auto insurance has products for autonomous vehicle exposure, but the products are not standardized across carriers. Product liability insurance for humanoid manufacturers exists, but typical policies do not contemplate directed criminal use of the product. Cyber insurance is being extended to cover AI-specific risks, but coverage terms vary widely. Facilities deploying humanoids have no settled insurance coverage for third-party harm caused by a humanoid acting outside its intended parameters. The gap will be closed either through deliberate insurance product development or through a major incident that drives the market response. Either path leaves a period in which substantial autonomous physical agent exposure is uninsured or unevenly insured.
The fourth is the public-space presence of autonomous physical agents. Sidewalks, public spaces, and shared environments have rules governing what may occupy them, drawn from municipal ordinances, state law, and federal civil rights frameworks. The application of these rules to autonomous physical agents is fragmented and inconsistent. Some cities have enacted explicit delivery robot ordinances. Some states have preempted municipal authority over autonomous vehicles. Some jurisdictions have no framework at all for the autonomous physical agent in shared space. The patchwork creates compliance complexity and leaves substantial questions about who has authority over the agent's presence and behavior in public.
The fifth is the criminal accountability for cyber-physical compromise of autonomous physical agents. When an attacker compromises a humanoid or a robotaxi and uses it to commit a physical crime, the attacker is criminally responsible, but the analysis runs through computer fraud statutes that were not designed for crimes whose immediate vector is an autonomous physical agent. The intersection of computer crime law and physical crime law is unsettled, and the prosecutorial path for these cases has not been worked out in practice because the cases have not yet been prosecuted in significant numbers.
What a Coherent Regulatory Category Requires
A coherent regulatory category for autonomous physical agents would not need to be a single statute or a single regulator. It would need to be a deliberate analytical frame that policymakers, regulators, courts, and operators apply when constructing or extending rules that affect autonomous physical agents. Several structural elements would constitute such a frame.
The first is recognition of the category as such. Treating autonomous physical agents as an extension of vehicles, industrial machinery, or computer systems systematically misses the cross-cutting properties that define the category. Recognition does not require unified legislation. It requires that regulators in each existing regime explicitly address autonomous physical agents when extending their frameworks, and that they coordinate across regimes where the agent's behavior crosses regulatory boundaries.
The second is machine identity as a regulatory requirement. An autonomous physical agent without a verifiable identity tied to an accountable operator is a category problem in its own right. The agent cannot be attributed after an incident. It cannot be held accountable through any mechanism. It cannot be insured cleanly. Identity is the foundation that downstream regulatory mechanisms depend on, and several jurisdictions are moving toward identity requirements for autonomous physical agents through different statutory paths.
The third is fleet-level governance. Single-agent regulation does not address the fleet-level properties that distinguish autonomous physical agents from their non-autonomous predecessors. Coordinated misbehavior across a fleet, orchestration-layer compromise, and aggregate effects across many agents are properties that require regulatory frames operating at the fleet level rather than the individual platform level.
The fourth is integration of cyber-physical accountability. The autonomous physical agent's behavior emerges from the interaction of physical platform, software, training data, operator instructions, and environmental input. Accountability frameworks that focus on one component without addressing the others systematically miss the surface. Integration requires regulators with expertise across the components, or coordination mechanisms that bring the relevant expertise together when a case requires it.
The fifth is borrowed frameworks rather than invented ones. The legal and regulatory tools needed for autonomous physical agents already exist in adjacent fields. Anti-money-laundering operates at the transaction-network level. Aviation security operates at the airspace-system level. Telecommunications traceability operates at the network level. Each provides a model for how to think about regulating activity that operates across many participants and many touchpoints, which is the structural condition autonomous physical agents present.
The Transitional Path
The autonomous physical agent category will not be constructed by waiting for unified legislation. The field is past the point where that is feasible, and the deployment curve continues regardless of regulatory readiness. The transitional path involves working within existing regimes while building the analytical frame that the category requires.
For regulators, the work is to address autonomous physical agents explicitly when extending existing frameworks, to coordinate across regulatory boundaries where the agent's behavior crosses them, and to participate in the international and standards-body work that is converging on cross-jurisdictional approaches. For courts, the work is to address autonomous physical agent cases on their own terms rather than forcing them into doctrinal categories that do not fit, while remaining grounded in the doctrines that do apply. For operators, the work is to build identity, attestation, audit logging, and accountability practices that will satisfy whatever regulatory regime emerges, and to engage with regulators and policymakers in shaping it. For insurers, the work is to develop products that address the actual exposure rather than excluding autonomous physical agent risk by silence or by broad exclusion. For policy analysts and academics, the work is to develop the analytical vocabulary the field needs faster than the deployment curve forces decisions in its absence.
The category will be constructed through this distributed work rather than through a single regulatory act. The argument here is not that the work should be deferred until the category is formally recognized, but that the work should proceed with explicit awareness that autonomous physical agents are a category in their own right, deserving deliberate treatment rather than being forced into the rules built for their non-autonomous predecessors.
Related Coverage
Physical Agents | Criminal Law & Unsettled Categories | Liability & Product Law | Insurance & Underwriting Response