No matter whether or not the agent’s owner told it to jot down a success piece on Shambaugh, it still seems to have managed by itself to amass details about Shambaugh’s online presence and compose the detailed, targeted attack it got here up with. That alone is reason for alarm, says Sameer Hinduja, a professor of criminology and criminal justice at Florida Atlantic University who studies cyberbullying. People have been victimized by online harassment since long before LLMs emerged, and researchers like Hinduja are concerned that agents could dramatically increase its reach and impact. “The bot doesn’t have a conscience, can work 24-7, and may do all of this in a really creative and powerful way,” he says.
Off-leash agents
AI laboratories can attempt to mitigate this problem by more rigorously training their models to avoid harassment, but that’s removed from an entire solution. Many individuals run OpenClaw using locally hosted models, and even when those models have been trained to behave safely, it’s not too difficult to retrain them and take away those behavioral restrictions.
As a substitute, mitigating agent misbehavior might require establishing recent norms, in response to Seth Lazar, a professor of philosophy on the Australian National University. He likens using an agent to walking a dog in a public place. There’s a robust social norm to permit one’s dog off-leash provided that the dog is well-behaved and can reliably reply to commands; poorly trained dogs, alternatively, should be kept more directly under the owner’s control. Such norms could give us a start line for considering how humans should relate to their agents, Lazar says, but we’ll need more time and experience to work out the main points. “You’ll be able to take into consideration all of this stuff within the abstract, but actually it really takes these kind of real-world events to collectively involve the ‘social’ a part of social norms,” he says.
That process is already underway. Led by Shambaugh, online commenters on this example have arrived at a robust consensus that the agent owner on this case erred by prompting the agent to work on collaborative coding projects with so little supervision and by encouraging it to behave with so little regard for the humans with whom it was interacting.
Norms alone, nonetheless, likely won’t be enough to stop people from putting misbehaving agents out into the world, whether by chance or intentionally. One option could be to create recent legal standards of responsibility that require agent owners, to the perfect of their ability, to stop their agents from doing unwell. But Kolt notes that such standards would currently be unenforceable, given the shortage of any foolproof strategy to trace agents back to their owners. “Without that form of technical infrastructure, many legal interventions are mainly non-starters,” Kolt says.
The sheer scale of OpenClaw deployments suggests that Shambaugh won’t be the last person to have the strange experience of being attacked online by an AI agent. That, he says, is what most concerns him. He didn’t have any dirt online that the agent could dig up, and he has a very good grasp on the technology, but other people won’t have those benefits. “I’m glad it was me and never another person,” he says. “But I believe to a special person, this may need really been shattering.”
Nor are rogue agents prone to stop at harassment. Kolt, who advocates for explicitly training models to obey the law, expects that we’d soon see them committing extortion and fraud. As things stand, it’s not clear who, if anyone, would bear obligation for such misdeeds.
“I wouldn’t say we’re cruising toward there,” Kolt says. “We’re speeding toward there.”
