Cloudflare has announced an initiative to create a privacy-preserving protocol called PACT that aims to standardize the management of agentic AI, with the end goal of reducing friction for users and websites. The new protocol will make it easier for AI bots to interact with websites by proving there is a human in the loop, enabling AI agent functionality while blocking bad bot websites they don’t want.
Cloudflare underpins much of the Internet’s infrastructure and increasingly provides infrastructure for AI agents, including systems capable of hosting and blocking AI bots.
For example, Cloudflare launched Cloudflare Agents, a framework that allows developers to deploy AI agents. Its infrastructure interacts with local LLMs through Cloudflare tunnels, OpenClaw offers native integration with Cloudflare AI Gateway, and Chinese LLMs can also be routed through Cloudflare’s gateway. Many of its services, like temporary Cloudflare accounts, are free.
It makes strategic sense for Cloudflare to play a leading role in advancing PACT, as the protocols and systems will manage the agentic AI bots that its systems increasingly host.
Browsers and Shopify are on board
Browser makers Google Chrome, Microsoft Edge and Mozilla Firefox have committed to helping develop the new open protocol. Shopify was also mentioned in the announcement as a participant.
Ilya Grigorik, former engineer and developer advocate at Google, led the launch of the Chrome User Experience (CrUX) report and is now a Distinguished Engineer and Technical Advisor at Shopify. He explained that PACT is a way to help merchants increase sales while protecting e-commerce stores from abusive bots. He said users will be able to take advantage of agentic AI features without sacrificing privacy control.
Grigorik explained:
“In commerce, every additional challenge, delay, or false positive can turn a purchase into an abandoned cart. Merchants need effective protections against automated abuse, but buyers shouldn’t have to pay for them with unnecessary friction or invasive tracking. Shopify is proud to help develop PACT as an open, privacy-respecting standard that can help the millions of businesses on our platform distinguish legitimate buyers and authorized agents from abusive traffic while preserving buyer privacy.”
Private Access Control Tokens (PACT)
Cloudflare’s announcement was opaque about how the new system would work, using jargon “like sites with strong ‘personality’ awareness” to describe how the system would work.
Cloud Flare explain:
“Private Access Control Tokens (PACT) are designed to allow sites with strong knowledge of ‘personality’ to issue anonymous tokens. A user’s browser can then provide these tokens to other sites to prove that a human is in the know, reducing the need for annoying, clunky captchas or invasive tracking. PACT is designed so that sites cannot exploit it to track or identify users or their browsing history.”
PACT is supported by many major browser manufacturers and Shopify is already participating. It’s not yet deployed and no timeline has been announced for the new protocol, but Cloudflare sees PACT as another way to tie global agentic AI into its infrastructure:
“Use PACTE on the Cloudflare network raises the bar for online reliability and integrity without the traditional costs.
Unanswered questions
PACT is not a product or a service, it is a protocol for managing the trust of AI agents across the Internet. Cloudflare puts its infrastructure at the center: “PACT on the Cloudflare network raises the bar for online reliability and integrity, without the traditional costs. »
Major browser makers Google Chrome, Microsoft Edge and Mozilla Firefox are participating in the development of PACT, positioning it as a protocol that could become part of the web’s underlying trust infrastructure when it comes to AI agents. This is important because protocols dictate the boundaries, rules, and control of an entire ecosystem.
The objective of this new protocol is to promote trust while guaranteeing user confidentiality. Cloudflare gains greater control over AI agent infrastructure.
PACT leads to a post-CAPTCHA Internet
One of PACT’s inherent qualities is that it takes the web beyond traditional anti-bot defenses like CAPTCHAs, forced logins, browser fingerprinting, and invasive tracking. These approaches were designed for a human web where links are clicked. Agentic AI with humans involved is a game changer, as bots are now expected to take on the roles the web was designed for. This is the problem that the PACT standard aims to solve, a new way of spreading trust on the web agent.
Who defines personality?
Cloudflare says that sites with strong “personality” knowledge will issue anonymous trust tokens, but it doesn’t explain who those issuers will be. Will it be e-commerce sites? Will Cloudflare issue the trust tokens? This important detail was omitted from Cloudflare’s announcement. This sounds like a third-party trust signal, meaning access control could shift from individual websites to the platforms, browsers and infrastructure providers that decide which humans, robots and AI agents are recognized as trustworthy.
Featured image by Shutterstock/selinofoto
