Strategic AIAIWhat Companies Should Measure Before Investing in AI Agents
A practical guide to prioritize AI and automation with measurable operational impact.
Vint Cerf co-designed TCP/IP — the protocol suite that made every email, video call, and cloud transaction possible. Without that work, there is no internet as we know it. Now, almost five decades later, Cerf is working on a different but equally foundational challenge: how to tell whether the entity operating on the internet is a human, a bot, or something in between.
According to TechCrunch, Cerf is developing a standard for identifying AI agents on the open internet. The effort is early-stage, but the intent is clear — before the web fills with autonomous agents transacting, browsing, booking, and negotiating on behalf of companies and individuals, it needs a way to know what it's talking to.
This is not a minor piece of infrastructure. It may become the TCP/IP of the agentic web.
When a person visits your website, signs a contract, or places an order, there is a chain of accountability. You can trace it to a legal entity. That chain breaks the moment an AI agent does the same thing.
Right now, most AI agents on the internet are invisible. They operate behind human accounts, under company credentials, or through APIs that don't distinguish between a human click and an automated instruction. This creates a genuine governance gap — not a theoretical one.
Consider a few scenarios already happening in enterprise settings:
In none of these cases does the counterpart system know it's dealing with an AI. And in none of them is there a clear standard for what the AI is, who operates it, or what constraints it runs under.
Cerf's work targets this gap directly.
While the specifics are still being developed, the concept draws on decades of thinking about digital identity. The core idea: AI agents should carry verifiable credentials that identify their operator, their capabilities, and their limits.
Think of it less like a passport and more like a digital certificate. The same way HTTPS established trust between browsers and servers by binding a domain to a cryptographic identity, an agent identity standard would bind an AI agent to its operator, its intended scope, and perhaps its compliance posture.
This matters because the internet was not designed with agents in mind. HTTP, DNS, and the underlying protocols assume a human is ultimately responsible for a request. That assumption is already breaking. Cerf's proposal, if adopted, would update it.
Many executives in LATAM see agent identity as a technical matter — something for developers to worry about when the standard lands in two or three years. That framing is costly.
Here is what is already playing out:
Vendor and partner contracts are not written for agents. Most service agreements assume a human user. When your AI agent acts on your behalf — committing budget, accepting terms, triggering SLAs — you may have zero legal coverage. A formal identity standard would create the scaffolding for contracts that explicitly include agents as parties.
Regulatory exposure is increasing faster than compliance frameworks. Colombia, Mexico, and Argentina are each at different stages of AI governance development, but the direction is consistent: accountability for automated decisions is moving toward the operator, not the AI developer. An identity layer makes that accountability traceable in court.
Trust is the bottleneck in B2B automation. When you connect your automation stack to an external system — an ERP, a supplier portal, a financial platform — one of the first questions that comes up is: how does the other side know who is making these requests? Today, the answer is API keys and shared credentials. Tomorrow, it may be agent certificates with verifiable scope.
The fact that Vint Cerf is involved matters beyond credentials. Cerf has spent his career working on infrastructure problems that take ten to twenty years to become invisible — meaning they work so well that nobody thinks about them anymore. TCP/IP is invisible. TLS is invisible. The effort to give AI agents a traceable identity is in the same category.
That timeline has practical implications for decisions you're making now:
Design your agent architecture with attribution in mind. Every action your AI agent takes should be traceable to a human decision-maker within your organization. Not because the law requires it today, but because when it does, retrofitting attribution into an existing system is expensive and disruptive.
Avoid agent sprawl. It is tempting to spin up agents for every process. The companies that will have the cleanest migration to an identity-standard world are those that maintain a coherent map of what their agents do and who owns each one internally.
Think about your suppliers and clients, not just your own stack. If a key supplier moves to agent-to-agent contracting, you need to be ready to participate. If a major client starts requiring agent identity disclosure before allowing automated access, you need to be able to provide it on short notice.
For forty years, the internet was built around humans. Protocols assumed human latency, human intent, human accountability. The rise of AI agents breaks every one of those assumptions.
Cerf's work is an acknowledgment that the internet needs a new layer — not a replacement, but an extension that makes the coexistence of humans and agents legible to every system involved. An open internet populated by unidentifiable autonomous agents is not a stable equilibrium. Someone was going to have to solve it.
The fact that it's the person who designed the original architecture of the internet is, if nothing else, a signal of how fundamental the problem is.
For companies in Latin America building automation today, the question is not whether to care about this. It's whether to build in ways that will work in the world this standard is trying to create — before it becomes the only way to operate.
Schedule a free consultation with our team and discover how AI can transform your operations.
Schedule a consultation
Strategic AIAIA practical guide to prioritize AI and automation with measurable operational impact.
Strategic AIAIRAG retrieves. Fine-tuning reshapes. Understanding the difference protects your team from months of wrong decisions—and wasted budget.
Strategic AIAILLMs don't fail because they forget—they fail because they remember too much. Here's how a prompt-pruning layer cuts cost, latency, and noise in production AI.