As one of the most fast-paced sectors, retail often leads the way when it comes to the practical application of new technologies. Classic retail functions, from pricing and demand optimisation to charting the customer journey and personalisation, have long been powered by AI.
The next destination? The rise of agentic AI.
What is agentic AI?
Just like artificial intelligence in general, agentic AI does not have a universally accepted definition. To make things more complicated, it is common that agentic AI and AI agents are used interchangeably, although they are not synonymous and there are important differences between the two.
In simple terms and for the purposes of this article, agentic AI refers to the overall system or framework that sets the goals and direction, while AI agents are like the individual workers or tools carrying out specific tasks to achieve those goals. Think of agentic AI as the manager who plans what needs doing, and AI agents as the employees who do the work.
Agentic AI applications in retail
The potential uses of agentic AI in retail are vast. Here are some prominent examples already shaping the industry.
Customer engagement
Sits at the core of most retail businesses, and agentic AI is revolutionising this area. Advanced AI systems can now handle complex customer queries, process returns, resolve billing issues, and even negotiate tailored offers while maintaining brand-consistent, natural conversations. Major fashion retailers, for instance, are employing AI agents to interpret customer preferences, suggest personalised outfits, and arrange bespoke styling sessions.
Supply chain management
Agentic AI is driving efficiency through autonomous inventory systems that forecast demand, optimise stock, and automatically order from suppliers. These solutions analyse factors like seasonal trends, local events, weather, social media sentiment, and economic data to ensure the right products are in the right places, helping leading stores respond to fluctuating demand throughout the year.
Store operations
It not just online either; agentic AI is also transforming physical shops. AI agents autonomously oversee store operations, such as monitoring conditions, adjusting lighting and temperature, managing queues, and responding to security incidents. Some retailers are even trialling fully autonomous stores where AI agents manage everything from stock monitoring to customer support, requiring little day-to-day human intervention.
Legal implications
Deploying any autonomous system requires careful legal considerations beforehand. The UK has taken a pro-innovation approach to AI, meaning there's no general law like the EU AI Act. This doesn’t mean however, that use of AI would fall outside of regulation altogether. Quite the contrary; retailers must comply with UK GDPR/GDPR, the Data Protection Act 2018, and related laws, focusing on consent, data minimisation, and the rights around automated decisions.
Packages
When considering agentic AI in retail, organisations must ask key legal questions. First, assess the purpose and use cases, then decide whether to build the system in-house or buy from a third party. Most choose external solutions, which need a thorough vetting process. This should cover at least things like technical suitability, data governance, cybersecurity, regulatory compliance, transparency, explainability, performance monitoring, integration, and change management, on top of organisation specific requirements.
Liability
Liability can be complicated if autonomous systems cause harm. While the UK lacks specific AI liability laws, common law can address these issues, and some sectors like autonomous vehicles have tailored rules. As greater autonomy is at the heart of agentic AI, organisations need to have deep understanding of the logic and capabilities of the system and ensure that liability questions and limitations have been comprehensively agreed with the provider and, where appropriate, with the customers.
Transparency
In terms of consumers, the importance of transparency and explainability cannot be overemphasised. Although the UK legislation does not have the same requirement for explainability as the EU AI Act, transparency requirements of other regulations (such as the data protection legislation) may lead to similar result.
Data protection
Data protection and privacy is also critical in situations where these systems handle large amounts of personal data. Retailers must comply with GDPR, the Data Protection Act 2018, and related laws, focusing on consent, data minimisation, and the rights around automated decisions. Transparency and explainability are essential, especially when decisions affect individuals. For example, the requirement to provide details of the logic of automated decision making follows directly from the data protection legislation.
Consumer protection laws also apply. When AI agents interact with customers, sell products, or recommend items, organisations must ensure fair trading, avoid misleading claims, and maintain a duty of care, even with autonomous systems.
Conclusion
In summary, retailers introducing agentic AI must be ready for greater regulatory oversight and compliance demands. As AI agents become increasingly capable of running entire business functions, legal professionals will need to keep pace with emerging challenges and adapt to new legal questions. Achieving success will require not only technological progress but also strong legal safeguards that protect consumers and foster innovation.
Contact

Saara Leino
Professional Development Lawyer
saara.leino@brownejacobson.com
+44 (0)330 045 1289
You may be interested in...
Guide
The rise of agentic AI in retail
Legal Update
Cookie compliance crackdown: SHEIN fined €150 million by CNIL
Legal Update
Individual pricing, or there and back again: What UK businesses can learn from Delta’s AI pricing U-turn
Legal Update
The rise of AI shopping: Is it the end of retailers’ direct relationship with customers?
Legal Update
Beyond shrinkage: Tackling the impact of retail crime
Legal Update
Privacy implications of facial recognition technology (FRT) in retail security
Press Release
Browne Jacobson advises SKIMS on lease of a landmark Regent Street store
Legal Update
The M&S cyber attack: Lessons for UK retailers
Legal Update
Hyper-personalisation: Key considerations for organisations implementing AI solutions
Published Article
Cloud Computing guide 2024
Legal Update
Why digital marketers need to comply with cookie regulations to avoid their campaigns being disrupted
Legal Update
EDPB guidelines: Processing personal data in the context of AI models
Legal Update
Children’s personal data: Retailers beware of new regulatory changes
Legal Update
Understanding the ICO's new fining guidance
Opinion
The Metaverse's influence on real estate: Implications for commercial retail clients and law firms
Legal Update
Data reform in the UK
Since the UK left the EU and are now able to move away from the EU data protection regime, the UK government have implemented a national data strategy with the aim of reducing the burden on organisations but maintaining a high data protection standard.
Published Article
Top tips for implementing ‘Data Protection by Design & Default’
The GDPR requires all businesses to implement ‘Data Protection by Design & Default’ but what does that mean in practice and how can businesses practically comply?
Video
Data protection update
As part of our regular updates for in-house lawyers, Richard takes a look at what has changed in data protection law over the last six months