I was recently speaking with a product leader at a media company about personalization across e-commerce and media, when the conversation turned to the future of personalization.
Broadly speaking, site owners have to deal with two types of audiences:
- Frequent flyers: high-intent, high-signal users whose behavior you can model richly — but mostly within the boundaries of your property.
- Drive-bys: users who show up a few times a year, leave sparse traces, and look indistinguishable from one another… until they don’t.
Historically, personalization has been the art of extracting meaning from those traces: ranking inventory for known users, offering incentives and “best sellers” for unknown ones, and hoping both paths increase retention, repeat visits, and growth.
Now I think we’re approaching a discontinuity: the user’s primary personalization engine may no longer live on your site at all — because the agent is becoming the interface.
The agent as the new personalization center of gravity
Here’s the observation that keeps nagging at me: my personal agent — yes, OpenAI’s ChatGPT in my case — can often contextualize my requests with minimal prompting, across topics and time. It increasingly behaves like a “memory + intent + planning” layer that travels with me.
If that’s true, what happens to the traditional premise of on-site personalization?
- A retailer knows my browsing and purchase history on that retailer.
- A media app knows my watch history on that app.
- But my agent could know what I’m researching, what I’m planning, what I’m price-sensitive about this month, what gifts I’m buying, and what my constraints are — and it can carry that context across every property.
In the agentic world, the cold-start problem doesn’t disappear — it moves:
from “we don’t know this user”
to “we don’t know this agent’s intent representation, and we don’t know what it will reveal.”
Recent developments make this feel less like conjecture and more like a roadmap.
Universal Commerce Protocol (UCP): standardizing the commerce workflow
Google has introduced the Universal Commerce Protocol (UCP) as an open-source standard meant to standardize interactions across the full commerce journey via shared primitives — connecting “consumer surfaces” to merchant backends and payment providers.
Google’s own reference implementation targets conversational surfaces like AI Mode in Search and Gemini, enabling direct purchasing with stored payment and shipping details via Google Wallet/Google Pay. And importantly, UCP is described as interoperable with adjacent protocols like:
- AP2 (Agent Payments Protocol)
- A2A (Agent2Agent Protocol)
- MCP (Model Context Protocol)
What’s striking is what this implies: the “website” becomes optional. The workflow becomes the product.
Agentic Commerce Protocol (ACP): structured state + merchant tools
On the OpenAI side, the Agentic Commerce Protocol (ACP) is framed as an open standard (co-developed with Stripe) that allows agents to reason over structured checkout state, invoke merchant tools step-by-step, and complete purchases.
Merchants provide a product feed and implement checkout endpoints; “Instant Checkout” in ChatGPT is positioned as the first major consumer experience built on it.
Across both UCP and ACP, there’s a common underlying theme:
Expose inventory and capabilities in standardized ways; let agents orchestrate the customer journey.
Which raises the question: if agents orchestrate the journey, where does personalization live?
Three architectures for personalization in an agent-mediated world
1) Agent-only personalization: “Just give me the feed”
In this model, the merchant publishes inventory (structured feeds, availability, constraints). The agent does the ranking and re-ranking using its user model.
Pros
- Great user experience: consistent preferences across all merchants.
- Less dependence on cross-site identity.
Cons
- The merchant loses a major differentiation lever (on-site UX + personalization).
- Harder for merchants to learn: the agent “absorbs” the behavior signal.
- Increased risk of commoditization: suppliers become interchangeable.
Big question: If the agent owns ranking, what is the merchant’s moat — price, brand, fulfillment, or exclusive inventory?
2) Merchant-only personalization: “Send me the user”
This is the traditional approach extended into protocols: the agent provides identity (or an account link), and the merchant returns personalized results.
This is where “universal ID” conversations show up — a “persistent, anonymous, shared identifier” built from first-party data that can recognize a user across the web (one explainer is here).
Pros
- Merchants keep their learning flywheel and LTV models.
- Loyalty, pricing, and promotions can remain merchant-driven.
Cons
- Consent and privacy become central.
- Users may not want to “carry identity” everywhere.
- Agents become reluctant brokers of identity.
Big question: Will users opt into portable identity, or will the default be privacy-preserving anonymity with selective disclosure?
3) Hybrid personalization: “Share preferences, not identity”
This is the most interesting — and messy — path: the agent shares some information to improve results without handing over a universal user identifier.
The exchange could look like:
- Structured: a compact preference vector; constraints; budget ranges; brand exclusions; shipping thresholds; accessibility needs.
- Natural language: “User prefers minimalist design, neutral colors, size M, hates loud logos, delivery by Friday.”
- Verified claims: “User is eligible for a student discount” or “loyalty tier = gold” without revealing the underlying account.
UCP explicitly names “identity linking” as a supported capability and positions trust/accountability as a design goal — hinting that selective linkage is expected.
Big questions
- What is the “minimum viable preference payload” that meaningfully improves ranking?
- Who defines the schema — the protocol, the agent, or each merchant category?
- How do we prevent sensitive leakage (health, finances, family status) through “helpful context”?
The agentic top of funnel
If discovery happens in the agent, then “top of funnel” moves there too. That creates a tension:
- Users want “best for me.”
- Merchants want “best for margin / inventory / strategic priorities.”
- Surfaces (search engines, assistants) historically monetize discovery.
Both UCP and ACP are careful to claim merchants keep customer relationships. But the economic gravity of discovery may relocate to the agent (or at least to agent-mediated surfaces).
We’re already seeing early signs of agentic discovery driving a new kind of ads marketplace. The transition goes beyond simply showing ads to users; it shifts toward influencing the agent algorithms that act on their behalf.
It will be interesting to see what “fairness” means when the agent is optimizing across user preferences, merchant incentives, and surface monetization.
Measurement: the part nobody has solved yet
Today, personalization teams live on:
- click-through and conversion rates,
- incremental lift,
- cohort retention,
- long-term value.
But agentic journeys compress and rewrite funnels:
- fewer pageviews,
- fewer explicit interactions,
- more “invisible deliberation” inside the agent.
If the agent does comparison shopping and returns one answer, what does experimentation even look like?
New measurement questions
- How do merchants run A/B tests when the agent controls presentation?
- What is the new attribution unit: an agent session, an intent, a task, a plan?
- How do we debug ranking regressions when the agent is doing part of the ranking?
Trust and adversarial risk
These new models of personalization also introduce a number of risks.
For example, malicious agents could send false information to poison a site’s user model.
And in the opposite direction, merchants (or affiliates) could manipulate product descriptions or reviews — or even attempt prompt injection — to influence agent rankings and behavior.
There is also potential for fraud loops — for example, agent-mediated purchases plus returns abuse plus coupon exploitation.
UCP’s emphasis on an “accountability trail” suggests the ecosystem expects to need auditability and trust guarantees.
Some questions
- What does “trust” mean for a product feed: verified provenance, signed payloads, reputation scores?
- Will we need “agent reputation” the way we have seller reputation?
- How do we rate-limit or sandbox “preference updates” so a single malicious interaction doesn’t corrupt long-term models?
So what should a site personalization strategy become?
Personalization in an agent-mediated world is rapidly evolving, driven in particular by agentic commerce. We’ve touched on a number of open questions, principally:
- Where will the canonical user model live — agent, merchant, or a hybrid?
- What does consent look like when personalization is negotiated between software agents?
- How will discovery be monetized, and how will “sponsored” remain trustworthy inside conversations?
- What becomes of experimentation, attribution, and debugging when the funnel is partially invisible?
- What new attack surfaces emerge when “preference” becomes an API input?
If agents win, “personalization strategy” for a site may stop meaning “better recommendations on our pages” and start meaning:
- Be legible to agents: clean structured feeds, reliable metadata, transparent policies, predictable constraints.
- Be integrable: implement protocol primitives so the agent can transact, track, and resolve issues.
- Be differentiable: exclusive inventory, fulfillment excellence, authentic brand voice, durable loyalty economics.
- Be privacy-credible: clear consent, selective disclosure, strong data minimization.
- Be robust under adversarial pressure: defend feeds, defend state, defend measurement.
And perhaps most importantly:
Stop assuming your website is where the customer relationship lives.
Start assuming the relationship lives — at least partially — in the agent, and you must earn a place in its interactions.
—SriG
SriG's Blog 
Leave a comment