Skip to main content
COMPEL Body of Knowledge
Get Certified Platform
AITM M1.6-Art61 v1.0 Reviewed 2026-04-06 Open Access
M1.6 People, Change, and Organizational Readiness
AITF · Foundations

Case Study — Moffatt v. Air Canada (2024 BCCRT 149) as an Agentic Governance Failure

Case Study — Moffatt v. Air Canada (2024 BCCRT 149) as an Agentic Governance Failure — Organizational Change & Culture — Applied depth — COMPEL Body of Knowledge.

10 min read Article 61 of 18

COMPEL Specialization — AITM-AAG: Agentic AI Governance Associate Case Study 1 of 1

Why this case

The Moffatt v. Air Canada decision is the most useful teaching case currently available for an agentic-governance specialist. It is a public legal ruling, at a publicly available citation, issued by a government tribunal, and it addresses directly the question that agentic deployments raise: when an agent acts on behalf of an organisation and the action causes harm, where does the legal responsibility sit?

The tribunal’s answer — that the deployer is responsible — was widely reported, not because it was surprising to governance specialists but because the airline’s argument (that the chatbot was a “separate legal entity”) indicates how little governance posture the deployment had. The case teaches three lessons at once: the legal consequence of weak agentic governance, the specific design gaps that produced the incident, and the governance artifacts (taught in this credential) that would have prevented it.

Source: https://decisions.civilresolutionbc.ca/crt/sc/en/item/525448/index.do.

The facts

In November 2022, Jake Moffatt was seeking to travel for a family bereavement. He visited Air Canada’s website and engaged the customer-service chatbot to inquire about bereavement-fare reductions. According to the tribunal’s decision, the chatbot told Moffatt that he could book full-fare tickets and apply for a bereavement-fare refund within 90 days of travel.

Moffatt booked full-fare tickets on that advice, travelled, and then submitted the refund request. Air Canada declined. The airline’s actual policy required the bereavement-fare application before travel, not after. The airline’s position in the tribunal proceeding was that the chatbot’s statement was incorrect, and that Air Canada was not bound by it.

In the course of the dispute, Air Canada argued that the chatbot “is a separate legal entity that is responsible for its own actions.” The tribunal rejected that argument. In the ruling’s most-quoted passage, the tribunal held that Air Canada is responsible for all information on its website — it does not matter whether the information comes from a static page or from a chatbot. The airline was ordered to pay Moffatt the difference between the full fare he paid and the bereavement fare he should have been quoted, plus tribunal fees.

The case read as an agentic-governance failure

Mapping the case against the fourteen articles of this credential reveals the governance gaps.

Article 1 — was this agentic?

The chatbot in question was at the low end of the autonomy spectrum — probably Level 1 or Level 2 in the Article 3 rubric. It was a question-answering assistant rather than a multi-step autonomous agent. The case nonetheless teaches agentic governance because the generalisation holds: if a relatively simple chatbot produced this outcome, an autonomous-executor-class agent in the same organisation with the same governance posture would produce a worse one.

Article 2 — was the chatbot in the inventory?

The public record does not disclose whether Air Canada maintained an agent inventory or whether the chatbot was formally governed. The tribunal’s decision implies that the airline had not considered the chatbot’s capability to make policy-binding statements until the ruling arrived. An inventory that classified the chatbot correctly would have forced the organisation to confront that question before the incident.

Article 3 — was autonomy classified?

No evidence of formal classification appears in the public decision. A Level 1 or Level 2 classification, properly conducted under the four criteria of Article 3, would have considered:

  • Cadence: single-turn; human (user) is in the loop per turn.
  • Reversibility: advice only; the customer acts on the advice.
  • Tool surface: narrow.
  • Consequence severity: medium to high (financial advice to customers).

The fourth criterion — consequence severity — is where the classification failed in effect. The severity was underestimated. Ad hoc advice to customers about refundable-fare eligibility is a consequential action masquerading as a conversational one.

Article 4 — authority chain

The authority-chain question is the heart of the case. Under whose authority did the chatbot make a statement about Air Canada’s bereavement-fare policy?

  • The organisational decision right to set fare policy sits with Air Canada’s revenue function.
  • The delegating principal was, nominally, customer service — but customer service did not delegate an explicit authority to the chatbot to state policy.
  • The deployment authority was the website team.
  • The agent identity was the chatbot.
  • The action scope was implicit rather than explicit.

The chain was not written. The airline’s tribunal argument — that the chatbot was a separate legal entity — was in effect an attempt to reason as if the chain did not exist. The tribunal’s rejection closed that path.

A written chain that said, explicitly, the chatbot is authorised to describe Air Canada’s published policies to customers, within the scope of those policies as they appear on the publisher’s website, and is not authorised to describe any policy variation not published would have driven a technical control preventing the chatbot from emitting the wrong advice.

Article 5 — human oversight

Human oversight, in the Article 14 sense, does not appear to have been materially present. The chatbot’s outputs were not sampled for accuracy; the outputs were not compared against policy before reaching the user; there was no runtime intervention path; the stop-go authority, if held, was not exercised.

Automation bias also applies: the user had no reason to doubt the chatbot; the chatbot had no mechanism to signal uncertainty. Article 14(4)(b) — the requirement that operators be aware of automation-bias tendency — is often framed as the operator’s protection; it is also the user’s protection, via disclosure and confidence calibration.

Article 6 — tool-use governance

The chatbot’s tool for “stating policy” was, in effect, free-text generation. There was no allow-list, no parameter schema, no result sanitisation against policy. If the chatbot had been designed with a policy-answer tool that queried a structured policy store — with the generated answer then checked against the store before being emitted — the incident would not have occurred. The design instead allowed the model to produce policy content from its training data and context, without validation.

Article 7 — memory and grounding

The chatbot’s claimed policy was not in Air Canada’s actual policy. Either the chatbot was confabulating or its memory / context contained incorrect content. In either case, the memory-governance regime (scope of what the chatbot was permitted to state, validation of writes, defence against drift) was absent. A grounded retrieval system drawing from the authoritative policy source would have been a direct mitigation.

Article 9 — risk taxonomy

The incident is a hallucination cascade (Category 8 in Article 9). The chatbot produced output that was confidently wrong; the user acted on it; the consequence compounded. The fact that the agent was simple does not protect against the cascade; it merely scales the scope of the eventual incidents.

Article 10 — observability

Public details are limited, but the fact that the airline first learned of the chatbot’s statement through the customer dispute, rather than through its own observability, indicates that the observability was either absent or not connected to governance review. An observability stack that sampled chatbot outputs, compared them against policy, and alerted on deviations would have caught the pattern before Moffatt’s case reached the tribunal.

Article 11 — incident response

The incident response, when it came, was adversarial litigation rather than a governance review that owned the error and remediated. The “separate legal entity” argument is the outward expression of a weak internal posture. A prepared organisation would have acknowledged the chatbot’s statement as the organisation’s statement, honoured the customer’s reliance, corrected the underlying issue, and produced a public post-incident note. The alternative played out in public over a year and produced a tribunal decision that is now permanent jurisprudence.

Article 12 — regulatory posture

The case predates full application of the EU AI Act and was decided under Canadian consumer-protection and civil-claim law. Had the airline operated the same deployment in the EU after the Act’s application, the posture would have been worse: Article 50 transparency obligations apply (the AI nature of the chatbot must be disclosed, which may have been the case), and depending on high-risk classification determinations, Article 26 deployer obligations and Article 14 oversight design would have been formally required.

Article 14 — what the governance pack would look like

If the chatbot had a governance pack before deployment, with the fourteen sections of Article 14 populated, each section would have contained a control that either prevented the incident or detected it early. The absence of the pack is the single summary of the failure.

Lessons for the specialist

Lesson 1 — simple agents are not low-risk agents

The chatbot was technically simple. The consequence was not. The governance analyst should not use architectural simplicity as a justification for thin controls. Consequence severity, not architectural depth, drives the control level.

Lesson 2 — the “separate legal entity” instinct is the tell

When an organisation, on incident, reaches for “the chatbot is responsible for its own actions,” the chain was not written. The tell does not appear in the public record of the ruling alone; it appears in private crisis calls across many organisations. The governance analyst’s job is to ensure the chain is written before the call.

Lesson 3 — policy-statement agents need policy-gated outputs

An agent whose function includes describing the organisation’s published policies needs to draw from the authoritative policy store and have its outputs checked against it. Free-text generation of policy content is a design pattern to avoid. Retrieval-augmented, grounded, validated — these are the governance design requirements.

Lesson 4 — disclosure and confidence matter

The user in Moffatt received advice with no signalled uncertainty. The governance analyst can specify confidence disclosure (the system says “according to Air Canada’s policy page, which I read on DATE…”) and uncertainty disclosure (the system offers to route to a human agent for policy clarifications). Neither is technically difficult; both are design decisions.

Lesson 5 — the incident-response posture is part of the governance

Air Canada’s post-incident posture amplified the harm. A prepared organisation with a written incident playbook (Article 11) would have acted differently. The incident-response design is a governance deliverable, not a legal department deliverable.

What a prevented version looks like

The Moffatt incident would not have occurred if the airline had:

  1. Written authority chain making explicit that the chatbot describes published policies only.
  2. Retrieval-grounded chatbot architecture drawing from the authoritative policy store.
  3. Output validation checking that chatbot-stated policy matches stored policy before emission.
  4. Observability sampling that would have caught the mis-statement on the first few instances.
  5. Sampling-led post-hoc review by a human who could correct the pattern.
  6. A disclosure posture signalling to the user that the chatbot is an AI and that clarifications route to human agents on request.
  7. An incident playbook that treats a customer-disputed policy statement as a governance signal, not a legal-defence event.

Seven controls, any three of which would have been sufficient to break the chain of causation. The governance analyst who internalises this — that defence-in-depth means multiple weak controls can substitute for one strong one, and the absence of any one control is not necessarily fatal — builds more pragmatic governance.

Final note — the precedent stands

Moffatt v. Air Canada is now a precedent. Future disputes over AI-agent statements will cite it. The legal environment for agentic deployments in 2026 and beyond assumes the “our chatbot is a separate legal entity” argument is unavailable. The specialist should assume, when building governance for any agent whose outputs reach users, that the organisation owns the output, legally and reputationally, and should design accordingly. The absence of this assumption in Air Canada’s early deployment is the failure the case teaches.

Source: https://decisions.civilresolutionbc.ca/crt/sc/en/item/525448/index.do.