Digital power of attorney
An attorney-facing screen that mints a time-limited, organization-specific access code from a registered delegation, which a relying organization enters to verify authority.
As citizens delegate to software agents, an agency must be able to accept bounded, revocable authority granted to an agent that has no natural-person attorney standing behind it. The difficulty is reproducing the scoped authority, identity verification, and safeguards against abuse that paper power of attorney provided, when the delegate is software rather than a named person.
A relying party needs to confirm that a delegation is scoped, current, and revocable, and that the citizen who granted it had their identity verified, so it can act on the agent's authority without re-checking with the citizen.
The digital LPA service retains a paper pathway. For agent delegation, equivalent accommodations: telephone-based delegation setup with human assistance, in-person delegation at a government shopfront (Service NSW, Centrelink), and assisted-digital support where a trusted person helps set up the delegation (itself a delegation-within-delegation problem).
A delegation scoped to a category of affairs is turned into a 'generate access code for this organization' action, paired with a per-organization revocation list the donor controls.
No surface has been built yet; the approach above is the brief for one.
- Established Headline
For scoped, revocable delegation to an identified person.
- Frontier
Extended to a software agent, where the attorney is not a natural person.
UK Office of the Public Guardian — Lasting Power of Attorney (LPA) digital service. The Powers of Attorney Act 2023 enables fully digital creation and registration of LPAs. The Act received Royal Assent on 19 September 2023, but its substantive provisions were not all commenced at assent: the Office of the Public Guardian's digital LPA service remained in phased rollout into early 2026. All parties (donor, attorneys, certificate providers) must verify their identity electronically; a witness must still see the donor sign (a physical safeguard retained even in the digital process). The "Use an LPA" service lets attorneys generate secure access codes for specific organizations (banks, healthcare providers), creating organization-specific, revocable delegation tokens. Over two million LPAs had been added to the online service as of April 2025; the Act's digitised process is designed to cut registration time from around 20 weeks on paper to about 2 weeks online, chiefly by catching and fixing errors before submission rather than by post. The paper process is retained for those without internet access.
The LPA model maps closely onto agent delegation. LPAs are already scoped (health & welfare vs. property & financial affairs), though agent delegation would need finer granularity. The secure-access-code pattern (time-limited, organization-specific codes that third parties use to verify authority) maps directly to agent bearer tokens. Both the delegator and the delegate (agent operator) must be identity-verified.
The retained witnessing safeguard suggests that for high-stakes delegation a purely digital process may be insufficient: a "ceremony" step may be needed. Donors can revoke access codes and track which organizations have been given access.
The gap: LPAs delegate to identified natural persons. Delegating to a software agent has no equivalent, and the model does not yet settle who counts as the "attorney" when the delegate is an AI system, the agent operator that runs it, or the specific software instance.
Without organization-specific scoping, a delegate authorized for one service can drift into another. Scoped, revocable, organization-specific codes prevent that, and the donor's revocation and tracking view narrows the blast radius of any single grant.