Resource owner can be a machine, not just people. There are many cases where no humans are involved in the entire OAuth flow, especially in enterprise setups. At least, that’s what I meant when I introduced the term in RFC 5849 (and later in OAuth 2.0).