Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
×
Communications

Senators Demand FCC Answer For Fake Comments After Realizing Their Identities Were Stolen (gizmodo.com) 185

Two US senators -- one Republican, one Democrat who both had their identities stolen and then used to post fake public comments on net neutrality -- are calling on FCC Chairman Ajit Pai to address how as many as two million fake comments were filed under stolen names. From a report: Senators Jeff Merkley, Democrat of Oregon, and Pat Toomey, Republican of Pennsylvania, are among the estimated "two million Americans" whose identities were used to file comments to the FCC without their consent. "The federal rulemaking process is an essential part of our democracy and allows Americans the opportunity to express their opinions on how government agencies decide important regulatory issues," the pair of lawmakers wrote [PDF].

"As such, we are concerned about the aforementioned fraudulent activity. We need to prevent the deliberate misuse of Americans' personal information and ensure that the FCC is working to protect against current and future vulnerabilities in its system. We encourage the FCC to determine who facilitated these fake comments," the letter continues. "While we understand and agree with the need to protect individuals' privacy, we request that the FCC share with the public the total number of fake comments that were filed."

This discussion has been archived. No new comments can be posted.

Senators Demand FCC Answer For Fake Comments After Realizing Their Identities Were Stolen

Comments Filter:
  • Good (Score:5, Insightful)

    by Anonymous Coward on Tuesday May 22, 2018 @01:28PM (#56654626)
    They need to know how it feels.
    • haha, this just reminds me of judge saying it was okay to rifle through people's trash without permission, then was humiliated when people rifled through his trash

    • Or did someone just put their name in the name field and click submit?

      I don't know of any commenting system that accurately connects a real person to a comment. You don't think people call me Sycodon, do you?

      Well, maybe they do. But that's besides the point.

      What do these Senators suggest be done? Force people to register and show ID?

      • Or did someone just put their name in the name field and click submit?

        This.

        This comment system is not part of our democracy. There is no voting here; there is nothing binding; there is nothing validated. Anyone can comment using any name they want, because it is simply too difficult under such a system to validate any identity information. Even if you validate, too many people have the same name to ever try to limit comments to only one "Tom Smith" or "sycodon" (ahhh, I get it now. Yes, I know a couple of people I would call sycodon (homonym).)

        What do these Senators suggest be done? Force people to register and show ID?

        OH NO, gasp, forcing people to

  • by RobinH ( 124750 ) on Tuesday May 22, 2018 @01:32PM (#56654648) Homepage

    The comment form probably looked like this:

    Comment: _______________________________________

    Please enter your name: _____

    Please enter your address: _____

    [ ] Check this box to certify this is really you.

    • by SlaveToTheGrind ( 546262 ) on Tuesday May 22, 2018 @01:46PM (#56654750)

      The comment form probably looked like this:

      Comment: _______________________________________

      Please enter your name: _____

      Please enter your address: _____

      [ ] Check this box to certify this is really you.

      Pretty much, without even the checkbox. The actual form is here [fcc.gov].

      They also allowed bulk submissions via an API or uploading a CSV per here [fcc.gov].

      I can't believe anyone is truly shocked over this.

      • I can't believe anyone is truly shocked over this.

        "Your winnings, Monsieur Pai."

        • Nah. As I've said repeatedly around here, the comment mechanism isn't a ballot box and comments aren't votes. The comment mechanism is a way for the FCC to get thoughtful, relevant input from the public that it hadn't previously considered.

          The "RETAIN!!1!!" and "REPEEL!!!!" ballot stuffing comments at issue didn't meet that criteria (and in fact made it even more difficult for the FCC to wade through and find anything actually meaningful).

        • I can't believe anyone is truly shocked over this.

          "Your winnings, Monsieur Pai."

          Follow the money.

          • He will take a job with some Internet provider for a hundred million after he leaves office, and this will be legal. We can predict following the money and can't do anything.

      • The comment form probably looked like this:

        Comment: _______________________________________

        Please enter your name: _____

        Please enter your address: _____

        [ ] Check this box to certify this is really you.

        Pretty much, without even the checkbox. The actual form is here [fcc.gov].

        They also allowed bulk submissions via an API or uploading a CSV per here [fcc.gov].

        I can't believe anyone is truly shocked over this.

        I don't think anyone is surprised that there were lots of fake comments. What people are surprised about is that the FCC doesn't seem to have bothered to try to weed out the fake ones. They were very obvious. Millions of identical comments (all opposing net neutrality) submitted by people with names in alphabetical order.

        Of course, Ajit Pai really had no interest in getting public comments, much less in seriously considering them.

        • What people are surprised about is that the FCC doesn't seem to have bothered to try to weed out the fake ones.

          What makes you think they didn't weed out the fake ones? The fact that they were available to view by the public on the web doesn't mean anyone in the FCC paid any attention to them. They were filed public comments and as such became part of the public record. It would be very dangerous precedent for the FCC to start deleting public comments, because the next one it deletes might be yours.

          They were very obvious.

          Yes, they were. Obvious enough that there is no reason to believe that the FCC gave them any more weight than they deser

          • The ones all supporting net neutrality were just as obvious, if you were looking, or if you didn't just accept them at face value because they agree with your opinion. Fakes were coming in on both sides. They were obvious to anyone who wanted to see them, and there is no reason to think that either side carried any weight in any decision making.

            False equivalence.

            Several organizations undertook the effort of filtering the duplicates and the fakes, and while there were some pro-neutrality fakes they were swamped by the anti-neutrality fakes. And once both were cleaned out, public sentiment was overwhelmingly in favor of NN, a fact that was strongly supported by every competent poll on the subject.

            The FCC absolutely should have listened to public sentiment on this one, and under any other administration, would have.

            • False equivalence.

              Nonsense. If you're upset because the FCC accepted fake anti-neutrality comments, then you better be just as upset because they accepted fake pro ones. Otherwise you are a hypocrite.

              And once both were cleaned out, public sentiment was overwhelmingly in favor of NN

              You mean there were more comments. Using whatever name the person posting them entered. This wasn't a vote. It was a public comment period. The number of comments is irrelevant.

      • by ljw1004 ( 764174 )

        I can't believe anyone is truly shocked over this.

        No one's shocked. The background is that you need a hook to make a proper actionable complaint about it. What this news story is about is that now there's a hook that looks more actionable than previously discussed hooks.

        • The background is that you need a hook to make a proper actionable complaint about it.

          What's to complain about? This wasn't a mechanism for voting -- it was a mechanism for members of the public to provide perspectives to the FCC that they might not have already considered. Given that, the names attached to the comments are, frankly, irrelevant. The only reason there was a kerfuffle about this at all is the pervasive urban legend that this was somehow a vote.

          • by ljw1004 ( 764174 )

            What's to complain about? This wasn't a mechanism for voting -- it was a mechanism for members of the public to provide perspectives to the FCC that they might not have already considered. Given that, the names attached to the comments are, frankly, irrelevant. The only reason there was a kerfuffle about this at all is the pervasive urban legend that this was somehow a vote.

            The other reason is it's a basic part of democracy that the FCC should pay attention to what people think and should base its decisions on evidence; it enshrined part of this duty in its own rule-making process which requires it to attend to every comment. If it then says "we can't pay attention to the comments because there were too many of them and they were junk" then some think this exempts it from its duty, and others think it has to find other ways to fulfill its duty.

            • The other reason is it's a basic part of democracy that the FCC should pay attention to what people think and should base its decisions on evidence;

              The FCC public comment period is NOT A VOTE. It is NOT A DEMOCRACY. They read the comments and consider them for what they contain -- not who makes them. The public comments may or may not contain this "evidence" which you think is so critical. They are not, by themselves, evidence.

              it enshrined part of this duty in its own rule-making process which requires it to attend to every comment.

              You have some twisted definition of "attend to" if you think it means they have to answer each and every comment.

              If it then says "we can't pay attention to the comments because there were too many of them and they were junk"

              Saying that they found the 8 million junk comments unconvincing is "attend[ing] to" them with one sentence. They wi

              • by ljw1004 ( 764174 )

                The FCC public comment period is NOT A VOTE. It is NOT A DEMOCRACY. They read the comments and consider them for what they contain -- not who makes them. The public comments may or may not contain this "evidence" which you think is so critical. They are not, by themselves, evidence.

                I fully agree with this.

                You have some twisted definition of "attend to" if you think it means they have to answer each and every comment.

                I firmly believe they shouldn't answer each and every comment, and they shouldn't be expected to.

                If it then says "we can't pay attention to the comments because there were too many of them and they were junk"

                Saying that they found the 8 million junk comments unconvincing is "attend[ing] to" them with one sentence. They will, of course, not pay attention to the junk comments, in the sense that they will not change the outcome. Why would you expect them to? They're junk comments.

                I agree they shouldn't pay attention to the junk comments. I think they should pay attention to important evidence (some of which may be raised in the non-junk website comments, much of which will come from elsewhere).

                I think however that they've knowingly chosen a submission-and-evidence-receiving mechanism (the comments website) which is doomed to be unworkable. The high volume of junk

                • I firmly believe they shouldn't answer each and every comment, and they shouldn't be expected to.

                  Then what is the problem? They didn't do what you don't expect them to anyway. What is the "actionable hook" that we're creating by all of this? What do you mean by "attend to" that they didn't do, if you don't think they need to respond to every comment -- you did say it was their duty to "attend to every comment". If they don't need to attend to every comment, then what duty did they fail to perform?

                  I think however that they've knowingly chosen a submission-and-evidence-receiving mechanism (the comments website) which is doomed to be unworkable.

                  Except it has worked very well for many many other NPRM and regulatory issues. It gathered a lot of cruft

      • That's not much different from what info is required to register to vote [vote.gov]. Name, address, DOB, a state-issued ID (which can be obtained with just the previous three), and a signature swearing that you're a U.S.citizen and allowed to vote.

        This whole thing is a Pandora's box for both sides. Insisting that the comments should be verified leaves you vulnerable to questions about why you're ok with a lower standard of confirmation for voting. Insisting that verification is unnecessary leaves you vulnerable
        • This whole thing is a Pandora's box for both sides. Insisting that the comments should be verified leaves you vulnerable to questions about why you're ok with a lower standard of confirmation for voting. Insisting that verification is unnecessary leaves you vulnerable to questions about why then you think the voter registration needs to be verified.

          Only for the side that maintains these comments were somehow supposed to be votes. For those that recognize they weren't votes and were never represented to be votes, there's no inconsistency at all advocating for strong identity verification requirements for actual votes.

    • by mysidia ( 191772 )

      The official form is even funner.... There's No Checkbox, AND You can type Multiple names into the "Your Name" field, And in addition they provide interfaces to Bulk-upload comments.

      There is not even a superficial attempt to verify the commentator's identities and prevent robotic submissions.

      • There is not even a superficial attempt to verify the commentator's identities and prevent robotic submissions.

        That's because the identities are impossible to verify in the first place, and irrelevant in the second. It's the comment that is relevant. The only people who care who makes a good point or a significant comment are those who rely on ad hominem.

        If you think the people reading the comments at the FCC couldn't figure out that a 3000-name comment saying "netwerk nutraltie rocks, dude!" or 10,000 comments saying "ditch that network neutrality crap, it's socialism!" were meaningless, you're a loon.

  • Common Knowledge (Score:5, Insightful)

    by sirsky ( 53613 ) on Tuesday May 22, 2018 @01:40PM (#56654696)
    It has been common knowledge that millions of comments were forged and faked from day one. An estimated 2 million American's stolen identities to post fake comments on an incredibly important issue doesn't matter -- until it's just 2 American Senators? What's wrong with this picture?
    • by TigerPlish ( 174064 ) on Tuesday May 22, 2018 @01:53PM (#56654788)

      C'mon, you know that's how it works here. It could affect most of the population and they'll do nothing.

      It affects a few of THEM, and yeah.. now it's a Thing.

      • by Hodr ( 219920 ) on Tuesday May 22, 2018 @08:32PM (#56656608) Homepage

        Just to be clear. This doesn't affect them. It's not like their credit card was stolen or their SSN plastered on the side of a billboard. If someone says "it shows here that you were AGAINST net neutrality in this FCC comment", they could say "I didn't write that". The end.

        So if they are pursuing this, they are using their own "identity theft" as a means of forcing the issue into the light again so they can discuss the broader effect of millions of fake comments.

        • So if they are pursuing this, they are using their own "identity theft" as a means of forcing the issue into the light again so they can discuss the broader effect of millions of fake comments.

          And what is the "broader effect" of millions of fake comments? Exactly what difference did they make in anything?

          The only result is a tempest in a teapot over something that anyone who knew the process could have, and probably did, predict. Gee, hot-button issue combined with public record and easy comment submission resulted in floods of fake comments that everyone could examine for themselves. I'm shocked. It's never happened before. Ever. In the history of the world.

          By using the term "identity theft"

    • An estimated 2 million American's stolen identities to post fake comments on an incredibly important issue doesn't matter -- until it's just 2 American Senators? What's wrong with this picture?

      The idea that is it "identity theft" if someone who has the same name as you do uses it to post a public comment to the FCC, and that the name is relevant to begin with.

      Also, the idea that there were 2 million comments means anything. It wasn't a vote. It wasn't a referendum.

      Also, the idea that comments made in a public filing should be deleted. That's a really big thing wrong with this picture.

      • I have a very rare last name, several hundred at most in the US with my exact spelling of my last name. I can literally count on one 1 hand the number of people with my last name living in my state. None of them have the same first name as my mom. Yet somehow a comment was left with her name and her address supporting net neutrality repeal, that she says she did not submit. How do you explain that?
        • I have a very rare last name,

          And there is no law preventing anyone else from choosing to use that name for themselves, EXCEPT if they are doing it for the specific purpose of committing fraud in the legal sense. E.g., if I use your name to try to get a credit card expecting you to get the bill, that's legal fraud. If I use your name to subscribe to the local newspaper blog without any reference to you at all, that is not fraud in the legal sense.

          Yet somehow a comment was left with her name and her address supporting net neutrality repeal,

          So what is the FCC supposed to do to prevent that from happening? Be angry at someone who l

  • I've not filed a comment on the FCC website, nor read any. What is required in order to comment there? Just a name? Driver license number? Social Security number? How much of "Americans' personal information" was stolen and used?

  • My identity gets stolen, or account hacked, or whatever and it's "meh, use better passwords dumass".

    One of the rulers gets their identity stolen and it's suddenly a big deal.

    Too bad Trump is turbocharging the swamp, instead of draining it like he promised.
    • Of course he drained it. There wasn't any room for new swamp.

    • Did he ever even define the swamp? It's easy to promise to 'drain the swamp' when you never identify anyone specific as part of it. Your supporters naturally assume that anyone with policies they oppose must be part of this swamp.

  • by roc97007 ( 608802 ) on Tuesday May 22, 2018 @02:16PM (#56654928) Journal

    ...And then a politician gets his identity stolen, and suddenly it's a big deal. Ok, got that.

  • and net neutrality restored and all of Ajit Pai's work inspected for any other improprieties, and if things look worse prosecute Ajit Pai for anything worthy of prosecution
  • And then how many real ones? That's what we really want to know.
  • by Sumus Semper Una ( 4203225 ) on Tuesday May 22, 2018 @03:41PM (#56655354)

    Every now and then you get a nice little quote when you read TFA. This was my favorite from this one:

    The FCC comment process is, in other words, a complete shitshow

    • The FCC comment process is, in other words, a complete shitshow

      When vandals destroy something you like, do you blame the people who provided the nice thing for not being proactive enough to stop determined, technically proficient vandals, or do you blame the vandals?

      The FCC public comment process, for the most part, works well, and provides the public a way to comment on proposed regulatory actions that impact it. I have participated before, and I have no reason to believe that the FCC pays significant attention to spammed or fake comments.

      In THIS case, a computer-k

      • When vandals destroy something you like, do you blame the people who provided the nice thing for not being proactive enough to stop determined, technically proficient vandals, or do you blame the vandals?

        Well, first, you hardly had to be technically proficient to spam the FCC comments form. It was pretty much built to make spamming it as easy as possible. Second, if the nice thing were a public comment box for a controversial issue, yes, I would entirely blame the people who put it up for thinking it would in any way be useful or indicative of public opinion. For all that people rail about misuse of tax funds for frivolous uses in the US, somehow this doesn't qualify?

        Please tell me, sir, how you propose that the FCC validate the identity of every commenter, and why anonymous comments should never be allowed in response to a government request for comments.

        If the comments are meant to be anony

        • Well, first, you hardly had to be technically proficient to spam the FCC comments form.

          I didn't say you had to be. But you can expect that a topic dealing with the Internet will attract comments from a higher percentage of people who know how to do it in large volumes, and it is a hot-button topic for many of them. If you didn't expect fake comments, you weren't paying attention.

          It was pretty much built to make spamming it as easy as possible.

          It was built to make entering comments by the public easy. And it was built with the full knowledge that it is and was impossible to validate identity information. Not every regulatory action the FCC proposes is lim

      • I can't see what the point of the comments process was: The results were sure to be so full of fake submissions as to be completely meaningless, and it's pretty clear the FCC knew this from the start and the whole process was just a charade.

        I just assumed that the public comment process was required by law - some law that pre-dated the internet, when commenting actually meant going to the trouble of writing in a letter.

        • I can't see what the point of the comments process was: The results were sure to be so full of fake submissions as to be completely meaningless, and it's pretty clear the FCC knew this from the start and the whole process was just a charade.

          Anyone who knows the process knew it would be filled with fake comments. From both sides. It was obvious. The only people who are shocked, shocked I say, are ignorant people who still don't understand what the public comment process is intended for, or that it is required, or that there are laws called "paperwork reduction acts" that try to move everything that can be to online systems.

          The FCC has been very good about moving things online, which makes things a LOT easier for everyone. For example, when you

  • by hAckz0r ( 989977 ) on Tuesday May 22, 2018 @04:11PM (#56655514)
    "While we understand and agree with the need to protect individuals' privacy," Note this does not include those that are impersonating real people whom you are actually required to protect. The scoundrels that posted many times using our names using several fake addresses around the country can be drawn and quartered and then boiled in oil on the spot. -- your Senator
  • And that's a big If, but if it was only 2 million fake comments out of 23 million submitted, then that's pretty close to the fake signature threshold used for ballot initiatives in California [ballotpedia.org]. If the initiative gathers more than 110% of the required minimum signatures, it's assumed that only 10% are fake and the ballot qualifies without further verification. The 10% figure is based on the number of fake signatures which turn up in a random sample of initiatives which gather less than 110% the required min
  • It's all bribes and kickbacks until the issue affects the lawmakers.

Swap read error. You lose your mind.

Working...