A comment posted on the Federal Communications Commission’s public docket endorses a Trump-administration plan to repeal a “net neutrality” policy requiring internet providers to treat all web traffic the same.
Calling the old Obama-era policy an “exploitation of the open Internet,” the comment was posted on June 2 by Donna Duthie of Lake Bluff, Ill.
It’s a fake. Ms. Duthie died 12 years ago.
The Wall Street Journal has uncovered thousands of other fraudulent comments on regulatory dockets at federal agencies, some using what appear to be stolen identities posted by computers programmed to pile comments onto the dockets.
Reports earlier this year of fraudulent comments on the FCC docket prompted the Journal to investigate the phenomenon there and at other federal agencies. After sending surveys to nearly 1 million people—predominantly from the FCC docket—the Journal found a much wider problem than previously reported, including nearly 7,800 people who told the Journal comments posted on federal dockets in their names were fakes.
The Journal found instances of fakes that favored antiregulation stances but also comments mirroring consumer-groups’ pro-regulation talking points, posted without permission of people whose names were on them.
Such distortions, often unknown even to the agencies involved, cut against an important element of democracy, the public’s ability to participate in federal rule-making. The public-comment process, mandated by law, can influence outcomes of regulations affecting millions.
It is a federal felony to knowingly make false, fictitious or fraudulent statements to a U.S. agency.
The scope of the fake comments is evident on the FCC website in 818,000 identical postings backing its new internet policy. The agency is expected on Thursday to roll back President Barack Obama’s 2015 rules, which telecommunication companies have called onerous. Consumer groups and Internet giants such as Alphabet Inc.’s Google and Facebook Inc. back the Obama rules and have fought efforts by FCC Chairman Ajit Pai to nix them.
In a random sample of 2,757 people whose emails were used to post those 818,000 comments, 72% said they had nothing to do with them, according to a survey the Journal conducted with research firm Mercury Analytics.
“It makes me feel like our democracy is broken,” said Jack Hirsch, chief executive of software startup Butter.ai, who learned from the Journal his name was on a fake submission supporting the Trump-administration position, which he opposes, saying it would harm his San Francisco firm.
Agencies generally accept public comments via email, mail or hand delivery. Some also let people post directly onto their websites. Some require registration first or collect comments and then publicly post them later.
The Journal heard from people reporting fraudulent postings under their names and email addresses at the FCC, Consumer Financial Protection Bureau, Federal Energy Regulatory Commission and Securities and Exchange Commission.
One 369-word comment supporting the Obama-era net-neutrality rules was posted on the FCC website more than 300,000 times. One of those was attributed to Gloria Burney, 87, a retired speech therapist in Los Angeles.
She isn’t in favor of repealing those rules, she said, “but I never wrote that.”
A comment from “Elzor The Blarghmaster” at 9632 Elm Road, Maywood, Ill., was among the 818,000 identical FCC comments backing the Trump policy. No such address could be found, said Jimmie Thompson, a U.S. Postal Service carrier in Maywood.
Comments filed with the SEC on the proposed sale of the Chicago Stock Exchange include one submitted by “Jason Blake, commentator, The Wall Street Journal.” The Journal has had no employee by that name, Journal spokesman Steve Severinghaus said.
Comments filed with the SEC on the proposed sale of the Chicago Stock Exchange include one submitted by “Jason Blake, commentator, The Wall Street Journal.” The Journal has had no employee by that name, Journal spokesman Steve Severinghaus said.
The SEC said it removed the comment. Asked what it does to verify commenters’ identities, the SEC said letters not attributable to known people or entities “are assessed during the course of the rule-making process.”
CFPB spokesman John Czwartacki said: “Director [Mick] Mulvaney is concerned about any inauthentic data that comes to the Bureau. We intend to look into this matter further.” An agency official said the bureau doesn’t verify each comment and doesn’t require commenters to submit the type of information that might assist in authenticating their comments.
FERC spokeswoman Mary O’Driscoll, asked what the agency does to verify commenters’ identities, said: “If someone believes that they have been misrepresented in comments filed with us, they should contact us to let us know.”
FCC spokesman Brian Hart said questionable comments on its net-neutrality rule included some “submitted in the name of Superman and Batman, among others. These comments, however, are generally not substantive so thus have no impact on a rulemaking.” Asked what the FCC does to verify identities, he said: “We err on the side of keeping the public record open and do not have the resources to investigate every comment that is filed.
Comments filed with the SEC on the proposed sale of the Chicago Stock Exchange include one submitted by “Jason Blake, commentator, The Wall Street Journal.” The Journal has had no employee by that name, Journal spokesman Steve Severinghaus said.
The SEC said it removed the comment. Asked what it does to verify commenters’ identities, the SEC said letters not attributable to known people or entities “are assessed during the course of the rule-making process.”
CFPB spokesman John Czwartacki said: “Director [Mick] Mulvaney is concerned about any inauthentic data that comes to the Bureau. We intend to look into this matter further.” An agency official said the bureau doesn’t verify each comment and doesn’t require commenters to submit the type of information that might assist in authenticating their comments.
FERC spokeswoman Mary O’Driscoll, asked what the agency does to verify commenters’ identities, said: “If someone believes that they have been misrepresented in comments filed with us, they should contact us to let us know.”
FCC spokesman Brian Hart said questionable comments on its net-neutrality rule included some “submitted in the name of Superman and Batman, among others. These comments, however, are generally not substantive so thus have no impact on a rulemaking.” Asked what the FCC does to verify identities, he said: “We err on the side of keeping the public record open and do not have the resources to investigate every comment that is filed.
Under the Administrative Procedures Act, agencies must take comments under consideration but needn’t pay heed to them. The impact often comes afterward, when the regulated parties appeal to the next administration, the courts or Congress, which can alter a rule or slow its implementation.
Failure to consider comments has become a factor in litigation, with judges sometimes forcing an agency to address comments it ignored.
“Astroturf lobbying”—typically when an interest group gins up support from individuals and characterizes it as a grass-roots movement—has been around Washington for decades.
Agencies were already swamped with comments from these mass emailings of duplicate comments, which aren’t considered fraud if groups submitting them have authorization from individuals named. The CFPB last year had such a hard time managing the 1.4 million comments on its payday-lending rule that it fired one contractor and hired a new one to process them, according to internal emails released under the Freedom of Information Act.
As with many agencies, the CFPB opts not to put many of the duplicative comments online. It posted 200,000 “unique” comments out of the 1.4 million on its payday-lending proposal.
But postings the Journal uncovered went beyond being merely duplicative—they were outright fabricated. They included comments from stolen email addresses, defunct email accounts and people who unwittingly gave permission for their comments to be posted. Hundreds of identities on fake comments were found listed in an online catalog of hacks and breaches.
The largest number of comments the Journal confirmed as phony were to the FCC, one of few agencies to routinely post email addresses with comments. Its net-neutrality rule has generated 23 million comments, believed to be the most a federal agency has received on a rule.
Suspicions of fakery in net-neutrality comments emerged in May, when thousands of emails poured into the FCC after HBO’s “Last Week Tonight with John Oliver” urged viewers to support the Obama policy. They were followed by thousands backing repeal.
Chicago programmer Chris Sinchok said he spotted a sharp increase in comments that began: “The unprecedented regulatory power the Obama administration imposed on the internet is smothering innovation.”
He found a near-constant rate—1,000 every 10 minutes—punctuated by periods of zero comments, as if web robots were turning on and off. He determined many were from hacked accounts.
After Mr. Sinchok and a pro-net-neutrality group, Fight for the Future, blogged that they found indications thousands of FCC comments might be fakes using stolen identities, New York Attorney General Eric Schneiderman in May began a criminal investigation.
The Journal examined those “unprecedented regulatory power” comments and found that duplicates of it exceeded any other comment according to Quid Inc., a San Francisco tech firm that analyzes massive amounts of content and studied the data at the Journal’s request.
The comment has been posted on the FCC website more than 818,000 times. The Journal sent surveys to 531,000 email accounts associated with that comment. More than 7,000 bounced back, the accounts defunct. Of the 2,757 who responded, 1,994, or 72%, said the comment was falsely submitted. The survey’s margin of error was plus or minus 1.86% points.
The survey’s results, Mercury Analytics CEO Ron Howard said, are “a very significant indication of fraud.”
“Generating tens and sometimes hundreds of thousands of fake posts on public comment websites for the purpose of swaying public opinion and impacting the opinions of political decision makers is wide-scale,” Mr. Howard said, “not limited to a party, not limited to an issue, and not limited to a social ideology.”
Though a majority of those who responded agreed with the comments attributed to them, many were alarmed their identities had been misappropriated.
“How the hell is this possible ??????” Jessica Lints of Blossvale, N.Y., wrote the Journal. “And if these people are so damn concerned about this issue that I know nothing about why are they not using their own names?” Mrs. Lints, an assistant Boy Scout scoutmaster, said she is careful about not expressing political opinions.
The Journal also examined 2.8 million of the 23 million comments in four clusters and sent surveys to 956,000 of those addresses—including the 531,000 sent to the “unprecedented regulatory power” commenters—seeking to verify the people made the comments.
Based on the responses, three batches expressing anti-regulatory viewpoints were 63%, 72% and 80% bogus comments. The fourth set, in favor of the old rules, was 32% bogus.
Mr. Hart, the FCC spokesman, said the “most suspicious activity has been by those supporting Internet regulation.” He said the FCC received more than 7.5 million comments consisting of the same short-form letter supporting the current rules from about 45,000 unique email addresses, “all generated by a single fake e-mail generator website.”
He said the FCC received more than 400,000 comments supporting the old rules “from the same address in Russia.”
A review of the FCC comments by data-analytics firm Emprata determined that 36% of the docket, 7.75 million comments, were attributable to FakeMailGenerator.com, a site that generates one-time emails and can’t receive emails. The analysis was commissioned by a group of telecommunications firms that support the Trump-administration proposal.
These contained nearly identical comments, virtually all opposing the proposal, Emprata said. Emprata CEO Paul Salasznyk said “our analysis was conducted in an independent fashion.” Efforts to locate FakeMailGenerator.com representatives weren’t successful.
Reports of the fake FCC comments have led some lawmakers to demand probes. After Fight for the Future said it found about 24 people saying they hadn’t posted the “unprecedented regulatory power” comment, Rep. Frank Pallone Jr. of New Jersey asked the Justice Department to investigate those comments as criminal acts.
The Justice Department hasn’t responded to the request, Mr. Pallone’s spokesman said. Justice spokeswoman Lauren Ehrsam confirmed the letter was received, declining to comment further. Mr. Pallone and 10 other members last week wrote the Government Accountability Office seeking an investigation. The GAO said it already had plans next year to begin examining the FCC’s information-security controls, including over internet comments.
This month, 28 senators wrote a letter to the FCC saying the comment pool was so polluted it should delay the net-neutrality decision.
It is difficult to determine who is behind phony comments. The Journal found clues in data embedded in online documents, which showed more than 4,000 fake comments had been submitted to the CFPB through IssueHound, a Richmond, Va., firm. It charges interest groups to use its software and create websites to gather hundreds and thousands of like-minded people to write unique comments or send pre-written statements to lawmakers and regulators. Its website says it “randomly selects related paragraphs and generates unique letters.”
Jay Thomas Smith, an IssueHound spokesman, said clients “use our program because it affords greater flexibility for letter-writers, more accurately expressing the writer’s views on an issue,” adding that the software “requires human input.” He declined to comment on CFPB-rule work.
IssueHound played a role in anomalies the Journal found on the CFPB’s site seeking comment on its proposal to tighten payday-lending rules, set to take effect July 2019.
Quid reviewed the 200,000 “unique” comments the CFPB posted on its payday-lending proposal. They weren’t entirely unique. More than 100 sentences opposing the payday rule each appeared within more than 350 different comments.
This sentence was embedded in 492 comments: “I sometimes wondered how I would be able to pay for my high power bill, especially in the hot summer and cold winters.”
The Journal emailed about 13,000 surveys to those posting comments to the CFPB site. About 120 completed surveys. Four out of 10 said they didn’t send the comment associated with them. These comments opposed the new regulations.
Ashley Marie Mireles, 26, said she didn’t write the comment posted on the CFPB’s website under her name but had clues how it got there. Her former employer, payday lender California Check Cashing Stores, told branch personnel in Clovis, Calif., to fill out an online survey after too few customers did, she said. In the survey, she said she received a payday loan for “car bills.” She had borrowed $50 to patch a tire.
On July 8, 2016, a 217-word comment with Ms. Mireles’s name and email was sent to the CFPB, reading, in part: “I had no idea the bill would be as expensive as it was after I took my car to the shop. To help me pay for everything, I went to get a cash loan.”
Untrue, she said. Her family owns an auto shop where she doesn’t pay.
Bridgette Roman, spokeswoman for California Check Cashing, denied Ms. Mireles’ account, saying customers were offered a computer that walked them through creation of “a customized comment” on the rule and were told it would be submitted to the CFPB. “The former employee was mistaken or confused.”
Ms. Mireles’s comment showed it originated from IssueHound and TelltheCFPB.com, a site used by a payday-lending trade group.
Another comment originating from IssueHound and TelltheCFPB.com came from Carla Morrison of Rhodes, Iowa. It included: “This is my only good option for borrowing money, so I hope these rules don’t happen.”
Ms. Morrison, 63, said she had nothing to do with it. She said she got a $323 payday loan and ended up owing more than $8,000 on it through a payday lender. “I most definitely think they should be regulated.”
The payday-lending trade group, Community Financial Services Association of America, used IssueHound and TelltheCFPB.com to send comments on the payday-lending rule, said Dennis Shaul, the group’s CEO.