Merkley, Toomey urge FCC to address ID theft in public comments
Senators Jeff Merkley (D-OR) and Pat Toomey (R-PA) on Monday issued a strong call to Federal Communications Commission Chairman Ajit Pai to identify and address fraudulent behavior that has led to potentially 2 million fake comments being filed under stolen identities on public rulemakings.
Though they come from different sides of the aisle, Merkley and Toomey share a personal connection to this issue: Both had their identities stolen to file false comments on the FCC’s net neutrality proposals, Merkley’s news release stated.
“Late last year, the identities of as many as two million Americans were stolen and used to file fake comments during the Federal Communications Commission’s (FCC’s) comment period for the net neutrality rule,” the senators wrote in a letter to Pai. “We were among those whose identities were misused to express viewpoints we do not hold. We are writing to express our concerns about these fake comments and the need to identify and address fraudulent behavior in the rulemaking process.”
The senators specifically encouraged the agency to consider using CAPTCHA technology to help weed out comments posted by bots.
The senators also pressed Pai to investigate who is behind these millions of fake comments, requesting answers to the following specific questions:
· How is the FCC working with the Department of Justice to identify those who submitted fake comments?
· Is the FCC working with state attorneys general to determine whether state crimes were broken when these identities were stolen?
· What measures is the FCC taking to ensure this does not happen in the future?
· How can the FCC track down who misused the identities of two million Americans?
· Can the FCC determine how many of the fake comments on record were submitted by bots, a software application that runs automated tasks (scripts) over the Internet?
· Has the FCC considered using a CAPTCHA, or other security technology, to prevent fraudulent machine input ?
· Is the FCC aware of any foreign government submitting fake comments and for what purpose?
“The first three words in our Constitution are, ‘We the People.’ The federal rulemaking process is an essential part of our democracy and allows Americans the opportunity to express their opinions on how government agencies decide important regulatory issues,” the senators wrote. “As such, we are concerned about the aforementioned fraudulent activity. We need to prevent the deliberate misuse of Americans’ personal information and ensure that the FCC is working to protect against current and future vulnerabilities in its system.”
—
The full text of the letter follows below.
May 21, 2018
The Honorable Ajit Pai
Chairman
Federal Communications Commission
445 12th Street Southwest
Washington, DC 20554
Dear Chairman Pai:
Late last year, the identities of as many as two million Americans were stolen and used to file fake comments during the Federal Communications Commission’s (FCC’s) comment period for the net neutrality rule. We were among those whose identities were misused to express viewpoints we do not hold. We are writing to express our concerns about these fake comments and the need to identify and address fraudulent behavior in the rulemaking process.
The first three words in our Constitution are, “We the People.” The federal rulemaking process is an essential part of our democracy and allows Americans the opportunity to express their opinions on how government agencies decide important regulatory issues. As such, we are concerned about the aforementioned fraudulent activity. We need to prevent the deliberate misuse of Americans’ personal information and ensure that the FCC is working to protect against current and future vulnerabilities in its system.
Simple security measures should be employed to restore trust in the rulemaking process. For example, a CAPTCHA, or Completely Automated Public Turing test to tell Computers and Humans Apart, could be used in future public comment submissions. This technology would ensure that a human, not a machine, is using a computer to submit comments.
We encourage the FCC to determine who facilitated these fake comments. While we understand and agree with the need to protect individuals’ privacy, we request that the FCC share with the public the total number of fake comments that were filed.
We also request that the FCC answer the following questions regarding those fake comments:
· How is the FCC working with the Department of Justice to identify those who submitted fake comments?
· Is the FCC working with state attorneys general to determine whether state crimes were broken when these identities were stolen?
· What measures is the FCC taking to ensure this does not happen in the future?
· How can the FCC track down who misused the identities of two million Americans?
· Can the FCC determine how many of the fake comments on record were submitted by bots, a software application that runs automated tasks (scripts) over the Internet?
· Has the FCC considered using a CAPTCHA, or other security technology, to prevent fraudulent machine input ?
· Is the FCC aware of any foreign government submitting fake comments and for what purpose?
Thank you for your time and attention to this important matter, and we look forward to reviewing your responses to the above questions.
Sincerely,