U.S. Sen. Bill Nelson (D-FL) said today that reports indicating Russia was responsible for hundreds of thousands of fraudulent public comments submitted to the FCC on net neutrality last month show just how determined Russian President Vladmir Putin is to meddle in U.S. government operations.
“We know that there was Russian interference in the last election,” Nelson said on the Senate floor today. “We also know by our intelligence community that there was Russian entrants into the voting records of some 20 states. Now we’re seeing the Russian influence enter into the making of law.”
Nelson, who currently serves as the top Democrat on the Senate Armed Services Subcommittee on Cybersecurity, called the incident “deadly serious.”
“Shouldn’t the fact that there are Russian bots and people directed by the Kremlin trying to influence our government processes, shouldn’t that be something that we ought to be working with law enforcement?” Nelson said.
“This is deadly serious business because this is our democracy,” he continued. “When we see this kind of evidence, we know there is a flaw in the system and that flaw might actually have its source in the name of a person named Vladimir Putin.”
And here’s a rush transcript of his speech, followed by a copy of the Wall Street Journal article Nelson submitted for the record:
U.S. Sen. Bill Nelson
Remarks on the Senate floor
January 3, 2018
Sen. Nelson: I want to call to the attention of the Senate today is in the process of the new rule making that resulted in this 3-2 vote that’s upended everything, the process itself was flawed. Now, mind you, we come in to this on net neutrality. The public has no ambiguity on this. As reported by The Wall Street Journal, as reported by MSNBC and, Mr. President, I would ask that two articles related to the same be admitted. I ask unanimous consent. Into the record.
The Presiding Officer: Without objection.
Sen. Nelson: And in those articles it points out that net neutrality is widely popular. 83% of the American public support net neutrality. The other 17%, some of them say they don’t. I don’t know how they don’t. But it’s a pretty overwhelming majority, 83%. But even among Republicans in the surveys that have been done, 76% of self-identified Republicans say that they support net neutrality.
Here’s the flaw in the process that the FCC used: 24 million comments came in from supposedly “Americans” — and I put quotations around that — that were filed either for or against the rule making. There’s a problem in this record that was built because two million of those comments featured stolen identities. It was not a real person. It was somebody else’s identity. Some of those identities were people that had long since died. Half a million comments were from Russian addresses. 50,000 consumer complaints were inexplicably missing from the record.
Now let’s take the part from Russian addresses. Isn’t this beginning to tell us something that we know that there was Russian interference in the last election? We also know by our intelligence community that there was Russian entrants into the voting records of some 20 states.
Now we’re seeing the Russian influence enter into the making of law, in this case the rule making, trying to influence comments, whether it were comments for the rule making or against the rule making, it’s another indication that Russia indeed is intending on distorting, on influencing, the daily operations at the microscopic level – not at the level of the election of a president, but at the microscopic level – of influencing the development of rules to carry out laws. In this case, a rule that the American people feel quite strongly about.
83% in favor of net neutrality – the opposite of what the Republican majority on the FCC has enacted. So now we have at least 19 state attorneys general that have raised concerns. They even wrote to the Federal Communications Commission asking that the agency hold off on its vote to eliminate the net neutrality rules which the republican chairman and the FCC majority promptly ignored. And the FCC is refusing to even work with law enforcement to get to the bottom of this issue.
Shouldn’t the fact that there are Russian bots and people directed by the Kremlin trying to influence our government processes, shouldn’t that be something that we ought to be working with law enforcement?
Well, Mr. President, I’m going to continue to raise this issue over and over, whether it’s this agency’s, the FCC’s rule making or if it is other agencies’ rule making which is chronicled in this Wall Street Journal article that has been inserted in the record, this is deadly serious business because this is our democracy. We have to have the ability to operate in good faith that information that we are getting is accurate information. When we see this kind of evidence, we know there is a flaw in the system and that flaw might actually have its source in the name of a person named Vladimir Putin.
Mr. President, I yield the floor.
Millions of People Post Comments on Federal Regulations. Many Are Fake.
A Wall Street Journal investigation uncovered thousands of fraudulent posts on
agencies’ dockets, in hot-button areas such as net neutrality and payday lending
By James V. Grimaldi and Paul Overberg
Dec. 12, 2017
A comment posted on the Federal Communications Commission’s public docket endorses a Trump-administration plan to repeal a “net neutrality” policy requiring internet providers to treat all web traffic the same.
Calling the old Obama-era policy an “exploitation of the open Internet,” the comment was posted on June 2 by Donna Duthie of Lake Bluff, Ill.
It’s a fake. Ms. Duthie died 12 years ago.
The Wall Street Journal has uncovered thousands of other fraudulent comments on regulatory dockets at federal agencies, some using what appear to be stolen identities posted by computers programmed to pile comments onto the dockets.
Reports earlier this year of fraudulent comments on the FCC docket prompted the Journal to investigate the phenomenon there and at other federal agencies. After sending surveys to nearly 1 million people — predominantly from the FCC docket — the Journal found a much wider problem than previously reported, including nearly 7,800 people who told the Journal comments posted on federal dockets in their names were fakes.
The Journal found instances of fakes that favored antiregulation stances but also comments mirroring consumer-groups’ pro-regulation talking points, posted without permission of people whose names were on them.
Such distortions, often unknown even to the agencies involved, cut against an important element of democracy, the public’s ability to participate in federal rule-making. The public-comment process, mandated by law, can influence outcomes of regulations affecting millions.
It is a federal felony to knowingly make false, fictitious or fraudulent statements to a U.S. agency.
The scope of the fake comments is evident on the FCC website in 818,000 identical postings backing its new internet policy. The agency is expected on Thursday to roll back President Barack Obama’s 2015 rules, which telecommunication companies have called onerous. Consumer groups and Internet giants such as Alphabet Inc.’s Google and Facebook Inc. back the Obama rules and have fought efforts by FCC Chairman Ajit Pai to nix them.
In a random sample of 2,757 people whose emails were used to post those 818,000 comments, 72% said they had nothing to do with them, according to a survey the Journal conducted with research firm Mercury Analytics.
“It makes me feel like our democracy is broken,” said Jack Hirsch, chief executive of software startup Butter.ai, who learned from the Journal his name was on a fake submission supporting the Trump-administration position, which he opposes, saying it would harm his San Francisco firm.
Agencies generally accept public comments via email, mail or hand delivery. Some let people post directly onto their websites. Some require registration first or collect comments and then publicly post them later.
The Journal heard from people reporting fraudulent postings under their names and email addresses at the FCC, Consumer Financial Protection Bureau, Federal Energy Regulatory Commission and Securities and Exchange Commission.
One 369-word comment supporting the Obama-era net-neutrality rules was posted on the FCC website more than 300,000 times. One of those was attributed to Gloria Burney, 87, a retired speech therapist in Los Angeles. She isn’t in favor of repealing those rules, she said, “but I never wrote that.”
A comment from “Elzor The Blarghmaster” at 9632 Elm Road, Maywood, Ill., was among the 818,000 identical FCC comments backing the Trump policy. No such address could be found, said Jimmie Thompson, a U.S. Postal Service carrier in Maywood.
Comments filed with the SEC on the proposed sale of the Chicago Stock Exchange include one submitted by “Jason Blake, commentator, The Wall Street Journal.” The Journal has had no employee by that name, Journal spokesman Steve Severinghaus said.
The SEC said it removed the comment. Asked what it does to verify commenters’ identities, the SEC said letters not attributable to known people or entities “are assessed during the course of the rule-making process.”
CFPB spokesman John Czwartacki said: “Director [Mick] Mulvaney is concerned about any inauthentic data that comes to the Bureau. We intend to look into this matter further.” An agency official said the bureau doesn’t verify each comment and doesn’t require commenters to submit the type of information that might assist in authenticating their comments.
FERC spokeswoman Mary O’Driscoll, asked what the agency does to verify commenters’ identities, said: “If someone believes that they have been misrepresented in comments filed with us, they should contact us to let us know.”
FCC spokesman Brian Hart said questionable comments on its net-neutrality rule included some “submitted in the name of Superman and Batman, among others. These comments, however, are generally not substantive so thus have no impact on a rulemaking.” Asked what the FCC does to verify identities, he said: “We err on the side of keeping the public record open and do not have the resources to investigate every comment that is filed.”
Under the Administrative Procedure Act, agencies must take comments under consideration but needn’t pay heed to them. The impact often comes afterward, when the regulated parties appeal to the next administration, the courts or Congress, which can alter a rule or slow its implementation. Failure to consider comments has become a factor in litigation, with judges sometimes forcing an agency to address comments it ignored.
“Astroturf lobbying” — typically when an interest group gins up support from individuals and characterizes it as a grass-roots movement — has been around Washington for decades.
Agencies were already swamped with comments from these mass emailings of duplicate comments, which aren’t considered fraud if groups submitting them have authorization from individuals named. The CFPB last year had such a hard time managing the 1.4 million comments on its payday-lending rule that it fired one contractor and hired a new one to process them, according to internal emails released under the Freedom of Information Act.
As with many agencies, the CFPB opts not to put many of the duplicative comments online. It posted 200,000 “unique” comments out of the 1.4 million on its payday-lending proposal.
But postings the Journal uncovered went beyond being merely duplicative. They included comments from stolen email addresses, defunct email accounts and people who unwittingly gave permission for their comments to be posted. Hundreds of identities on fake comments were found in an online catalog of hacks and breaches.
While many fakes were anti-regulatory, the Journal also found pro-regulatory comments on the FCC and FERC websites where people said they didn’t post them. In most of those cases, the people surveyed said they agreed with the comments, indicating that while they didn’t authorize them, a group or individual might have had their names in a list of like-minded people, possibly from the organization posting it. Some of these people said they were angry that someone who had access to their email address would post it, even though they agreed.
The largest number of comments the Journal confirmed as phony were to the FCC, one of few agencies to routinely post email addresses with comments. Its net-neutrality rule has generated 23 million comments.
Suspicions of fakery in net-neutrality comments emerged in May, when thousands of emails poured into the FCC after HBO’s “Last Week Tonight with John Oliver” urged viewers to support the Obama policy. They were followed by thousands backing repeal.
Chicago programmer Chris Sinchok said he spotted a sharp increase in comments that began: “The unprecedented regulatory power the Obama administration imposed on the internet is smothering innovation.”
He found a near-constant rate — 1,000 every 10 minutes — punctuated by periods of zero comments, as if web robots were turning on and off. He determined many were from hacked accounts.
After Mr. Sinchok and a pro-net-neutrality group, Fight for the Future, blogged that they found indications thousands of FCC comments might be fakes using stolen identities, New York Attorney General Eric Schneiderman in May began a criminal investigation.
The Journal examined those “unprecedented regulatory power” comments. Duplicates of it exceeded any other comment, according to Quid Inc., a San Francisco tech firm that analyzes massive amounts of content and studied the data at the Journal’s request.
The comment has been posted on the FCC website more than 818,000 times. The Journal sent surveys to 531,000 email accounts associated with that comment. More than 7,000 bounced back, the accounts defunct. Of the 2,757 who responded, 1,994, or 72%, said the comment was falsely submitted. The survey’s margin of error was plus or minus 1.86% points.
The survey’s results are “a very significant indication of fraud,” Mercury Analytics CEO Ron Howard said. “Generating tens and sometimes hundreds of thousands of fake posts on public comment websites for the purpose of swaying public opinion and impacting the opinions of political decision makers is wide-scale,” he said, “not limited to a party, not limited to an issue,”
Though a majority of those who responded agreed with the comments attributed to them, many were alarmed their identities had been misappropriated.
“How the hell is this possible ??????” Jessica Lints of Blossvale, N.Y., wrote the Journal. “And if these people are so damn concerned about this issue that I know nothing about why are they not using their own names?” Mrs. Lints, an assistant Boy Scout scoutmaster, said she is careful about not expressing political opinions.
The Journal also examined 2.8 million of the 23 million comments in four clusters and sent surveys to 956,000 of those addresses — including the 531,000 sent to the “unprecedented regulatory power” commenters — seeking to verify the people made the comments.
Based on the responses, three batches expressing anti-regulatory viewpoints were 63%, 72% and 80% bogus comments. The fourth set, in favor of the old rules, was 32% bogus.
Mr. Hart, the FCC spokesman, said the “most suspicious activity has been by those supporting Internet regulation.” He said the FCC received more than 7.5 million comments consisting of the same short-form letter supporting the current rules, “all generated by a single fake e-mail generator website.” He said the FCC received more than 400,000 comments supporting the old rules “from the same address in Russia.”
A review of the FCC comments by data-analytics firm Emprata determined that 36% of the docket, 7.75 million comments, were attributable to FakeMailGenerator.com, a site that generates one-time emails and can’t receive emails. The analysis was commissioned by a group of telecommunications firms that support the Trump-administration proposal.
These contained nearly identical comments, virtually all opposing the proposal, Emprata said. Emprata CEO Paul Salasznyk said “our analysis was conducted in an independent fashion.” Efforts to locate FakeMailGenerator.com representatives weren’t successful.
Reports of the fake FCC comments have led some lawmakers to demand probes. After Fight for the Future said it found about 24 people saying they hadn’t posted the “unprecedented regulatory power” comment, Rep. Frank Pallone Jr. of New Jersey asked the Justice Department to investigate those comments as criminal acts.
The Justice Department hasn’t responded to the request, Mr. Pallone’s spokesman said. Justice spokeswoman Lauren Ehrsam confirmed the letter was received, declining to comment further. Mr. Pallone and 10 other members last week wrote the Government Accountability Office seeking an investigation. The GAO said it already had plans next year to begin examining the FCC’s information-security controls, including over internet comments.
It is difficult to determine who is behind phony comments. The Journal found clues in data embedded in online documents, which showed more than 4,000 fake comments had been submitted to the CFPB through IssueHound, a Richmond, Va., firm. It charges interest groups to use its software and create websites to gather hundreds and thousands of like-minded people to write unique comments or send pre-written statements to lawmakers and regulators. Its website says it “randomly selects related paragraphs and generates unique letters.”
Jay Thomas Smith, an IssueHound spokesman, said clients “use our program because it affords greater flexibility for letter-writers, more accurately expressing the writer’s views on an issue,” adding that the software “requires human input.” He declined to comment on CFPB-rule work.
IssueHound played a role in anomalies the Journal found on the CFPB’s site seeking comment on its proposal to tighten payday-lending rules, set to take effect July 2019.
Quid reviewed the 200,000 “unique” comments the CFPB posted on its payday-lending proposal. They weren’t entirely unique. More than 100 sentences opposing the payday rule each appeared within more than 350 different comments.
This sentence was embedded in 492 comments: “I sometimes wondered how I would be able to pay for my high power bill, especially in the hot summer and cold winters.”
The Journal emailed about 13,000 surveys to those posting comments to the CFPB site. About 120 completed surveys. Four out of 10 said they didn’t send the comment associated with them. These comments opposed the new regulations.
Ashley Marie Mireles, 26, said she didn’t write the comment posted on the CFPB’s website under her name but had clues how it got there. Her former employer, payday lender California Check Cashing Stores, told branch personnel in Clovis, Calif., to fill out an online survey after too few customers did, she said. In the survey, she said she received a payday loan for “car bills.” She had borrowed $50 to patch a tire.
On July 8, 2016, a 217-word comment with Ms. Mireles’s name and email was sent to the CFPB, reading, in part: “I had no idea the bill would be as expensive as it was after I took my car to the shop. To help me pay for everything, I went to get a cash loan.” Untrue, she said. Her family owns an auto shop where she doesn’t pay.
Bridgette Roman, spokeswoman for California Check Cashing, denied Ms. Mireles’ account, saying customers were offered a computer that walked them through creation of “a customized comment” on the rule and were told it would be submitted to the CFPB. “The former employee was mistaken or confused.”
Ms. Mireles’s comment showed it originated from IssueHound and TelltheCFPB.com, a site used by a payday-lending trade group.
The trade group, Community Financial Services Association of America, used IssueHound and TelltheCFPB.com to send comments on the payday-lending rule, said Dennis Shaul, the group’s CEO. Told of the Journal findings, he said: “We cannot begin to speculate as to why that is.” He said he had asked member lenders not to use coercion or gimmicks in the campaign and that they generated tens of thousands of handwritten notes. “I’m very disappointed to hear this, and it is not at all the outcome we expected.”
IssueHound’s Mr. Smith said: “There is little more I can say about the letters as we simply license the platform.”
The late Ms. Duthie’s phony comment was among copy-and-paste-style comments that dominate the FCC docket.
One under Ms. Duthie’s name was submitted with the email address of her ex-husband, Peter Duthie. It began: “FCC: Hi, I’d like to comment on Internet Freedom.” That sentence, including two spaces after the colon, opened 974 comments.
Mr. Duthie said he didn’t submit it. He did file, he said, a comment opposing the Trump-administration plans.