The Vergecast - What happened in the comments section of the FCC's net neutrality hearing?
Episode Date: November 5, 2019This week on The Vergecast, Verge editor-in-chief Nilay Patel talks with Jeremy Singer-Vine, the data editor for the BuzzFeed News investigative unit, about his story that was published recently regar...ding the fake comments on the Federal Communications Commission’s online net neutrality debate. If you haven’t read the piece, you should. The investigation details where all of the fake comments in the FCC’s net neutrality process came from, including dead people leaving comments and shady political operatives involved in the scam. It’s not really a story about net neutrality; rather, it’s about how systems designed for public participation in the government are so easily scammed, and what the challenges are for preventing such scams from happening. Nilay and Jeremy discuss why it happened, how it happened, and what happens next if we want to use the internet to encourage open access participation in government without corruption. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Transcript
Discussion (0)
Support for the show comes from Retool.
Too many companies run critical operations on duct taped spreadsheets,
Slack workflows, and whatever else they could cobble together.
Not because they want to, but because building internal tools
means weeks of waiting on someone else's backlog.
That's where Retool comes in.
Build custom internal tools just by describing what you need.
Prompts something like,
Build Me a Revenue Dashboard on our Salesforce data.
And Retool actually builds it on your company's data,
in your cloud with enterprise security built in.
Go to retool.com slash Verchcast.
We all need to retool how we build software.
What's up, y'all. I'm Skyler Diggins,
seven-time WMBA All-Star, Olympic gold medalist, and mom.
And I'm Cassidy Hubbard, host and reporter for nearly 20 years,
covering the biggest names and stories in sports and mom.
And this is Am Mom, a community for athletes, game changers,
and moms of all kinds.
dropping May 14th.
Tap in with us.
Hey everybody, it's now from the Vergecast
on this week's interview episode.
We've got a little bit of a heist situation.
It's Jeremy Singer-vine.
He's the data editor for the BuzzFeed News investigative unit.
He just did a huge story
about the fake comments
of the FCC's net neutrality hearing.
So you might have seen this on BuzzFeed.
It is a huge investigation
into where all of the fake comments
in the FCC's net neutrality process came from.
I mean, this is like dead people
were leaving comments.
It turned out it was a huge scam.
There are some shady political operatives involved.
There are some companies that are literally pulling names and personal information out of data breaches
and using that to file comments through an automated system in the FCC.
The story is not so much about neutrality.
It's really a story about how systems designed for open access, for public participation in the government,
are so easily scammed and the challenges at locking that stuff down.
So Jeremy and I got into what happened, how it happened,
and then what happens next if we actually want to use the Internet to include.
encourage public participation without all the scams and all the corruption.
It's a super interesting conversation.
Check it out.
Jeremy Singer-Vine, you are the data editor for investigations of BuzzFeed News.
How are you?
I'm doing well, thanks.
Thanks for having me.
Thanks for coming on.
So a couple weeks ago, you wrote a story with Kevin Collier at BuzzFeed called The Impersonators.
This story uncovered that millions of comments in the net neutrality proceeding were fake.
And you found the firms that kind of did the fakery.
Right.
So when the FCC opened up commenting on its net neutrality proposal to repeal the Obama-era net neutrality provisions,
there were ultimately over the course of many months, 22 million comments.
And there was a lot of great reporting, including by the verge and other outlets,
showing there was something very funky about a lot of these comments.
Some were clearly fake as in they didn't come from anyone.
Some seemed to be clearly impersonating other people.
People said that there were comments under their names that they definitely didn't leave.
and the general knowledge that there were millions of problematic comments had been known for a while.
And we tried to get to the bottom of as much as we could.
And we ended up focusing on one particular group of nearly two million comments that through a reporting we discovered were clearly instances of impersonation and had been ultimately funded by the broadband industry.
So just to put some perspective on this, it's been happening for a long time.
The FCC has just recently won its court appeal saying it could change the rules.
But Trump gets elected.
He appoints Ajit Pai to be the chairman of the FCC.
Pi is sort of well known as a character to the audience of the show.
And they race through this proceeding to switch the rules.
And in the course of that very fast process, a bunch of things happened.
But notably, the FCC's comment servers crashed.
Pi claimed that they'd been attacked.
He never really released any evidence of this attack.
And then everyone noticed that all these fake comments were bubbling up.
And what got me was Pi said over and over again, it is not the quantity of comments that we get.
It's the quality of them, which to me felt like telecom companies like Verizon have lawyers who are writing these comments.
Those are higher quality.
We're going to pay attention to those, not the regular people.
But it kind of seems like they were astroturfed by paid political consultancies.
And then they got to ignore the whole thing.
And they just moved on with it.
And that was like kind of my read of it.
And then I read your story.
And it's like, oh, it's actually way more sophisticated.
and that underneath.
There's actually companies,
and it's their business
to flood these sort of open comment systems.
Walk me through who these companies are a little bit.
Sure.
Yeah, and Paya's comments
and the general framing of quality over quantity
is interesting because that is sort of the rule of law
that federal agencies are supposed to accept
all the comments they can on any new proposed rule,
and they're supposed to not treat it as a vote,
although lots of agencies do,
report percentages that have comments that had one opinion or another. But they're really supposed to
say, you know, here are the perspectives we received. We're going to take these into account into our
rulemaking, but we don't have to treat them as a sort of binding vote. So that's, I think,
where Pai's perspective comes from. It is grounded in the rules that agencies are supposed to follow,
but political operators know that even if the public version of how these things work is
quality over quantity, people are paying attention to the quantity. So there are political consultancies
that have cropped up over the years that help organizations, regardless of political persuasion,
but help people amass comments for public comment periods. So when we saw in the Net Neutrali
proceeding, there are 22 million comments, a huge proportion of nearly half were submitted in bulk
through the FCC's bulk uploading system.
And these were comments that were gathered
on behalf of organizations,
some pro-net neutrality, some anti.
The idea is the FCC's system,
it crashed, as you noted,
is not the most user-friendly system.
So you can go out and you can collect comments
on behalf of an opinion or an organization or what have you,
and then submit them all at once to the FCC.
Through FOIA,
we were able to get records of who had done those bulk submissions.
And very quickly, when we were looking through that data,
this particular group of 2 million comments jumped out to us
because they had a huge overlap with a data breach
known as the Modern Business Solutions data breach
had happened a little bit earlier than that.
And those comments had been submitted by a political consultancy
known as Media Bridge.
They are called Media Bridge.
and they do a range of things, including very vocally they've written on their website, flooding agencies with comments on a topic that the client asks for, essentially.
Yeah, you've got this quote in the story, spend a million dollars with Media Bridge, and most likely you'll have a million people plus advocating for your position.
Right.
Which seems like the cheapest political advocacy ever devised.
It's a good question.
I mean, certainly the idea of mass commenting is not something that Media Bridge invented.
It's something that people, of all, political persuasions, have been doing for a long time.
And there is a legitimate use for it, which is lots of people feel strongly about something,
but they don't feel like they are good writers or they don't have the time to sit down for an evening and type out detailed thoughts.
And so it has been accepted generally as politically legitimate to just sign on.
behalf of somebody else's statement that a political organization or an advocacy organization may say,
do you agree with this statement that we've pre-written? Insert your information and will sign it on
your behalf and send it to the FCC or some other agency. But that's not what's happening here.
Correct. You wrote that this is one of the largest instances of just misappropriation of identity
that's ever occurred in politics. Right. And it's made to seem, these comments were made to seem,
as if they came from regular people doing this sort of typical mass comment thing.
On their surface, it looks no different than mass comments submitted by any other organization.
But as we dug deeper, it turned out that for more than 94% of the comments that were submitted through MediaBridge,
the personal information on them matched exactly the personal information we're talking, the name, the physical address, the email address,
matched exactly the data that was in that breach database, the modern business solutions data breach.
And as we dug deeper, we found a pretty clear explanation for the remaining 6%.
So as we did our reporting, and we talked to people whose names were on these comments, they became clear that they had not submitted them.
And that the most likely explanation is that the data was just taken straight from this breach, attached to comments that were sort of generated in a sort of mad-lib style.
So they all looked a little bit different, different enough that they would seem unique and submitted to the FCC.
How did you, as you're going through the reporting process, how did you discover which breach
they had used?
Yeah, it's a good question.
Unless you have just like an excitement knowledge of what's in which, which would be amazing.
No, there is a great service available to anyone online called Have I Been Poned?
It's run by Troy Hunt, a security researcher, and what he does is gather these breach databases
as they're floating around the internet, figure out what email addresses have been breached in each
of those individual incidents, and then provide a service to let people look up, have I been breached,
has this email address been breached? And it lets you get a sense of how secure your personal
information might be, but it also enables researchers like us to figure out whether a large set of
email addresses, for example, we took a random sample of 10,000 email addresses from these comments,
overlap in particular with any given database breach. He has collected, I think, more than 200
breaches at this point. And we didn't come in with any preconceived notion about which breach
would be relevant or even which of the sets of comments submitted to FCC would be relevant.
But as we did our analysis, this set of comments and this particular breach shot right up to the top.
There's nothing like it. So MediaBridge harvests names and email addresses from Data Breach.
It's a good question. So MediaBridge is ultimately the organization that submitted the comments.
They worked with another company called LCX Digital advertising company that our reporting found
had been caught up in a couple other impersonation allegations.
They have a troubling history.
They are run by someone who has repeatedly lied about his personal history and resume.
We don't know exactly the relationship between LCX and Media Bridge and who did exactly what.
But it seems that given what else we know about LCX and what else we know about MediaBridge,
that LCX provided the list of names and addresses to MediaBridge, which then submitted those to the FCC.
And they did that by taking this sort of MadLibs generator and creating emails that were just different enough to evade detection?
It's a good question if it's different enough to evade detection.
That does seem to be part of the impetus, but most federal agencies use some.
some sort of deduplication when they're trying to read through comments, especially when you're
dealing with millions and millions of comments.
I don't know exactly what can get through that and what can't, but it did seem that the
goal of these comments that were submitted, the goal of the sort of text randomization was to
make it harder to say, oh, these are all the same comment and to treat them all as one instead
to require that someone read through them all.
But they're kind of like hard to read.
You have the text of a few of them in there, and they're almost impossible to read.
Yeah, so it's not the world's most sophisticated text generation.
It really is sort of like a sort of Madlib style generator.
If you go to the article online, you can play around with the generator.
We believe we've successfully reverse engineered the algorithm or the process for generating them.
Get a sense of how it works, but it's basically swapping in and out synonymous phrase.
And sometimes when those phrases line up right, it reads like a reasonable letter.
Other times, they're clear grammatical issues or sort of non-sec orders that don't totally seem to make sense.
And the FCC doesn't have any obligation to verify that these are real people.
I mean, your opening vignette is one of the names is a woman who died and her granddaughter is very unhappy about it.
Correct.
So the FCC doesn't have to make sure that these are real people at all.
No.
And in fact, when people have gone to the FCC, people who say they've been impersonated,
the FCC not only says it's not, it wasn't our obligation to prevent that, but we're not going to
take it down. Their policy is this is part of the permanent public record. If you disagree with
something that's been submitted in your name, you're welcome to submit a follow-up comment
that corrects the record or what have you. But the FCC not only does not verify, but does not
try to verify. There's no step in the process that would flag, for example, a large submission
that seemed to impersonate a lot of people.
There's nothing in their process that would detect that.
So it jumps out at me is your work overlapped with some researchers
who were also studying the same thing.
He came to largely the same conclusions.
I think the two of you went farther.
You identified the firm's sort of behind it.
You identified this faded breach.
But it seemed everyone agreed,
okay, there's a chunk here that's fake or impersonates people
or largely manipulated in some way.
And then there's a chunk that is real.
I think the word is organic.
Sure.
There's a researcher at ProPublica who estimated 99.7% of the organic comments, those that didn't appear to be duplicates are pre-written, favored maintaining the policy of net neutrality.
So it just seems like the FCC has, it wants to do whatever it wants to do.
I think every government agency wants to do whatever wants to do.
If you can just bury this stuff and say we can't, we under no obligation to sort it out, here's just a mess.
It really just seems like it's much easier for them to ignore public opinion.
It's a good question.
Certainly, it makes it harder for them to understand what public opinion is if they have to sort through millions of comments that are not genuine.
The research you cite by Jeff Cow was great.
Jeff's research early on found the same set of comments that we ended up later focusing on.
He found that there was this group of sort of madlib generated comments.
And a lot of our work was following up on that and trying to figure out where they came from.
They don't seem like all of them were too hard to find.
Like some of the names here are Boba Fett, Luke Skywalker,
random city and street addresses that don't exist.
It doesn't seem like a very sophisticated scam.
Right.
And to be clear, there were a lot of submissions that seem fishy,
not only from MediaBring, but from other submitters.
There were a ton of comments even that were pro-net neutrality
that seemed non-genuine in part because they were submitted with Pornhub.com addresses
or fake mail generator.
addresses. But there is a distinction, I think, between a lot of the comments that seem
clearly fake, because, for example, they came from a pornhub.com address, versus those that seem
intended to impersonate, or at least that impersonated whether or not that was the intention.
The examples we use in the story are a mix of regular Americans, like Annie Reeves, who you mentioned,
we started out the article talking about she was dead. At the time, she purportedly submitted a comment,
Not only that, but that had happened to her once before.
And there was even another comment to the FCC shortly before she died in her name.
So there are people like that who have no reason to be commenting according to their family
and certainly no ability to in the case of Andy Reeves.
Then we have people like senators and representatives in U.S. Congress
who are prominent people who have many other ways to make their opinions known
and much more forcefully than submitting a comment through the FCC.
And in many cases, these were Democrats who were in favor of net neutrality,
and yet their comments that were uploaded by MediaBridge seemed to advocate against net neutrality.
And then we have some of the more bizarre cases like Boba Fett and Luke Skywalker.
And the amazing thing to me about that, the sort of oh wow moment when I was looking through that data,
was Boba Fett and Luke Skywalker showed up in the FCC comments at,
a particular address, made up addresses that have no basis in reality, and they showed up in
exactly the same way in this hacked database.
So this isn't even the world's most sophisticated scan.
It just seems like a script kitty could do it, right?
You get the hacked database, you get the names and addresses, you plug in like an Excel
mail merge, and you're like off to the races.
The lack of sophistication is fascinating and troubling, I think, because you could imagine
a much more sophisticated campaign that was much harder to detect that maybe would have gone
unnotice, maybe has gone unnoticed. Maybe it's lurking there in the comments right now.
So that brings me to sort of the zoom out portion. The FCC for right now has won. They're not
going to appeal based on the comment system going awry. They might appeal for some other reasons.
The Supreme Court, there's obviously a state lawsuit against internet neutrality. We've talked about
it in length on this show. But this was the moment for the public to sort of most directly
make its opinion known. And it seems to have not only failed spectacularly, which it
it failed, but it was allowed to get so corrupt that now it can just be discounted.
Do you think there's a future for this kind of direct public action in a way that can't be
this easily scammed?
It's a great question.
There's certainly been proposals about ways in which agencies could do a better job,
verifying comments.
But, fascinatingly to me, as I started talking to experts and reading through testimony,
there's a real resistance to putting up any sort of barrier against public
participation. Part of the core mission of public commenting, at least according to the government,
is to make accessible to anyone who wants to, the ability to, the ideas to make their voice heard.
In reality, what they're really permitting is to make their opinions public.
It turns out when you have 22 million comments, your voice gets lost in a lot of other noise.
So I don't know if they're achieving the goal, but it's hard.
at least from what I've read and seen, to imagine them changing much right now.
And as you go to the FCC, it seems like they weren't willing participants in your story.
They blocked a FOIA request.
Was there any sort of reaction?
Was there any sort of, oh, wow, that's interesting.
We should look into it.
Sure.
I mean, the FCC is fascinating because it's led by a commission of five commissioners,
no more than three of which can ever be of the same political party.
So you're basically stuck forever at the FCC in a three to,
Republican or Democrat majority. So right now, Republicans control the FCC. They've reversed the
previous Obama era regulations, but there's still two Democrats on the commission. And they do seem to
care about this. Jessica Rosenworsal, Democratic commissioner, has been raising a big fuss about the comments
ever since initial issues were raised. And she's continued to. She wrote a dissent in one of our foias
FOIA decisions when it was denied.
She seems to care, but in the minority, she has much less power.
Yeah, we had Commissioner Stark's on the show, and he was right at the beginning of his tenure.
He's a little bit more settled now.
And he also seemed like fairly concerned.
Yeah.
I would say that this process was racing along, and none of the moments that you would stop and say,
is this accurate?
Is this correct?
But again, I think Pye and the other Republicans wanted to do it, and they were going to do it.
and all the process checks that the sort of legal challenges have not seemed to dissuade him.
So is there a lesson to be learned for, I guess, people like me who want to file comments or our readers?
Is this even a worthwhile use of their time?
That's a great question.
If I were a public commenter, which I'm not, but if I wanted to make my voice known,
it seems to me that you have a sort of trade-off between the effort it takes to contribute to civic discourse
and the amount of tension it will receive by the government.
This is one of the lowest effort ways to make your voice heard,
one of the lowest barriers to entry,
and I think consequently it is harder perhaps to make a difference
than it would be calling your congressperson,
doing something that required a little bit more effort on your part
to stand apart from the rest of the noise
instead of competing against 22 million other commenters for attention,
Maybe you're competing against 1,000 other people on the phones.
I don't know, but it does seem hard to break through.
Support for the show comes from Framer.
Framer is an enterprise-grade, no-code website builder,
used by teams at companies like Perplexity and Muro to move faster.
With real-time collaboration and a robust CMS,
with everything you need for great SEO,
not to mention advanced analytics that include integrated A-B testing,
your designers and marketers are empowered to build.
and maximize your dot com from day one.
So whether you want to launch a new site,
test a few landing pages,
or migrate your full.com,
Framer has programs for startups,
scale-ups, and large enterprises
to make going from idea
to live site as easy and fast as possible.
Learn how you can get more out of your.com
from a Framer specialist
or get started building for free today
at Framer.com
slash verge.
for 30% off a Framer Pro annual plan.
That's Framer.com slash verge for 30% off.
Framer.com slash verge.
Rules and restrictions may apply.
Support for the show comes from Grammarly.
You don't need reminding that the world moves fast.
But work today requires clear communication,
and when every message counts,
sounding rushed or generic,
can be getting lost in the shuffle.
Grammally gives you one place to think,
write and finish your work where you already write, while giving you access to agents that
help you sound natural and engaging. No matter what kind of writing you're doing, Gramerly helps you
get ideas done faster and move from draft to done with less friction. You can use Gramerley's
AI chat to brainstorm ideas, outline a solid draft, then refine it with context-aware suggestions
that fit what you're working on. See why 90% of professionals say Gramerley has saved them time writing
and editing their work.
In a world of generic AI,
you don't have to sound like everyone else.
With Grammarly, you never will.
Download Grammarly for free at Grammarly.com.
That's Grammarly.com.
So one criticism I've heard of these allegations of fakery is,
well, look, the other side does it too, right?
John Oliver will go on television and say,
stop it, call the FCC yell at them.
The Verge has published a story with the FCC's phone number
and the numbers you need to push to go through the...
phone tree in it. And it's basically like, look, you're doing it too. This is just as fake.
You're, like, you're riling people up and you're making them call. And the difference in
kind of fakery is actually not important to the fact that all this is inorganic in the end.
How do you reconcile that? How do you draw that distinction, if at all?
It's a great question. I think there is a distinction between encouraging people to comment,
right, which is what it seems like John Oliver's done. He,
I think specifically even joked about getting his trolls out there.
So maybe it comes from a not maybe the most sincere place,
but it seems like motivating real people to make real comments
in that they're writing them.
So it's one type of comment that people seem to maybe take issue with.
And then there are just demonstrably,
totally fake fabricated comments,
which come from names of people that don't exist,
from addresses that aren't real,
with comments purporting to say one thing or another.
And then there's the impersonation.
And we focused on impersonation because in addition to whatever political harm there might be
from a fake comment of any sort, there is a direct personal harm to the people whose opinions
are being sort of put online without their consent.
And it's not even their opinions.
It's in this case, you know, the broadband industry's opinions.
So how is it possible for a company like MediaBridge or LCX, which,
apparently hired by Broadman for America,
which is an industry group that I get emails from.
I mean,
they're a lobbying organization for the cable companies, basically.
How was this in industry?
Doesn't it seem like just like I make money submitting fake comments,
CFC, shouldn't be a job?
Certainly if you described it that way.
That's not how Meteorbridge describes.
And they took, to be clear, issue with our reporting,
they deny vehemently that they did anything wrong,
despite the evidence that we've,
presented, they've presented themselves publicly as going out, spending money on advertising
to find real people to sign on to these sorts of comments.
So that is, when you ask, what's the business model?
The business model is, in theory, real comments from real people.
And there's money in that because every organization in the world wants to show the government
that they have a lot of people on their side.
But there's like a, I mean, you're working at cross purposes.
If that's your business model, and maybe, I mean, this isn't anything to your story.
I'm just in my head.
I'm working it out.
But if that's your business model, then you're kind of like killing your business by faking it.
You would think so.
You get to charge higher prices of the real people.
And if every system is flooded by fakery and corruption and you're drowning out the real people,
then there's, you know, you'll never be able to charge you get.
Right.
I mean, if that is certainly, and what we saw with the net neutrality proceeding,
even before our reporting was a huge amount of doubt cast on the process in its entirety,
which are not only companies that purport to provide services to collect real comments,
but all the organizations out there that are collecting legitimate comments,
and the individuals who want to submit comments themselves.
In many cases, it's impossible for someone to say clearly, no, this comment is authentic,
it comes from me. So it's undermining everything.
So you talk to Broadband for America?
I tried to reach out. I did reach out to them several times, several modes of communication,
and they did not respond.
Yeah, once you get into the cable company lobby zone, it really gets murky, and everyone
gets to wash their hands of everything I've noticed. So what can people do?
If you're worried that you've been impersonated in this way or you want to take action
against it or just protect yourself, what's a step for an average consumer to take?
I think the first step is just to know whether or not you,
you have been impersonated.
And you can do that through the FCC's website.
If you search for FCC comment search or anything like that, you'll get the electronic comment filing system.
There's FCC's own system separate from the other federal agencies for collecting and submitting comments.
You can type in your name.
You can see anything that's been submitted under your name.
So step one is just to know if you've been affected.
Probably step two is to know more broadly whether your own data has been breached in any of these.
hundreds of data breaches, and for that you can go to Have I Been Poned, Have I Been, P-W-N-E-D-D-com, type in your email
address. There's not much you can do once your data's been breached, but at least you know
where the problems might be. Obviously, change your passwords and do all that, but your data,
unfortunately, is already out there in someone's hands.
You can set alerts on have I been posted.
Yeah, exactly. Every now and again, you get an email, and you're like, oh, I guess I'm spending
my Saturday this way. It's very sobering.
Do you think there's a future for this kind of open participation?
I mean, if there's an overall conversation with the Internet right now,
it's letting everybody talk to each other all the time is maybe not as positive as we thought.
Right.
And that scales from Facebook has a content moderation problem down to this knitting forum has been overrun with trolls.
Right.
It just seems like once you put a lot of people on the Internet, a lot of fakery and bad things start to happen.
Is there a role for this kind of tool in our government?
Can it ever possibly work?
It's a great question.
And there are plenty of proposed rules that agencies put out that get small numbers of comments.
They are not the target of any mass commenting campaign.
And in those cases, it certainly seems that agencies have the ability to and probably the interest in reading through all the comments.
I think the big question is what happens when there is a massively popular or high-profile proposals such as net neutrality or the EPA's put out a few.
or every agency at one point or another has one of these sort of high stakes or high profile proposals.
And then the question is, what do you do?
There's been a lot of resistance to doing anything different than what's happening.
Now, at the FCC, they got a small increase in their budget and allocation to improve their commenting system,
but it doesn't look like it's going to include any sort of real verification.
There might be a place outside of government to, this is just off the top of my head,
but if you could provide a platform that provide some real authentication services
and provide a way for people to say, yes, this really is me, yes, I'm a human, not a robot, whatever.
I could see some value in that.
But right now, that's certainly not something government's providing,
and that's not anything I'm aware of of having a lot of traction at the moment.
So you would submit to this sort of third party that validates you,
and then they would submit on your behalf?
Something like that, yeah, who knows.
But there's certainly, right now, it seems, a lot of resistance among Asians,
agencies themselves to institute any sort of real verification.
So it probably falls to people outside the government to provide that service if they want it.
As you were reporting on this story, what was the most surprising thing?
What was the turn that you were just not expecting?
The turn I was not expecting was the deposition we found in a case against LCX by a former
LCX co-founder, which LCX was found in 2007 by a few people.
Right now, it seems to be run really just by two people and mainly the main owner.
In 2011, one of the former co-founders filed a lawsuit against the remaining owners saying that he had been cut out of business deals and was owed money.
And as part of this lawsuit, he gave a deposition where, right in the middle of it, he says, this whole thing's a fraud.
The entire business is completely fraudulent, is a direct quote, and goes on to describe how they had made money or his, you know, his,
version of how they had made money. They'd been working not in the political realm at the time,
but for corporate clients. And he said, essentially, we tell clients that we will, we'll find
leads for them, and we'll find potential customers, because we'll advertise and they'll click
and they'll put in their info. But in reality, what we're doing behind the scenes, he said,
was purchasing lists of people from other sources and repackaging that data as legitimate leads.
It was shocking not only to see someone state something so blatantly, but also to see such a clear parallel between what he claimed LCX had done in the corporate sphere for their corporate clients and what it seemed was happening in the comments submitted to the FCC.
So that came as a shock and helped us figure out the rest of the reporting in some ways.
If you are a government agency, is it even legal for you to structure a system like this such that you're checking IDs?
This whole process is governed by something called the Administrative Procedures Act,
and it's something that agencies care a lot about.
They are required by federal law to obey these rules.
The rules are, as far as I know, phrased fairly generally,
but it mainly constitutes not placing any unreasonable burden on people who want to make their voice known.
So I think an agency would really have to grapple with the types of people they would be excluding
by raising barriers?
What if you don't have a permanent address?
Maybe that would prevent someone from being verified.
One thing that's come up a lot of times
in discussions about the comment system
is what if we had in just the most basic thing,
a CAPTCHA, right, so that you couldn't auto-submit
comments directly through the web interface.
Some people oppose that because CAPTCHAs are an accessibility issue
for a lot of users of the web.
So it's not that the government hasn't thought about this.
It's something that especially in light of the FCC proceeding, they thought about a lot and they grappled with.
But they seem to run up against a wall in balancing the codified laws about enabling as much participation as possible and the desire for some sort of verification or some sort of authentication of what's coming in.
to make sure that the quality stays high, or at least outright scams are prevented.
Sure, yeah.
And that's a tough balancing act.
Are other agencies struggling with this?
The FCC has attracted the most comments of any agency ever, first in the 2014-15 net neutrality proposal.
And then again, you know, by a landslide in the 2017 comment period.
But other agencies have received huge amounts of mass comments.
the EPA, Department of State at sometimes, IRS and other times, nothing on the scale of what the FCC has received, but certainly on the scale that makes it difficult for them to read everything if they were all unique.
So obviously this story took you a very long time. These are a lot of reporting. There are other people involved who are doing similar reporting. And there are a lot of attention drawn to this. But it seems as though, hey, let's check these email addresses against the have-I-be-be-Pone database could just be.
a normal thing that agencies do or that outside observers do?
I think that's fascinating.
There's nothing, as far as I know, preventing them from doing internal checks.
It seems like what they really don't want to do is put up preemptive barriers to submission.
But once the submissions come in, I think they have all the tools they want at their disposal.
They could certainly have a system that was checking a random sample of comments as they come in
and maybe it'd raise some sort of alarm if they received a whole bunch of comments that seemed inauthent.
whether it was because of an overlap with a breach database or something strange in the types of email addresses that were being submitted or who knows what.
But it does seem like a place where technology could play a role in helping agencies to understand the authenticity or potential authenticity of the comments they're receiving.
It's interesting because we cover the private platform companies so much.
And Facebook and Twitter and Reddit and YouTube are all very good at this now to a certain extent.
They still have bot problems and they still have fraud problems, but they have people who spend all of their time thinking about it.
Right.
And it seems over here, here is another open commenting platform on the Internet, and it just seems like a lawless wasteland.
And is there a way to bring those together?
It's a good question.
I mean, there is a real distinction between the private realm and the public government realm.
Same reason why free speech is something that applies to government action, not private, industry action.
And likewise, Twitter isn't, doesn't have to obey the Administrative Procedures Act.
So there's a real legitimate difference.
At the same time, there's a huge overlap in the sorts of functions that these systems play.
And you could imagine that one could learn from the other and vice versa.
Was there any reaction?
It's been a couple weeks since the story came out.
Has there been any reaction?
Have you seen any forward progress from the agencies?
Has there been any follow-up interest?
I have not heard of any concrete actions taken by these agencies,
especially not the FCC, which would be the one that would be most involved in this case,
in part because the people who care most about it are in the political minority.
It might be interesting to see in the next administration or whenever there is a democratic administration,
what they do on net neutrality and how this sort of issue figures into it.
But at the moment, they're kind of stuck in their minority.
Well, Jeremy, thank you so much for coming on.
It was really illuminating, perhaps a little bit depressing.
Thanks for having it.
That's like the Internet in 2019.
It is.
All right, my thanks to Jeremy Singer-Bind.
You can check out his work, obviously, at BuzzFeed News.
They're doing some great deep dives into the mechanics of some of this tech policy stuff.
We'll be back later this week with the chat show and then the interview show.
You can tweet at me.
I'm at Reckless.
I love hearing your suggestions for who we should talk to in these interview shows.
We have big plans for it in the future, and that feedback is super helpful.
So tweet at me.
I'm at Reckless.
I'll talk to you soon.