Photo Credit: Image by Shutterstock (c) PathDoc
Forget Russian fake news for a moment. Another extremely consequential privacy-breaching, identity-theft hack is undermining our democracy and almost certainly being perpetuated by corporate America.
A pattern of cyber deception is appearing across the federal government in the nooks and crannies of the process where White House directives or Congress’ laws are turned into the rules Americans must abide by—or in the Trump era, are repealed.
Hundreds of thousands of comments, purportedly made by Americans, have come in over the electronic transom to at least five different federal agencies calling for an end to Obama-era consumer protections and other regulations that impede profits, a series of investigative reports by the Wall Street Journal found. Except, the people who supposedly sent these comments never did.
The latest example concerns the so-called "Fiduciary Rule," which originated in the Labor Department and was to talk effect in July 2019, to try to prevent conflicts of investment from investment advisers targeting retirees.
“Consider the experience of Robert Schubert, a Devon, Pa., salesperson,” the Journal’s report said. “A comment posted in his name on the Labor Department website opposed the rule, saying: ‘I do not need, do not want and object to any federal interference in my retirement planning.’ In an interview, Mr. Schubert said the comment was a fraud. He didn’t post it and doesn’t agree with it. ‘I am disgusted that people can post comments using my name,’ Mr. Schubert said.”
In this report, the Journal hired a polling firm that reached 50 people who allegedly commented and found that 40 percent said they didn’t post anything on the department’s website. A department spokesman told the Journal it removes fraudulent comments when notified and said posting them is a felony. But, as the Journal reported, “Most federal agencies make it difficult to independently check the authenticity of public comments; only a few publish email addresses along with the comments.
This example is just the tip of a much larger pro-corporate, anti-consumer effort.
“The Journal previously found fraudulent postings under names and email addresses at the Consumer Financial Protection Bureau, Federal Energy Regulatory Commission and Securities and Exchange Commission and the Federal Communications Commission,” it continued. “The Journal’s findings were cited by calls from Congress to delay the repeal of the FCC’s net-neutrality rule.”
The FCC didn’t heed that call, but instead threw out the rule designed to stop the telecom giants that control data pipelines from charging different rates to users depending on the volume and speed of their online communications. The day before the FCC vote in late November, the Verge reported, “A search of the duplicated text found more than 58,000 results as of press time, with 17,000 of those posted in the last 24 hours alone.”
At that time, New York State Attorney General Eric Schneiderman, a Democrat, had been stonewalled by the FCC for six months in his office’s efforts to investigate the falsified public comments. (Verge first reported the fake comments in May 2017.) What’s emerged since is that this fraudulent lobbing tactic isn’t simply a cut-and-paste operation—akin to having thousands of people submit the same letter to Congress after getting a mass emailing. While the Journal reported “818,000 identical comments” out of 10.1 million collected for the net neutrality rule, and after contacting 2,700 senders found “72% said they had nothing to do with them,” they also found a more insidious trend.
The clandestine sender’s software was apparently slightly revising the written sentences, to make it seem that the messages were more authentic and unique.
“Subtle similarities appeared in 1.3 million net-neutrality comments that seemed to be different. The same long sentences appeared in many comments, sometimes up to 30,000 times,” the Journal reported, noting that this same pattern has been seen in analyses of customer reviews on Amazon.com.
Needless to say, so-called astroturf lobbying, in which industry groups seek to present grassroots support for policies benefiting their bottom line, is not new. As the paper noted, in 2017, the CFRB was inundated with fake comments after it attempted to regulate payday lenders, which charge high interest rates for short-term loans.
“As with many agencies, the CFPB opts not to put many of the duplicative comments online. It posted 200,000 ‘unique’ comments out of the 1.4 million on its payday-lending proposal,” it reported. “But postings the Journal uncovered went beyond being merely duplicative. They included comments from stolen email addresses, defunct email accounts and people who unwittingly gave permission for their comments to be posted. Hundreds of identities on fake comments were found listed in an online catalog of hacks and breaches.”
But that's not all the Journal noticed. It also discovered that the clandestine senders of these faked mass e-mails were fabricating pro-consumer comments, apparently to give the appearance that the public cared about both sides, but not enough to reveal or offset their deception.
“While many fakes were anti-regulatory, the Journal also found pro-regulatory comments on the FCC and FERC websites where people said they didn’t post them,” it reported. “In most of those cases, the people surveyed said they agreed with the comments, indicating that while they didn’t authorize them, a group or individual might have had their names in a list of like-minded people, possibly from the organization posting it. Some of these people said they were angry that someone who had access to their email address would post it, even though they agreed.”
The Journal’s investigative report noted that many people whose identities were hijacked for lobbying purposes were furious, but they didn’t explore the most obvious question: who is behind these moves? While there is likely to be more than one answer and one culprit, only one category of special interest has the means and motives to thwart government regulators: that's the targeted industries, professional trade association and lobbyists and the biggest corporate players.
Instead the Journal’s investigative reports leave readers with small-scale indignation and not the bigger pattern that private sector interests have found a new way to steal and use personal data for their bottom-line battles with government.
“How the hell is this possible ?” Jessica Lints of Blossvale, N.Y., wrote [to] the Journal. “And if these people are so damn concerned about this issue that I know nothing about why are they not using their own names?” Lints, an assistant Boy Scout scoutmaster, said she is careful about not expressing political opinions.
But about all those marketing entities and businesses and political groups that track and collect data from an unwitting public? Not a word.