The Federal Communications Commission is planning to overhaul its public comments system to deter fraud and abuse, FCC Chairman Ajit Pai said in a letter to lawmakers last week.

The FCC may institute a CAPTCHA system as part of a redesign that will "institute appropriate safeguards against abusive conduct," Pai told Sens. Jeff Merkley (D-Ore.) and Pat Toomey (R-Penn.).

"[T]he FCC is planning to rebuild and re-engineer ECFS [Electronic Comment Filing System] and has submitted a request to reprogram the funds necessary to undertake this project," Pai wrote. "This reprogramming request is pending before the House and Senate Appropriations Committees, and we hope they will enable us to make important improvements by approving it soon."

The FCC comment system accepts public input on FCC proposals. The system allows anyone to comment and takes no significant steps to prevent spam or fraud.

Pai left fake comments in the record

During the net neutrality proceeding, the FCC refused to delete fake comments even when the real people who had been impersonated asked for the comments' removal. Pai defended that decision in his letter to lawmakers, saying that "when individuals contacted the Commission to complain that a comment was falsely filed in their name, the Commission responded by inviting them to file a statement to that effect in the public record."

But now that the net neutrality proceeding is long over, Pai is in favor of taking steps to combat comment fraud.

"I agree with you that the Commission should—and if we receive the requisite approval, will—incorporate CAPTCHA or a similar mechanism to prevent bots from submitting comments," Pai wrote.

Merkley and Toomey previously wrote to Pai, asking him to investigate the fraudulent comments that plagued the FCC's net neutrality proceeding and to prevent similar problems in the future.

The FCC received nearly 24 million comments on Pai's order to kill net neutrality rules and deregulate the broadband industry. An analysis by the New York attorney general's office found that 2 million of them were filed using stolen identities, though the number of fraudulent comments may be significantly higher.

"I furthermore agree with you that it is troubling that some bad actors submitted comments using false names," Pai wrote to Merkley and Toomey. "Indeed, like you, comments were submitted in my name and my wife's name that reflect viewpoints we do not hold."

“Behind the times”

The comment system is "technologically behind the times" and was designed under previous administrations to "make it as easy as possible to file comments," Pai wrote.

"But while facilitating widespread public participation in the rulemaking process is a worthy and important goal, we believe that we can accomplish that goal while at the same time updating our system to minimize the potential for abusive behavior," Pai continued.

Pai wrote that more than 7.5 million identical comments in the docket consisted of a single, pro-net neutrality sentence and that these comments were "associated with only 50,508 unique names and street addresses, and the vast majority of those street addresses do not appear to exist." Another 447,000 pro-net neutrality comments came from a single address in Russia, Pai noted.

Real commenters supported net neutrality

Pai's letter did not mention any fake comments that opposed net neutrality, although there were clearly many of those.

A study funded by the broadband industry found that 98.5 percent of unique net neutrality comments opposed Pai's order to eliminate net neutrality rules. Pai pressed on with his repeal despite widespread public opposition, finalizing the vote in December 2017. Pai said that the "raw number" of comments supporting or opposing net neutrality wasn't as important as "the substantive comments."

Pai's FCC has repeatedly been criticized by Democrats for not cooperating with investigations into the fake comments. Last year, then-New York Attorney General Eric Schneiderman said that "the FCC has refused multiple requests for crucial evidence in its sole possession that is vital to permit that law enforcement investigation to proceed."

Pai's FCC has claimed—without evidence—that a May 2017 outage in the comment system was caused by DDoS attacks. The US Government Accountability Office (GAO) is investigating the alleged DDoS attacks and comment fraud.