"My LATE husband's name was fraudulently used [in comment to FCC]."

An analysis of public comments on the FCC's plan to repeal net neutrality rules found that 2 million of them were filed using stolen identities. That's according to New York Attorney General Eric Schneiderman.

"Millions of fake comments have corrupted the FCC public process—including two million that stole the identities of real people, a crime under New York law," Schneiderman said in an announcement today. "Yet the FCC is moving full steam ahead with a vote based on this corrupted process, while refusing to cooperate with an investigation."

Some comments were submitted under the names of dead people.

"My LATE husband's name was fraudulently used after a valiant battle with cancer," one person told the AG's office. "This unlawful act adds to my pain that someone would violate his good name."

Schneiderman set up a website where people can search the FCC comments for their names to determine if they've been impersonated. So far, "over 5,000 people have filed reports with the Attorney General's office regarding identities used to submit fake comments," the AG's announcement said.

Another person quoted by Schneiderman's announcement said a comment was posted in their father's name "more than a year AFTER HIS DEATH!!!"

"This comment was made under my mom's name," another person said. "She passed away several years ago from cancer. This is sickening."

Names matched data breaches

While the 5,000 reports provide anecdotal evidence, the AG's office performed an analysis of the 23 million public comments in order to figure out how many were submitted under falsely assumed identities.

Many comments for and against net neutrality rules are identical because advocacy groups urged people to sign form letters, so the text of a comment alone isn't enough to determine if it was submitted by a real person.

The AG's office thus examined comment text along with other factors, such as whether names matched lists of stolen identities from known data breaches. Schneiderman's office also told Ars that it looked into whether or not the submission of comments was in alphabetical order, one after another, in short time periods. In general, analysis of formatting and metadata played a role in the analysis.

The number of comments believed to be fake has grown as the A.G.'s investigation continues, and it isn't done yet. Schneiderman's office is still analyzing the public comments. We asked Schneiderman's office how many of the fake comments supported net neutrality rules, and how many opposed them, but were told that the information was not available.

While fake comments used names and addresses of people from across the nation, more than "100,000 comments per state" came "from New York, Florida, Texas, and California," Schneiderman's announcement said.

Withheld evidence

Schneiderman's office started investigating fraudulent comments about six months ago, but says the FCC has refused to turn over key evidence. Last week, FCC Chairman Ajit Pai's office questioned whether the fraudulent comments actually violate New York law, and whether Schneiderman has any authority to demand evidence.

Schneiderman also wrote a letter to the FCC today. It said:

One might expect a federal agency to harbor a great deal of concern when faced with strong evidence of a massive fraud uncovered by multiple sources—including, most recently, The Wall Street Journal—that appears to have thoroughly infected its most important rulemaking since the establishment of net neutrality more than a decade ago. Yet, over the objections of a growing bipartisan coalition of over thirty members of both houses of Congress, 18 [other] state attorneys general, and FCC Commissioners Jessica Rosenworcel and Mignon Clyburn, the Commission's leadership appears determined to proceed with its December 14 vote. Moving forward with this vote would make a mockery of the notice and comment process mandated by the Administrative Procedure Act and reward those who perpetrated this fraud in service of their own hidden agenda.

The FCC claimed that turning over Internet Protocol addresses would violate people's privacy. But Schneiderman said his office "has repeatedly stated that it would keep such records confidential, as our agencies have done when sharing sensitive information previously." Examining such records is "routine" in Internet crime investigations, he wrote.

We asked Pai's office for a response today and will update this story if we get one.

Commissioner Rosenworcel once again called for a delay in tomorrow's vote to repeal net neutrality rules. Her statement said:

This is crazy. Two million people have had their identities stolen in an effort to corrupt our public record. Nineteen Attorneys General from across the country have asked us to delay this vote so they can investigate. And yet, in less than 24 hours we are scheduled to vote on wiping out our net neutrality protections. We should not vote on any item that is based on this corrupt record. I call on my colleagues to delay this vote so we can get to the bottom of this mess.