244 posts categorized "Fraud" Feed

How the Case for Voter Fraud Was Tested — and Utterly Failed

[Editor's note: today's blog post, by reporters at ProPublica, explores the results of a trial in Kansas about the state's voter-ID laws and claims of voter fraud. It is reprinted with permission.]

By Jessica Huseman, ProPublica

In the end, the decision seemed inevitable. After a seven-day trial in Kansas City federal court in March, in which Kansas Secretary of State Kris Kobach needed to be tutored on basic trial procedure by the judge and was found in contempt for his “willful failure” to obey a ruling, even he knew his chances were slim. Kobach told The Kansas City Star at the time that he expected the judge would rule against him (though he expressed optimism in his chances on appeal).

Sure enough, federal Judge Julie Robinson overturned the law that Kobach was defending as lead counsel for the state, dealing him an unalloyed defeat. The statute, championed by Kobach and signed into law in 2013, required Kansans to present proof of citizenship in order to register to vote. The American Civil Liberties Union sued, contending that the law violated the National Voter Registration Act (AKA the “motor voter” law), which was designed to make it easy to register.

The trial had a significance that extends far beyond the Jayhawk state. One of the fundamental questions in the debate over alleged voter fraud — whether a substantial number of non-citizens are in fact registering to vote — was one of two issues to be determined in the Kansas proceedings. (The second was whether there was a less burdensome solution than what Kansas had adopted.) That made the trial a telling opportunity to remove the voter fraud claims from the charged, and largely proof-free, realms of political campaigns and cable news shoutfests and examine them under the exacting strictures of the rules of evidence.

That’s precisely what occurred and according to Robinson, an appointee of George W. Bush, the proof that voter fraud is widespread was utterly lacking. As the judge put it, “the court finds no credible evidence that a substantial number of non-citizens registered to vote” even under the previous law, which Kobach had claimed was weak.

For Kobach, the trial should’ve been a moment of glory. He’s been arguing for a decade that voter fraud is a national calamity. Much of his career has been built on this issue, along with his fervent opposition to illegal immigration. (His claim is that unlawful immigrants are precisely the ones voting illegally.) Kobach, who also co-chaired the Trump administration’s short-lived commission on voter fraud, is perhaps the individual most identified with the cause of sniffing out and eradicating phony voter registration. He’s got a gilded resume, with degrees from Harvard University, Yale Law School and the University of Oxford, and is seen as both the intellect behind the cause and its prime advocate. Kobach has written voter laws in other jurisdictions and defended them in court. If anybody ever had time to marshal facts and arguments before a trial, it was Kobach.

But things didn’t go well for him in the Kansas City courtroom, as Robinson’s opinion made clear. Kobach’s strongest evidence of non-citizen registration was anemic at best: Over a 20-year period, fewer than 40 non-citizens had attempted to register in one Kansas county that had 130,000 voters. Most of those 40 improper registrations were the result of mistakes or confusion rather than intentional attempts to mislead, and only five of the 40 managed to cast a vote.

One of Kobach’s own experts even rebutted arguments made by both Kobach and President Donald Trump. The expert testified that a handful of improper registrations could not be extrapolated to conclude that 2.8 million fraudulent votes — roughly, the gap between Hillary Clinton and Trump in the popular vote tally — had been cast in the 2016 presidential election. Testimony from a second key expert for Kobach also fizzled.

As the judge’s opinion noted, Kobach insisted the meager instances of cheating revealed at trial are just “the tip of the iceberg.” As she explained, “This trial was his opportunity to produce credible evidence of that iceberg, but he failed to do so.” Dismissing the testimony by Kobach’s witnesses as unpersuasive, Robinson drew what she called “the more obvious conclusion that there is no iceberg; only an icicle largely created by confusion and administrative error.”

By the time the trial was over, Kobach, a charismatic 52-year-old whose broad shoulders and imposing height make him resemble an aging quarterback, seemed to have shrunk inside his chair at the defense table.

But despite his defeat, Kobach’s causes — restricting immigration and tightening voting requirements — seem to be enjoying favorable tides elsewhere. Recent press accounts noted Kobach’s role in restoring a question about citizenship, abandoned since 1950, to U.S. Census forms for 2020. And the Supreme Court ruled on June 11 that the state of Ohio can purge voters from its rolls when they fail to vote even a single time and don’t return a mailing verifying their address, a provision that means more voters will need to re-register and prove their eligibility again.

For his own part, Kobach is now a candidate for governor of Kansas, running neck and neck with the incumbent in polls for the Republican primary on Aug. 7. It’s not clear whether the verdict will affect his chances — or whether it will lead him and others to quietly retreat from claims of voter fraud. But the judge’s opinion and expert interviews reveal that Kobach effectively put the concept of mass voter fraud to the test — and the evidence crumbled.

Perhaps it was an omen. Before Kobach could enter the courtroom inside the Robert J. Dole U.S. Courthouse each day, he had to pass through a hallway whose walls featured a celebratory display entitled “Americans by Choice: The Story of Immigration and Citizenship in Kansas.” Photographs of people who’d been sworn in as citizens in that very courthouse were superimposed on the translucent window shades.

Public interest in the trial was high. The seating area quickly filled to capacity on the first day of trial on the frigid morning of March 6. The jury box was opened to spectators; it wouldn’t be needed, as this was a bench trial. Those who couldn’t squeeze in were sent to a lower floor, where a live feed had been prepared in a spillover room.

From the moment the trial opened, Kobach and his co-counsels in the Kansas secretary of state’s office, Sue Becker and Garrett Roe, stumbled over the most basic trial procedures. Their mistakes antagonized the judge. “Evidence 101,” Robinson snapped, only minutes into the day, after Kobach’s team attempted to improperly introduce evidence. “I’m not going to do it.”

Matters didn’t improve for Kobach from there.

Throughout the trial, his team’s repeated mishaps and botched cross examinations cost hours of the court’s time. Robinson was repeatedly forced to step into the role of law professor, guiding Kobach, Becker and Roe through courtroom procedure. “Do you know how to do the next step, if that’s what you’re going to do?” the judge asked Becker at one point, as she helped her through the steps of impeaching a witness. “We’re going to follow the rules of evidence here.”

Becker often seemed nervous. She took her bright red glasses off and on. At times she burst into nervous chuckles after a misstep. She laughed at witnesses, skirmished with the judge and even taunted the lawyers for the ACLU. “I can’t wait to ask my questions on Monday!” she shouted at the end of the first week, jabbing a finger in the direction of Dale Ho, the lead attorney for the plaintiffs. Ho rolled his eyes.

Roe was gentler — deferential, even. He often admitted he didn’t know what step came next, asking the judge for help. “I don’t — I don’t know if this one is objectionable. I hope it’s not,” he offered at one point, as he prepared to ask a question following a torrent of sustained objections. “I’ll let you know,” an attorney for the plaintiffs responded, to a wave of giggles in the courtroom. On the final day of trial, as Becker engaged in yet another dispute with the judge, Roe slapped a binder to his forehead and audibly whispered, “Stop talking. Stop talking.”

Kobach’s cross examinations were smoother and better organized, but he regularly attempted to introduce exhibits — for example, updated state statistics that he had failed to provide the ACLU in advance to vet — that Robinson ruled were inadmissible. As the trial wore on, she became increasingly irritated. She implored Kobach to “please read” the rules on which she based her rulings, saying his team had repeated these errors “ad nauseum.”

Kobach seemed unruffled. Instead of heeding her advice, he’d proffer the evidence for the record, a practice that allows the evidence to be preserved for appeal even if the trial judge refuses to admit it. Over the course of the trial, Kobach and his team would do this nearly a dozen times.

Eventually, Robinson got fed up. She asked Kobach to justify his use of proffers. Kobach, seemingly alarmed, grabbed a copy of the Federal Rules of Civil Procedure — to which he had attached a growing number of Post-it notes — and quickly flipped through it, trying to find the relevant rule.

The judge tried to help. “It’s Rule 26, of course, that’s been the basis for my rulings,” she told Kobach. “I think it would be helpful if you would just articulate under what provision of Rule 26 you think this is permissible.” Kobach seemed to play for time, asking clarifying questions rather than articulating a rationale. Finally, the judge offered mercy: a 15-minute break. Kobach’s team rushed from the courtroom.

It wasn’t enough to save him. In her opinion, Robinson described “a pattern and practice by Defendant [Kobach] of flaunting disclosure and discovery rules.” As she put it, “it is not clear to the Court whether Defendant repeatedly failed to meet his disclosure obligations intentionally or due to his unfamiliarity with the federal rules.” She ordered Kobach to attend the equivalent of after-school tutoring: six hours of extra legal education on the rules of civil procedure or the rules of evidence (and to present the court with a certificate of completion).

It’s always a bad idea for a lawyer to try the patience of a judge — and that’s doubly true during a bench trial, when the judge will decide not only the law, but also the facts. Kobach repeatedly annoyed Robinson with his procedural mistakes. But that was nothing next to what the judge viewed as Kobach’s intentional bad faith.

This view emerged in writing right after the trial — that’s when Robinson issued her ruling finding Kobach in contempt — but before the verdict. And the conduct that inspired the contempt finding had persisted over several years. Robinson concluded that Kobach had intentionally failed to follow a ruling she issued in 2016 that ordered him to restore the privileges of 17,000 suspended Kansas voters.

In her contempt ruling, the judge cited Kobach’s “history of noncompliance” with the order and characterized his explanations for not abiding by it as “nonsensical” and “disingenuous.” She wrote that she was “troubled” by Kobach’s “failure to take responsibility for violating this Court’s orders, and for failing to ensure compliance over an issue that he explicitly represented to the Court had been accomplished.” Robinson ordered Kobach to pay the ACLU’s legal fees for the contempt proceeding.

That contempt ruling was actually the second time Kobach was singled out for punishment in the case. Before the trial, a federal magistrate judge deputized to oversee the discovery portion of the suit fined him $1,000 for making “patently misleading representations” about a voting fraud document Kobach had prepared for Trump. Kobach paid the fine with a state credit card.

More than any procedural bumbling, the collapse of Kobach’s case traced back to the disintegration of a single witness.

The witness was Jesse Richman, a political scientist from Old Dominion University, who has written studies on voter fraud. For this trial, Richman was paid $5,000 by the taxpayers of Kansas to measure non-citizen registration in the state. Richman was the man who had to deliver the goods for Kobach.

With his gray-flecked beard and mustache, Richman looked the part of an academic, albeit one who seemed a bit too tall for his suit and who showed his discomfort in a series of awkward, sudden movements on the witness stand. At moments, Richman’s testimony turned combative, devolving into something resembling an episode of The Jerry Springer Show. By the time he left the stand, Richman had testified for more than five punishing hours. He’d bickered with the ACLU’s lawyer, raised his voice as he defended his studies and repeatedly sparred with the judge.

“Wait, wait, wait!” shouted Robinson at one point, silencing a verbal free-for-all that had erupted among Richman, the ACLU’s Ho, and Kobach, who were all speaking at the same time. “Especially you,” she said, turning her stare to Richman. “You are not here to be an advocate. You are not here to trash the plaintiff. And you are not here to argue with me.”

Richman had played a small but significant part in the 2016 presidential campaign. Trump and others had cited his work to claim that illegal votes had robbed Trump of the popular vote. At an October 2016 rally in Wisconsin, the candidate cited Richman’s work to bolster his predictions that the election would be rigged. “You don’t read about this, right?” Trump told the crowd, before reading from an op-ed Richman had written for The Washington Post: “‘We find that this participation was large enough to plausibly account for Democratic victories in various close elections.’ Okay? All right?”

Richman’s 2014 study of non-citizen registration used data from the Cooperative Congressional Election Study — an online survey of more than 32,000 people. Of those, fewer than 40 individuals indicated they were non-citizens registered to vote. Based on that sample, Richman concluded that up to 2.8 million illegal votes had been cast in 2008 by non-citizens. In fact, he put the illegal votes at somewhere between 38,000 and 2.8 million — a preposterously large range — and then Trump and others simply used the highest figure.

Academics pilloried Richman’s conclusions. Two hundred political scientists signed an open letter criticizing the study, saying it should “not be cited or used in any debate over fraudulent voting.” Harvard’s Stephen Ansolabehere, who administered the CCES, published his own peer-reviewed paper lambasting Richman’s work. Indeed, by the time Trump read Richman’s article onstage in 2016, The Washington Post had already appended a note to the op-ed linking to three rebuttals and a peer-reviewed study debunking the research.

None of that discouraged Kobach or Trump from repeating Richman’s conclusions. They then went a few steps further. They took the top end of the range for the 2008 election, assumed that it applied to the 2016 election, too, and further assumed that all of the fraudulent ballots had been cast for Clinton.

Some of those statements found their way into the courtroom, when Ho pressed play on a video shot by The Kansas City Star on Nov. 30, 2016. Kobach had met with Trump 10 days earlier and had brought with him a paper decrying non-citizen registration and voter fraud. Two days later, Trump tweeted that he would have won the popular vote if not for “millions of people who voted illegally.”

On the courtroom’s televisions, Kobach appeared, saying Trump’s tweet was “absolutely correct.” Without naming Richman, Kobach referred to his study: The number of non-citizens who said they’d voted in 2008 was far larger than the popular vote margin, Kobach said on the video. The same number likely voted again in 2016.

In the courtroom, Ho asked Richman if he believed his research supported such a claim. Richman stammered. He repeatedly looked at Kobach, seemingly searching for a way out. Ho persisted and finally, Richman gave his answer: “I do not believe my study provides strong support for that notion.”

To estimate the number of non-citizens voting in Kansas, Richman had used the same methodology he employed in his much-criticized 2014 study. Using samples as small as a single voter, he’d produced surveys with wildly different estimates of non-citizen registration in the state. The multiple iterations confused everyone in the courtroom.

“For the record, how many different data sources have you provided?” Robinson interjected in the middle of one Richman answer. “You provide a range of, like, zero to 18,000 or more.”

“I sense the frustration,” Richman responded, before offering a winding explanation of the multiple data sources and surveys he’d used to arrive at a half-dozen different estimates. Robinson cut him off. “Maybe we need to stop here,” she said.

“Your honor, let me finish answering your question,” he said.

“No, no. I’m done,” she responded, as he continued to protest. “No. Dr. Richman, I’m done.”

To refute Richman’s numbers, the ACLU called on Harvard’s Ansolabehere, whose data Richman had relied on in the past. Ansolabehere testified that Richman’s sample sizes were so small that it was just as possible that there were no non-citizens registered to vote in Kansas as 18,000. “There’s just a great deal of uncertainty with these estimates,” he said.

Ho asked if it would be accurate to say that Richman’s data “shows a rate of non-citizen registration in Kansas that is not statistically distinct from zero?”

“Correct.”

The judge was harsher than Ansolabehere in her description of Richman’s testimony. In her opinion, Robinson unloaded a fusillade of dismissive adjectives, calling Richman’s conclusions “confusing, inconsistent and methodologically flawed,” and adding that they were “credibly dismantled” by Ansolabehere. She labeled elements of Richman’s testimony “disingenuous” and “misleading,” and stated that she gave his research “no weight” in her decision.

One of the paradoxes of Kobach is that he has become a star in circles that focus on illegal immigration and voting fraud despite poor results in the courtroom. By ProPublica’s count, Kobach chalked up a 2–6 won-lost record in federal cases in which he was played a major role, and which reached a final disposition before the Kansas case.

Those results occurred when Kobach was an attorney for the legal arm of the Federation for American Immigration Reform from 2004 to 2011, when he became secretary of state in Kansas. In his FAIR role (in which he continued to moonlight till about 2014), Kobach traveled to places like Fremont, Nebraska, Hazleton, Pennsylvania, Farmers Branch, Texas, and Valley Park, Missouri, to help local governments write laws that attempted to hamper illegal immigration, and then defend them in court. Kobach won in Nebraska, but lost in Texas and Pennsylvania, and only a watered down version of the law remains in Missouri.

The best-known law that Kobach helped shape before joining the Kansas government in 2011 was Arizona’s “show me your papers” law. That statute allowed police to demand citizenship documents for any reason from anyone they thought might be in the country illegally. After it passed, the state paid Kobach $300 an hour to train law enforcement on how to legally arrest suspected illegal immigrants. The Supreme Court gutted key provisions of the law in 2012.

Kobach also struggled in two forays into political campaigning. In 2004, he lost a race for Congress. He also drew criticism for his stint as an informal adviser to Mitt Romney’s 2012 presidential campaign. Kobach was the man responsible for Romney’s much-maligned proposal that illegal immigrants “self-deport,” one reason Romney attracted little support among Latinos. Romney disavowed Kobach even before the campaign was over, telling media outlets that he was a “supporter,” not an adviser.

Trump’s election meant Kobach’s positions on immigration would be welcome in the White House. Kobach lobbied for, but didn’t receive, an appointment as Secretary of Homeland Security. He was, however, placed in charge of the voter fraud commission, a pet project of Trump’s. Facing a raft of lawsuits and bad publicity, the commission was disbanded little more than six months after it formally launched.

Back at home, Kobach expanded his power as secretary of state. Boasting of his experience as a law professor and scholar, Kobach convinced the state legislature to give him the authority to prosecute election crimes himself, a power wielded by no other secretary of state. In that role, he has obtained nine guilty pleas against individuals for election-related misdemeanors. Only one of those who pleaded guilty, as it happens, was a non-citizen.

He also persuaded Kansas’ attorney general to allow Kobach to represent the state in the trial of Kansas’ voting law. Kobach argued it was a bargain. As he told The Wichita Eagle at the time, “The advantage is the state gets an experienced appellate litigator who is a specialist in this field and in constitutional law for the cost the state is already paying, which is my salary.”

Kobach fared no better in the second main area of the Kansas City trial than he had in the first. This part explored whether there is a less burdensome way of identifying non-citizens than forcing everyone to show proof of citizenship upon registration. Judge Robinson would conclude that there were many alternatives that were less intrusive.

In his opening, Ho of the ACLU spotlighted a potentially less intrusive approach. Why not use the Department of Homeland Security’s Systematic Alien Verification for Entitlements System list, and compare the names on it to the Kansas voter rolls? That, Ho argued, could efficiently suss out illegal registrations.

Kobach told the judge that simply wasn’t feasible. The list, he explained, doesn’t contain all non-citizens in the country illegally — it contains only non-citizens legally present and those here illegally who register in some way with the federal government. Plus, he told Robinson, in order to really match the SAVE list against a voter roll, both datasets would have to contain alien registration numbers, the identifier given to non-citizens living in the U.S. “Those are things that a voter registration system doesn’t have,” he said. “So, the SAVE system does not work.”

But Kobach had made the opposite argument when he headed the voter fraud commission. There, he’d repeatedly advocated the use of the SAVE database. Appearing on Fox News in May 2017, shortly after the commission was established, Kobach said, “The Department of Homeland Security knows of the millions of aliens who are in the United States legally and that data that’s never been bounced against the state’s voter rolls to see whether these people are registered.” He said the federal databases “can be very valuable.”

A month later, as chief of the voting fraud commission, Kobach took steps to compare state information to the SAVE database. He sent a letter to all 50 secretaries of state requesting their voter rolls. Bipartisan outrage ensued. Democrats feared he would use the rolls to encourage states to purge legitimately registered voters. Republicans labelled the request federal overreach.

At trial, Kobach’s main expert on this point was Hans von Spakovsky, another member of the voter fraud commission. He, too, had been eager in commission meetings to match state voter rolls to the SAVE database.

But like Kobach, von Spakovsky took a different tack at trial. He testified that this database was unusable by elections offices. “In your experience and expertise as an election administrator and one who studies elections,” Kobach asked, “is [the alien registration number] a practical or even possible thing for a state to do in its voter registration database?” Von Spakovsky answered, “No, it is not.”

Von Spakovsky and Kobach have been friends for more than a decade. They worked together at the Department of Justice under George W. Bush. Kobach focused on immigration issues — helping create a database to register visitors to the U.S. from countries associated with terrorism — while von Spakovsky specialized in voting issues; he had opposed the renewal of the Voting Rights Act.

Von Spakovsky’s history as a local elections administrator in Fairfax County, Va., qualified him as an expert on voting fraud. Between 2010 and 2012, while serving as vice chairman of the county’s three-member electoral board, he’d examined the voter rolls and found what he said were 300 registered non-citizens. He’d pressed for action against them, but none came. Von Spakovsky later joined the Heritage Foundation, where he remains today, generating research that underpins the arguments of those who claim mass voter fraud.

Like Richman, von Spakovsky seemed nervous on the stand, albeit not combative. He wore wire-rimmed glasses and a severe, immovable expression. Immigration is a not-so-distant feature of his family history: His parents — Russian and German immigrants — met in a refugee camp in American-occupied Germany after World War II before moving to the U.S.

Von Spakovsky had the task of testifying about what was intended to be a key piece of evidence for Kobach’s case: a spreadsheet of 38 non-citizens who had registered to vote, or attempted to register, in a 20-year period in Sedgwick County, Kansas.

But the 38 non-citizens turned out to be something less than an electoral crime wave. For starters, some of the 38 had informed Sedgwick County that they were non-citizens. One woman had sent her registration postcard back to the county with an explanation that it was a “mistake” and that she was not a citizen. Another listed an alien registration number — which tellingly begins with an “A” — instead of a Social Security number on the voter registration form. The county registered her anyway.

When von Spakovsky took the stand, he had to contend with questions that suggested he had cherry-picked his data. (The judge would find he had.) In his expert report, von Spakovsky had referenced a 2005 report by the Government Accountability Office that polled federal courts to see how many non-citizens had been excused from jury duty for being non-citizens — a sign of fraud, because jurors are selected from voter rolls. The GAO report mentioned eight courts. Only one said it had a meaningful number of jury candidates who claimed to be non-citizens: “between 1 and 3 percent” had been dismissed on these grounds. This was the only court von Spakovsky mentioned in his expert report.

His report also cited a 2012 TV news segment from an NBC station in Fort Myers, Fla. Reporters claimed to have discovered more than 100 non-citizens on the local voter roll.

“Now, you know, Mr. von Spakovsky, don’t you, that after this NBC report there was a follow-up by the same NBC station that determined that at least 35 of those 100 individuals had documentation to prove they were, in fact, United States citizens. Correct?” Ho asked. “I am aware of that now, yes,” von Spakovsky replied.

That correction had been online since 2012 and Ho had asked von Spakovsky the same question almost two years before in a deposition before the trial. But von Spakovsky never corrected his expert report.

Under Ho’s questioning, von Spakovsky also acknowledged a false assertion he made in 2011. In a nationally syndicated column for McClatchy, von Spakovsky claimed a tight race in Missouri had been decided by the illegal votes of 50 Somali nationals. A month before the column was published, a Missouri state judge ruled that no such thing had happened.

On the stand, von Spakovsky claimed he had no knowledge of the ruling when he published the piece. He conceded that he never retracted the assertion.

Kobach, who watched the exchange without objection, had repeatedly made the same claim — even after the judge ruled it was false. In 2011, Kobach wrote a series of columns using the example as proof of the need for voter ID, publishing them in outlets ranging from the Topeka Capital-Journal to the Wall Street Journal and the Washington Post. In 2012, he made the claim in an article published in the Syracuse Law Review. In 2013, he wrote an op-ed for the Kansas City Star with the same example: “The election was stolen when Rizzo received about 50 votes illegally cast by citizens of Somalia.” None of those articles have ever been corrected.

Ultimately, Robinson would lacerate von Spakovsky’s testimony, much as she had Richman’s. Von Spakovsky’s statements, the judge wrote, were “premised on several misleading and unsupported examples” and included “false assertions.” As she put it, “His generalized opinions about the rates of noncitizen registration were likewise based on misleading evidence, and largely based on his preconceived beliefs about this issue, which has led to his aggressive public advocacy of stricter proof of citizenship laws.”

There was one other wobbly leg holding up the argument that voter fraud is rampant: the very meaning of the word “fraud.”

Kobach’s case, and the broader claim, rely on an extremely generous definition. Legal definitions of fraud require a person to knowingly be deceptive. But both Kobach and von Spakovsky characterized illegal ballots as “fraud” regardless of the intention of the voter.

Indeed, the nine convictions Kobach has obtained in Kansas are almost entirely made up of individuals who didn’t realize they were doing something wrong. For example, there were older voters who didn’t understand the restrictions and voted in multiple places they owned property. There was also a college student who’d forgotten she’d filled out an absentee ballot in her home state before voting months later in Kansas. (She voted for Trump both times.)

Late in the trial, the ACLU presented Lorraine Minnite, a professor at Rutgers who has written extensively about voter fraud, as a rebuttal witness. Her book, “The Myth of Voter Fraud,” concluded that almost all instances of illegal votes can be chalked up to misunderstandings and administrative error.

Kobach sent his co-counsel, Garrett Roe, to cross-examine her. “It’s your view that what matters is the voter’s knowledge that his or her action is unlawful?” Roe asked. “In a definition of fraud, yes,” said Minnite. Roe pressed her about this for several questions, seemingly surprised that she wouldn’t refer to all illegal voting as fraud.

Minnite stopped him. “The word ‘fraud’ has meaning, and that meaning is that there’s intent behind it. And that’s actually what Kansas laws are with respect to illegal voting,” she said. “You keep saying my definition” she said, putting finger quotes around “my.” “But, you know, it’s not like it’s a freak definition.”

Kobach had explored a similar line of inquiry with von Spakovsky, asking him if the list of 38 non-citizens he’d reviewed could be absolved of “fraud” because they may have lacked intent.

“No,” von Spakovsky replied, “I think any time a non-citizen registers, any time a non-citizen votes, they are — whether intentionally or by accident, I mean — they are defrauding legitimate citizens from a fair election.”

After Kobach concluded his questions, the judge began her own examination of von Spakovsky.

“I think it’s fair to say there’s a pretty good distinction in terms of how the two of you define fraud,” the judge said, explaining that Minnite focused on intent, while she understood von Spakovsky’s definition to include any time someone who wasn’t supposed to vote did so, regardless of reason. “Would that be a fair characterization?” she asked.

“Yes ma’am,” von Spakovsky replied.

The judge asked whether a greater number of legitimate voters would be barred from casting ballots under the law than fraudulent votes prevented. In that scenario, she asked, “Would that not also be defrauding the electoral process?” Von Spakovsky danced around the answer, asserting that one would need to answer that question in the context of the registration requirements, which he deemed reasonable.

The judge cut him off. “Well that doesn’t really answer my question,” she said, saying that she found it contradictory that he wanted to consider context when examining the burden of registration requirements, but not when examining the circumstances in which fraud was committed.

“When you’re talking about … non-citizen voting, you don’t want to consider that in context of whether that person made a mistake, whether a DMV person convinced them they should vote,” she said. Von Spakovsky allowed that not every improper voter should be prosecuted, but insisted that “each ballot they cast takes away the vote of and dilutes the vote of actual citizens who are voting. And that’s —”

The judge interrupted again. “So, the thousands of actual citizens that should be able to vote but who are not because of the system, because of this law, that’s not diluting the vote and that’s not impairing the integrity of the electoral process, I take it?” she said.

Von Spakovsky didn’t engage with the hypothetical. He simply didn’t believe it was happening. “I don’t believe that this requirement prevents individuals who are eligible to register and vote from doing so.” Later, on the stand, he’d tell Ho he couldn’t think of a single law in the country that he felt negatively impacted anyone’s ability to register or vote.

Robinson, in the end, strongly disagreed. As she wrote in her opinion, “the Court finds that the burden imposed on Kansans by this law outweighs the state’s interest in preventing noncitizen voter fraud, keeping accurate voter rolls, and maintaining confidence in elections. The burden is not just on a ‘few voters,’ but on tens of thousands of voters, many of whom were disenfranchised” by Kobach’s law. The law, she concluded, was a bigger problem than the one it set out to solve, acting as a “deterrent to registration and voting for substantially more eligible Kansans than it has prevented ineligible voters from registering to vote.”

ProPublica is a Pulitzer Prize-winning investigative newsroom. Sign up for their newsletter.


Money Transfer Scams Target Both Businesses And Consumers

Money transfer scams, also called wire transfer scams, target both businesses and consumers. The affected firms include both small and large businesses.

Businesses

The Federal Bureau of Investigation (FBI) calls theses scams "Business E-mail Compromise" (BEC), since the fraudsters often target executives within a company with phishing e-mails, designed to trick victims into revealing sensitive bank account and sign-in credentials (e.g., usernames, passwords):

"At its heart, BEC relies on the oldest trick in the con artist’s handbook: deception. But the level of sophistication in this multifaceted global fraud is unprecedented... Carried out by transnational criminal organizations that employ lawyers, linguists, hackers, and social engineers, BEC can take a variety of forms. But in just about every case, the scammers target employees with access to company finances and trick them into making wire transfers to bank accounts thought to belong to trusted partners—except the money ends up in accounts controlled by the criminals."

From January, 2015 to February 2017, there was a 1,300 percent increase in financial losses due to these scams, totaling $3 billion. To trick victims, criminals use a variety of online methods including spear-phishing, social engineering, identity theft, e-mail spoofing, and the use of malware. (If these terms are unfamiliar, then you probably don't know enough to protect yourself.) Malware, or computer viruses, are often embedded in documents attached to e-mail messages -- another reason not to open e-mail attachments from strangers.

Forbes Magazine reported in April:

"Fraudsters target the CEO's and CFO's at various companies and hack their computers. They collect enough information to learn the types of billing the company pays, who the payee's are and the average balances paid. They then spoof a customer or, in other words, take their identity, and bill the company with wire transfer instructions to a scam bank account."

Some criminals are particularly crafty, by pretending to be a valid customer, client or vendor; and use a slightly altered sender's e-mail address hoping the victim won't to notice. This technique is successful more often that you might think. Example: a valid sender's e-mail address might be johnson@XYZcompany.com, while the scammer uses johnson@XYZcompamy.com. Did you spot the alteration? If you didn't, then you've just wired money directly to the criminal's offshore account instead of to a valid customer, client, or vendor.

Scammers can obtain executives' e-mail addresses and information from unprotected pages on social networking sites and/or data breaches. So, the data breaches at Under Armour, Equifax, Fresenius, Uber, the Chicago Board of Elections, Yahoo, Nationwide, Verizon, and others could have easily provided criminals with plenty of stolen personal data to do plenty of damage; impersonating coworkers, business associates, and/or coworkers. Much of the stolen information is resold by criminals to other criminals. Trading stolen data is what many cyber criminals do.

There are several things executives can do to protect themselves and their business' money. Learn to recognize money transfer scams and phishing e-mails. Often, bogus e-mails or text messages contain spelling errors (e.g., in the message body) and/or contain a request to wire immediately an unusually large amount of money. Most importantly, the FBI recommends:

"The best way to avoid being exploited is to verify the authenticity of requests to send money by walking into the CEO’s office or speaking to him or her directly on the phone. Don’t rely on e-mail alone."

That means don't rely upon text messages either.

Consumers

Wiring money is like sending cash. To avoid losing money, it is important for consumers to learn to recognize money transfer scams, too. There are several versions, according to the U.S. Federal Trade Commission (FTC):

"1. You just won a prize but you have to pay fees to get the prize
2. You need to pay for something you just bought online before they send it
3. A friend is in trouble and needs your help
4. You got a check for too much money and you need to send back the extra"

Regular readers of this blog are already familiar with #4 -- also called "check scams." Instead of paper checks, scammers have upgraded to prepaid cards and/or wire transfers. The FTC also advises consumers to pause before doing anything, and then:

  • "If the person claims (via e-mail) to need money for an emergency, call them first. Call another family member. Verify first if something truly happened.
  • If the check received is too much money, call your bank before you deposit the check.  Ask your bank what they think about wiring money back to someone.
  • If the e-mail or phone caller says you received an inheritance or prize, "you do not have to pay for a prize. Ever.  Did they say you have an inheritance? Talk to someone you trust. What does that person think?"

If you have already sent money to a scammer, it's gone and you probably won't get it back. So, file a complaint with the FTC. Chances are the scammer will contact you again, since they (or their associates) were successful already. Don't give them any more money.


Medicare Scams Still Operate. How To Avoid Getting Your Identity Information Stolen

To minimize fraud, the new Medicare cards display a unique 11-digit identification number instead of patients' Social Security numbers. However, scammers have created a new tactic to trick patients into revealing their sensitive Medicare information. The Oregon Department of Justice warned:

"If someone calls and asks you for your personal information, money to activate the new card, or threatens to cancel your Medicare benefits if you don’t share your personal information, just hang up! It is a scam," said Attorney General Ellen Rosenblum.

Medicare will not call you nor ask for your Social Security number or bank information. That's good advice for patients nationwide. Experts estimate that Medicare loses about $60 billion yearly to con artists via a variety of scams.

Oregon residents suspecting healthcare fraud or wanting to report scammers, should contact Oregon's Department of Justice’s Consumer Protection (hotline: 1-877-877-9392 or www.oregonconsumer.gov). Consumers in other states should contact their state's attorney general, and/or report suspected fraud directly to Medicare.

The video below from 2017 includes advice about how patients should protect their Medicare cards.


Connecticut And Federal Regulators Announce $1.3 Million Settlement With Substance Abuse Healthcare Provider

Connecticut and federal regulators recently announced a settlement agreement to resolve allegations that New Era Rehabilitation Center (New Era), operating in New Haven and Bridgeport, submitted false claims to both state and federal healthcare programs. The office of George Jepsen, Connecticut Attorney General, announced that New Era:

"... and its co-founders and owners – Dr. Ebenezer Kolade and Dr. Christina Kolade – are enrolled as providers in the Connecticut Medical Assistance Program (CMAP), which includes the state's Medicaid program. As part of their practice, they provide methadone treatment services for patients dealing with opioid addiction. Most of their patients are CMAP beneficiaries.

During the relevant time period, CMAP reimbursed methadone clinics by paying a weekly bundled rate that included all of the services associated with methadone maintenance, including the patient's doses of methadone; the initial intake evaluation; a physical examination; periodic drug testing; and individual, group and family drug counseling... The state and federal governments alleged that, from October 2009 to November 2013, New Era and the Kolades engaged in a pattern and practice of billing CMAP weekly for the methadone bundled service rate and then also submitting a separate claim to the CMAP for virtually every drug counseling session provided to clients by using a billing code for outpatient psychotherapy. The state and federal governments further alleged that those psychotherapy sessions were actually the drug counseling sessions already included and reimbursed through the bundled rate."

These actions were part of the State of Connecticut's Inter-agency Fraud Task Force created in 2013 to investigate and prosecute healthcare fraud. The joint investigation included the Connecticut AT's office, the office of Connecticut U.S. Attorney John H. Durham, and the U.S. Health and Human Services, Office of Inspector General – Office of Investigations.

Connecticut Fight Fraud logo Terms of the settlement agreement require NERC to pay $1,378,533 in settlement funds. Of that amount, $881,945 will be returned to CMAP.

Connecticut residents suspecting healthcare fraud or abuse should contact the Attorney General’s Antitrust and Government Program Fraud Department (phone at 860-808-5040, or email at ag.fraud@ct.gov), or the Department of Social Services fraud (hotline at 1-800-842-2155, online at www.ct.gov/dss/reportingfraud, or email at providerfraud.dss@ct.gov). Residents in other states can contact their state's attorney general's office.


New Technologies Will Soon Make It More Difficult For Consumers To Spot Fake News

We've all heard the old saying: seeing is believing. Right? Not necessarily anymore.

New technologies  will soon make it very easy for bad actors to manipulate videos of people -- politicians, law enforcement officials, celebrities, or anyone -- to say things they never said. This will cause many problems, one of which will be the increasing difficulty, or impossibility, for consumers to spoke fake news. CBS News explained:

"It starts with a selfie. Using that simple image, Hao Li, CEO of Los Angeles-based Pinscreen, can manipulate someone's face. You can literally put words in someone else's mouth. Li said it's all part of building a new virtual chat room world, but this type of advanced artificial intelligence technology is raising real eyebrows... For example, someone could take an image of President Trump and make him say something he didn't really say. Li said these kind of things are already possible in some ways. Comedian Jordan Peele used lip sync technology in a public service announcement (PSA) out Tuesday, warning against the dangers of fake news..."

Below is the PSA by Peele, which has already gotten more than 2.3 million views:

This is more confirmation that artificial intelligence is ripe for misuse by bad actors. The CBS News report also described some of the efforts by software developers to quickly create tools to spot manipulated images and video. Here's why:

"... at Pinscreen, Li said it won't take long before the line between what's real or not is erased. "It might be a year actually." "

Watch the entire CBS News report. These new image/video detection tools can't come soon enough. Consumers will need them. Journalists, military, intelligence, government watch-dog agencies, and corporate executives will need them, too. One can easily imagine bad actors using A.I. and other new technologies to create fake endorsements by celebrities of products, services, and/or politicians they really didn't endorse. What are your opinions?


Securities & Exchange Commission Charges Former Equifax Executive With Insider Trading

Last week, the U.S. Securities and Exchange Commission (SEC) charged a former Equifax executive with insider trading. While an employee, Jun Ying allegedly used confidential information to dump stock and avoid losses before Equifax announced its massive data breach in September, 2017.

The SEC announced on March 14th that it had:

"... charged a former chief information officer of a U.S. business unit of Equifax with insider trading in advance of the company’s September 2017 announcement about a massive data breach that exposed the social security numbers and other personal information of about 148 million U.S. customers... The SEC’s complaint charges Ying with violating the antifraud provisions of the federal securities laws and seeks disgorgement of ill-gotten gains plus interest, penalties, and injunctive relief... According to the SEC’s complaint, Jun Ying, who was next in line to be the company’s global CIO, allegedly used confidential information entrusted to him by the company to conclude that Equifax had suffered a serious breach. The SEC alleges that before Equifax’s public disclosure of the data breach, Ying exercised all of his vested Equifax stock options and then sold the shares, reaping proceeds of nearly $1 million. According to the complaint, by selling before public disclosure of the data breach, Ying avoided more than $117,000 in losses... The U.S. Attorney’s Office for the Northern District of Georgia today announced parallel criminal charges against Ying."

The massive data breach affected about 143 million persons. Equifax announced in March, 2018 that even more people were affected, than originally estimated in its September, 2017 announcement.

MarketWatch reported that Ying:

"... found out about the breach on Friday afternoon, August 25, 2017... The SEC complaint says that Ying’s internet browsing history shows he learned that Experian’s stock price had dropped approximately 4% after the public announcement of [a prior 2015] Experian breach. Later Monday morning, Ying exercised all of his available stock options for 6,815 shares of Equifax stock that he immediately sold for over $950,000, and a gain of over $480,000... on Aug. 30, the global CIO for Equifax officially told Ying that it was Equifax that had been breached. One of the company’s attorneys, unaware that Ying had already traded on the information, told Ying that the news about the breach was confidential, should not be shared with anyone, and that Ying should not trade in Equifax securities. According the SEC complaint, Ying did not volunteer the fact that he had exercised and sold all of his vested Equifax options two days before. Equifax finally announced the breach on Sept. 7, and Equifax common stock closed at $123.23 the next day, a drop of $19.49 or nearly 14%..."


Report: Little Progress Since 2016 To Replace Old, Vulnerable Voting Machines In United States

We've know for some time that a sizeable portion of voting machines in the United States are vulnerable to hacking and errors. Too many states, cities, and town use antiquated equipment or equipment without paper backups. The latter makes re-counts impossible.

Has any progress been made to fix the vulnerabilities? The Brennan Center For Justice (BCJ) reported:

"... despite manifold warnings about election hacking for the past two years, the country has made remarkably little progress since the 2016 election in replacing antiquated, vulnerable voting machines — and has done even less to ensure that our country can recover from a successful cyberattack against those machines."

It is important to remember this warning in January 2017 from the Director of National Intelligence (DNI):

"Russian effortsto influence the 2016 US presidential election represent the most recent expression of Moscow’s longstanding desire to undermine the US-led liberal democratic order, but these activities demonstrated a significant escalation in directness, level of activity, and scope of effort compared to previous operations. We assess Russian President Vladimir Putin ordered an influence campaign in 2016 aimed at the US presidential election. Russia’s goals were to undermine public faith in the US democratic process... Russian intelligence accessed elements of multiple state or local electoral boards. Since early 2014, Russian intelligence has researched US electoral processes and related technology and equipment. DHS assesses that the types of systems we observed Russian actors targeting or compromising are not involved in vote tallying... We assess Moscow will apply lessons learned from its Putin-ordered campaign aimed at the US presidential election to future influence efforts worldwide, including against US allies and their election processes... "

Detailed findings in the BCJ report about the lack of progress:

  1. "This year, most states will use computerized voting machines that are at least 10 years old, and which election officials say must be replaced before 2020.
    While the lifespan of any electronic voting machine varies, systems over a decade old are far more likely to need to be replaced, for both security and reliability reasons... older machines are more likely to use outdated software like Windows 2000. Using obsolete software poses serious security risks: vendors may no longer write security patches for it; jurisdictions cannot replace critical hardware that is failing because it is incompatible with their new, more secure hardware... In 2016, jurisdictions in 44 states used voting machines that were at least a decade old. Election officials in 31 of those states said they needed to replace that equipment by 2020... This year, 41 states will be using systems that are at least a decade old, and officials in 33 say they must replace their machines by 2020. In most cases, elections officials do not yet have adequate funds to do so..."
  2. "Since 2016, only one state has replaced its paperless electronic voting machines statewide.
    Security experts have long warned about the dangers of continuing to use paperless electronic voting machines. These machines do not produce a paper record that can be reviewed by the voter, and they do not allow election officials and the public to confirm electronic vote totals. Therefore, votes cast on them could be lost or changed without notice... In 2016, 14 states (Arkansas, Delaware, Georgia, Indiana, Kansas, Kentucky, Louisiana, Mississippi, New Jersey, Pennsylvania, South Carolina, Tennessee, Texas, and Virginia) used paperless electronic machines as the primary polling place equipment in at least some counties and towns. Five of these states used paperless machines statewide. By 2018 these numbers have barely changed: 13 states will still use paperless voting machines, and 5 will continue to use such systems statewide. Only Virginia decertified and replaced all of its paperless systems..."
  3. "Only three states mandate post-election audits to provide a high-level of confidence in the accuracy of the final vote tally.
    Paper records of votes have limited value against a cyberattack if they are not used to check the accuracy of the software-generated total to confirm that the veracity of election results. In the last few years, statisticians, cybersecurity professionals, and election experts have made substantial advances in developing techniques to use post-election audits of voter verified paper records to identify a computer error or fraud that could change the outcome of a contest... Specifically, “risk limiting audits” — a process that employs statistical models to consistently provide a high level of confidence in the accuracy of the final vote tally – are now considered the “gold standard” of post-election audits by experts... Despite this fact, risk limiting audits are required in only three states: Colorado, New Mexico, and Rhode Island. While 13 state legislatures are currently considering new post-election audit bills, since the 2016 election, only one — Rhode Island — has enacted a new risk limiting audit requirement."
  4. "43 states are using machines that are no longer manufactured.
    The problem of maintaining secure and reliable voting machines is particularly challenging in the many jurisdictions that use machines models that are no longer produced. In 2015... the Brennan Center estimated that 43 states and the District of Columbia were using machines that are no longer manufactured. In 2018, that number has not changed. A primary challenge of using machines no longer manufactured is finding replacement parts and the technicians who can repair them. These difficulties make systems less reliable and secure... In a recent interview with the Brennan Center, Neal Kelley, registrar of voters for Orange County, California, explained that after years of cannibalizing old machines and hoarding spare parts, he is now forced to take systems out of service when they fail..."

That is embarrassing for a country that prides itself on having an effective democracy. According to BCJ, the solution would be for Congress to fund via grants the replacement of paperless and antiquated equipment; plus fund post-election audits.

Rather than protect the integrity of our democracy, the government passed a massive tax cut which will increase federal deficits during the coming years while pursuing both a costly military parade and an unfunded border wall. Seems like questionable priorities to me. What do you think?


2017 FTC Complaints Report: Debt Collection Tops The List. Older Consumers Better At Spotting Scams

Earlier this month,, the U.S. Federal Trade Commission (FTC) released its annual report of complaints submitted by consumers in the United States. The report is helpful is understand the most frequent types of scams and reports consumers experienced.

The latest report, titled 2017 Consumer Sentinel Network Data Book, includes complaints from 2.68 million consumers, a decrease from 2.98 million in 2016. However, consumers reported losing a total of $905 million to fraud in 2017, which is $63 million more than in 2016. The most frequent complaints were about debt collection (23 percent), identity theft (14 percent), and imposter scams (13 percent). The top 20 complaint categories:

Rank Category # Of
Reports
% Of
Reports
1 Debt Collection 608,535 22.74%
2 Identity Theft 371,061 13.87%
3 Imposter Scams 347,829 13.00%
4 Telephone & Mobile Services 149,578 5.59%
5 Banks & Lenders 149,316 5.58%
6 Prizes, Sweepstakes & Lotteries 142,870 5.34%
7 Shop-at-Home & Catalog Sales 126,387 4.72%
8 Credit Bureaus, Information
Furnishers & Report Users
107,473 4.02%
9 Auto Related 86,289 3.23%
10 Television and Electronic Media 47,456 1.77%
11 Credit Cards 45,428 1.70%
12 Internet Services 45,093 1.69%
13 Foreign Money Offers &
Counterfeit Check Scams
31,980 1.20%
14 Health Care 27,660 1.03%
15 Travel, Vacations &
Timeshare Plans
22,264 0.83%
16 Business & Job Opportunities 19,082 0.71%
17 Advance Payments for
Credit Services
17,762 0.66%
18 Investment Related 15,079 0.56%
19 Computer Equipment
& Software
9,762 0.36%
20 Mortgage Foreclosure Relief
& Debt Management
8,973 0.34%

While the median loss for all fraud reports in 2017 was $429, consumers reported larger losses in certain types of scams: travel, vacations and timeshare plans ($1,710); mortgage foreclosure relief and debt management ($1,200); and business/job opportunities ($1,063).

The telephone was the most frequently-reported method (70 percent) scammers used to contact consumers, and  wire transfers was the most frequently-reported payment method for fraud ($333 million in losses reported). Also:

"The states with the highest per capita rates of fraud reports in 2017 were Florida, Georgia, Nevada, Delaware, and Michigan. For identity theft, the top states in 2017 were Michigan, Florida, California, Maryland, and Nevada."

What's new in this report is that it details financial losses by age group. The FTC report concluded:

"Consumers in their twenties reported losing money to fraud more often than those over age 70. For example, among people aged 20-29 who reported fraud, 40 percent indicated they lost money. In comparison, just 18 percent of those 70 and older who reported fraud indicated they lost any money. However, when these older adults did report losing money to a scammer, the median amount lost was greater. The median reported loss for people age 80 and older was $1,092 compared to $400 for those aged 20-29."

Detailed information supporting this conclusion:

2017 FTC Consumer Sentinel complaints report. Reports and losses by age group. Click to view larger image

2017 FTC Consumer Sentinel complaints report. Median losses by age group. Click to view larger image

The second chart is key. Twice as many younger consumers (40 percent, ages 20 - 29) reported fraud losses compared to 18 percent of consumers ages 70 and older. At the same time, those older consumers lost more money. So, older consumers were more skilled at spotting scams and few fell victim to scams. It seems both groups could learn from each other.

CBS News interviewed a millennial who fell victim to a mystery-shopper scam, which seemed to be a slick version of the old check scam. It seems wise for all consumers, regardless of age, to maintain awareness about the types of scams. Pick a news source or blog you trust. Hopefully, this blog.

Below is a graphic summarizing the 2017 FTC report:

Ftc-complaints-report-2017


Mystery Package Scam Operating on Amazon Site. What It Is, The Implications, And Advice For Victims

Amazon logo Last fall, a couple living in a Boston suburb started receiving packages they didn't order from Amazon, the popular online retailer. The Boston Globe reported that the couple living in Acton, Massachusetts:

"... contacted Amazon, only to be told that the merchandise was paid for with a gift card. No sender’s name, no address. While they’ve never been charged for anything, they fear they are being used in a scam... The first package from Amazon landed on Mike and Kelly Gallivan’s front porch in October. And they have continued to arrive, packed with plastic fans, phone chargers, and other cheap stuff, at a rate of one or two a week."

The packages were delivered to the intended recipient. Nobody knows who sent the items: wireless chargers, a high-intensity flashlight, a Bluetooth speaker, a computer vacuum cleaner, LED tent lamps, USB cables, and more. After receiving 25 packages since October, the couple now wants it to stop. What seemed funny at first, is now a nuisance.

The Gallivans are not alone. CBC News reported that students at several universities in Canada have also received mystery packages containing a variety of items they didn't order:

"The items come in Amazon packaging, but there's no indication who's ordering the goods from the online retail giant. "We're definitely confused by it," said Shawn Wiskar, University of Regina Students' Union vice-president of student affairs. His student union has received about 15 anonymous packages from Amazon since late November, many of which contained multiple items. Products sent so far include iPad cases, a kitchen scale and a "fleshlight" — a male sex toy in the shape of a flashlight... Six other university student unions — Dalhousie in Halifax; St. Francis Xavier in Antigonish (Nova Scotia); Ryerson in Toronto; Wilfrid Laurier in Waterloo, Ontario; Royal Roads in Victoria; and the University of Manitoba in Winnipeg — have also confirmed that they've been receiving mysterious Amazon packages since the fall."

Experts speculate that the mystery packages were sent by fraudsters trying to game the retailer's review system. Consumers buy products on Amazon.com either directly from the retailer or from independent sellers listed on the site. The Boston Globe explained:

"Here’s how two experts who used to work for Amazon, James Thomson and Chris McCabe, say it probably works: A seller trying to prop up a product would set up a phony e-mail account that would be used to establish an Amazon account. Then the seller would purchase merchandise with a gift card — no identifying information there — and send it to a random person, in this case the Gallivans. Then, the phantom seller, who controls the “buyer’s” e-mail account, writes glowing reviews of the product, thus boosting the Amazon ranking of the product."

If true, then there probably are a significant number of bogus reviews on the Amazon site. The Boston Globe's news item also suggested that a data breach within a seller's firm might have provided scammers with valid mailing addresses:

"How did Mike, to whom the packages are addressed, get drawn into this? On occasion he’s ordered stuff on Amazon and received it directly from a manufacturer, once from China. That manufacturer or some affiliate may have scooped Mike’s name and address."

If true, then that highlights the downside of offshore outsourcing, where other countries don't mandate data breach disclosures. Earlier in 2017, a resident of Queens in New York City received packages with products she didn't order:

"... All she knows is that the sender is some guy named Kevin who uses Amazon gift cards... And she’s reported the packages to the NYPD, the FBI and the Better Business Bureau since Amazon hasn’t made the deliveries stop."

In that news report, a security expert speculated that criminals were testing stolen debit- and gift-card numbers. Did a seller have a data breach which went unreported? Lots of questions and few answers.

Security experts advise consumers to report packages they didn't order to various law enforcement and agencies, as the Queens resident did. Ultimately, her deliveries stopped, but not for the Gallivans.

Amazon has been unable to identify the perpetrators. At press time, a search of Amazon's Help and Customer Service site section failed to find content helping consumers victimized by this scam.

Perhaps, it is time for law enforcement and the U.S. Federal Trade Commission to step in. Regardless, we consumers will probably hear more news in the future about this scam.


Net Neutrality: Massachusetts Joins Multi-State Lawsuit Against FCC. What Next?

The Attorney General (AG) for the Commonwealth of Massachusetts is suing the U.S. Federal Communications Commission (FCC) after the FCC voted on December 14th to repeal existing net neutrality rules protecting consumers. Maura Healey, the Massachusetts AG, announced that her office has joined a multi-state lawsuit with the New York State AG:

"... joined New York Attorney General Eric T. Schneiderman in announcing that they will be filing a multi-state lawsuit against the Federal Communications Commission (FCC) over its vote to rollback net neutrality protections...The FCC recently issued a proposed final order rolling back net neutrality protections and on December 14th, voted 3-2 on party lines to implement the final order. On December 13th, AG Healey joined a coalition of 18 attorneys general in sending a letter to the FCC after reports emerged that nearly two million comments submitted in support of the agency were fake."

AG Healey said about the multi-state lawsuit:

"With the FCC vote, Americans will pay more for the internet and will have fewer options... The agency has completely failed to justify this decision and we will be suing to stand up for the free exchange of ideas and to keep the American people in control of internet access."

The December 13th letter to the FCC about fake comments was signed by AGs from California, District of Columbia, Delaware, Hawaii, Iowa, Illinois, Kentucky, Massachusetts, Maryland, Maine, Mississippi, North Carolina, Oregon, Pennsylvania, Rhode Island, Virginia, Vermont, and Washington. The AGs' letter stated, in part:

"One of the most important roles that we perform is to prosecute fraud. It is a role we take extremely seriously, and one that is essential to a fair marketplace... The ‘Restore Internet Freedom’ proposal, also known as net neutrality rollback (WC Docket No. 17- 108) has far-reaching implications for the everyday life of Americans... Recent attempts by New York Attorney General Schneiderman to investigate supposed comments received by the FCC have revealed a pattern of facts that should raise alarm bells for every American about the integrity of the democratic process. A careful review of the publicly available information revealed a pattern of fake submissions using the names of real people. In fact, there may be over one million fake submissions from across the country. This is akin to identity theft on a massive scale – and theft of someone’s voice in a democracy is particularly concerning.

As state Attorneys General, many of our offices have received complaints from consumers indicating their distress over their names being used in such a manner. While we will investigate these consumer complaints through our normal processes, we urge the Commission to take immediate action and to cooperate with law enforcement investigations. Woven throughout the Administrative Procedures Act is a duty for rulemakers to provide information to the public and to listen to the public. We know from advising our rulemakers at the state level that listening to the public provides insights from a diversity of viewpoints. But, if the well of public comment has been poisoned by falsified submissions, the Commission may be unable to rely on public comments that would help it reach a legitimate conclusion to the rulemaking process. Or, it must give less weight to the public comments submitted which also undermines the process..."

The FCC ignored the AGs' joint letter about fraud and proceeded with its net-neutrality vote on December 14. FCC Chairman Ajit Pai had blown off the identity theft and fraud charges as maneuvers by desperate net neutrality advocates.

California AG Xavier Becerra said:

"... the FCC failed to do what is right... The FCC decided that consumers do not deserve free, open, and equal access to the internet. It decided to ignore the millions of Americans who voiced their strong support for our existing net neutrality rules. Here in California – a state that is home to countless start-ups and technology giants alike – we know that a handful of powerful companies should not dictate the sources for the information we seek..."

Residents in some states can use special sites to notify their state's AG about the misuse of their identity data in fake comments submitted to the FCC: Pennsylvania, New York.

The FCC under Chairman Pai seems to listen and respond to the needs of corporate internet service providers (ISPs), and not to consumers. A November 21 - 25 poll found that 52 percent of registered voters support the current rules, including 55 percent of Democrats and 53 percent of Republicans.

While that is down from prior polls, a majority support net neutrality rules. A poll by Mozilla and Ipsos in June, 2017 found overwhelming support across party lines: 76% of Americans, 81% of Democrats, and 73% of Republicans favor keeping net neutrality rules. The poll included approximately 1,000 American adults across the U.S. with 354 Democrats, 344 Republicans, and 224 Independents.

Before the FCC affirmed net neutrality rules in 2015, a poll by the Center for Political Communication at the University of Delaware in 2014 found strong and widespread support:

"... About 81 percent of Americans oppose allowing Internet providers like Comcast and Verizon to charge Web sites and services more if they want to reach customers more quickly... Republicans were slightly more likely to support net neutrality than Democrats. 81 percent of Democrats and 85 percent of Republicans in the survey said they opposed fast lanes."

Experts have debated the various ways of moving forward after the December 14th FCC vote. Wired reported:

"Most immediately, the activity will move to the courts... The most likely argument: that the commission’s decision violates federal laws barring agencies from crafting “arbitrary and capricious” regulations. After all, the FCC’s net neutrality rules were just passed in 2015... as capricious as the current FCC's about-face may seem, legal experts say the challenges won’t be a slam-dunk case. Federal agencies are allowed to change their minds about previous regulations, so long as they adequately explain their reasoning... The FCC's main argument for revoking the 2015 rules is that the regulations hurt investment in broadband infrastructure. But, as WIRED recently detailed, many broadband providers actually increased their investments, while those that cut back on spending told shareholders that the net neutrality rules didn't affect their plans. University of Pennsylvania Law School professor Christopher Yoo says courts generally defer to an agency's expertise in interpreting evidence submitted into the record... net neutrality advocates could also argue that the agency's decision-making process was corrupted by the flood of fake comments left by bots. But FCC Chair AJit Pai will argue that the agency discarded low-quality and repeated comments and focused only on matters of substance... A long-term solution to net neutrality will require Congress to pass laws that won't change every time control of the White House passes to another party... Senator John Thune (R-South Dakota) recently called for Congress to pass bipartisan net neutrality legislation. In 2015, Thune and Representative Fred Upton (R-Michigan) introduced a bill that would have banned blocking or slowing legal content, but limited the FCC's authority over internet service providers. It never moved forward. Thune is clearly hoping that growing demand from the public for net neutrality protections will bring more Republicans to the table... Senator Ron Wyden (D-Oregon) told WIRED earlier this year that he won't support a bill with weaker protections than the 2015 rules..."

President Trump appointed Pai as FCC Chairman in January, giving the Republican commissioners at the FCC a voting majority. Neither the President nor the White House staff said anything in its daily e-mail blast or in their website about the FCC vote; and instead discussed tax reform, general remarks about reducing regulation, and infrastructure (e.g., roads, bridges, tunnels).

Seems to me the internet is a key component of our country's infrastructure. What are your opinions? If your state isn't in the above list, we'd like to hear from you, too.


Doug Jones Wins In Alabama, Net Neutrality, And The FCC

[7:30 am EST] Congratulations to Doug Jones and his supporters for a stunning victory Tuesday in a special election in Alabama for the open U.S. Senate seat. His victory speech is available online. Late last month, Doug Jones tweeted this:

Later today, the commissioners at the U.S. Federal Communications Commission (FCC) will likely vote during their December 2017 Open Commission Meeting to kill net neutrality rules protecting consumers free and open internet access. The planned vote comes despite clear and mounting evidence of widespread identity theft by unknown persons to submit fake comments distorting and polluting FCC record and website soliciting feedback from the public.

Yesterday, FCC Commissioner Jessica Rosenworcel released the following press release:

"Upon receipt of a letter from New York Attorney General Eric Schneiderman stating that it now appears that two million Americans’ identities may have been misused in the FCC record and a separate letter from 18 State Attorneys General calling on the FCC to delay its net neutrality vote because of its “tainted” record, FCC Commissioner Jessica Rosenworcel released the following statement:

“This is crazy. Two million people have had their identities stolen in an effort to corrupt our public record. Nineteen State Attorneys General from across the country have asked us to delay this vote so they can investigate. And yet, in less than 24 hours we are scheduled to vote on wiping out our net neutrality protections. We should not vote on any item that is based on this corrupt record. I call on my colleagues to delay this vote so we can get to the bottom of this mess.” "

Despite the widespread identity theft and fraud, FCC Chairman Ajit Pai has maintained his position to proceed with a vote today to kill net neutrality protections for consumers. President Trump appointed Pai as FCC Chairman in January, giving the Republican commissioners a majority when voting. Pai has blown off the identity theft and fraud charges as maneuvers by desperate net neutrality advocates.

[Update at 2:20 pm EST: earlier today, the FCC commissioners voted along party lines to kill existing net neutrality rules protecting consumers.]


Was Your Identity Information Misused To Submit Fake Comments To The FCC About Net Neutrality?

After creating a webpage specifically to help New York State residents determine if their identifies were misued for net neutrality comments, Attorney General Schneiderman announced:

"In the last five days alone, over 3,200 people have reported misused identities to the Attorney General’s office, including nearly 350 New Yorkers from across the state. Attorney General Schneiderman urges New Yorkers to continue to check whether their identity was misused and report it to his office in order to inform the investigation."

The webpage automatically links to only net neutrality (Docket 17-108) comments with the U.S. Federal Communications Commission (FCC)  site. So, at least 3,200 persons have confirmed the misuse of their identity information by unknown persons (or bots) to pollute feedback by the public about net neutrality rules protecting consumers' broadband freedoms. You'd think that FCC Chairman Ajit Pai would be concerned about the pollution and fraud; and would delay the upcoming December 14th vote regarding net neutrality. But he's not and blew off the fake comments allegations, as explained in this earlier blog post.

You might think that Chairman Pai and the FCC would be concerned about pollution and fraud in feedback submitted to the FCC site, given the massive Equifax data breach in September which exposed the data elements (e.g., name, street addresses) criminals and fraudsters could easily use to submit fake comments.

This makes one wonder if the FCC can be trusted under Chairman Pai's leadership. Hopefully, Attorneys General in other states will provide similar webpages to help residents in their states... and not only for comments about net neutrality.

Being curious, I visited the webpage by AG Schneiderman. It instructed:

"The Office of the New York State Attorney General is investigating whether public comments regarding net neutrality rules wrongfully used New Yorkers’ identities without their consent. We encourage you to search the FCC’s public comment website and tell us if you see any comments that misuse your name and address.

First, search below to find any comments that may have misused your identity. If results appear, click on any comment that uses your name, and when the comment appears review the name, the address, and the comment text. (If no results appear, your identity most likely was not misused.)"

You don't need to be a New York State resident to use this online tool. My initial search produced 1,046, so I narrowed it by entering my name in quotations ("George Jenkins") for a more precise match. That second search produced 40 comments about net neutrality (e.g., Docket 17-108), a manageable number. I browsed the list which included my valid comment submitted during May, 2017.

I did not see any other comments using my name and address. That's good because I only submitted one comment. I noticed comments by persons with the same name in other states. That seems okay. It's reasonable to expect multiple persons with the same name in a country with a population of about 360 million people.

I did not check the addresses of the other persons with the same name. I realize that could easily hide synthetic ID-theft. In traditional synthetic ID-theft, criminals mix stolen (valid) Social Security numbers with other persons' names to avoid detection. In the ECFS comments system, one could enter valid names with fake addresses; or vice-versa. I hope that AG Schneiderman's fraud analysis also checks for both types of synthetic ID-theft: 1) fake names at real addresses, and 2) real names at fake addresses.

If I had found fraudulent entries, I would have notified AG Schneiderman, the Attorney General's office in the state where I live, and the FCC.

Did you check for misuse of your identity information? What did you find?


Futurism: Your Life Without Net Neutrality Protections

Federal communications Commission logo You've probably heard that Ajit Pai, the Chairman of the U.S. Federal Communications Commission (FCC), is leading his agency towards a vote on December 14, 2017 to kill net neutrality. How will consumers' online lives change? Futurism described what your online life will be like without net neutrality:

"You’re at work and want to check Facebook on your lunch break to see how your sister is doing. This is not exactly a straightforward task, as your company uses Verizon. You’re not about to ask your boss if they’d consider putting up the extra cash every month so that you can access social media in the office, so you’ll have to wait until you get home.

That evening, you log in to pay your monthly internet bill — or rather, bills.

See, there’s the baseline internet cost, but without net neutrality, you also have to pay a separate monthly fee for social media, another for "leisure" pages like Reddit and Imgur, and another still for liberal-leaning news sites — because your provider’s CEO is politically conservative. Not only is your bill confusing, you’re not sure you can really afford to access all these websites that, at one point in time, you took for granted.

In addition to the sites you can access if you pay for them, there are also websites that have just become lost to you. Websites that you once frequented, but that now, you aren’t even sure how to access anymore. You can’t even pay to access them. You used to like reading strange Wikipedia articles late at night and cruising for odd documentaries — but now, all those interests that once entertained and educated you in your precious and minimal free time are either behind yet another separately provided paywall or blocked entirely. You’ve started to ask around, see if your friends or coworkers with other providers have better access... but the story is pretty much always the same."

Net neutrality meme highlighting blocked content. Click to view larger version In short, without net neutrality:

  1. You will lose the freedom to use the internet bandwidth you've purchased monthly as you desire;
  2. Corporate internet service providers (ISPs) increase their their revenues and profits by adding tolls to each package in a sliced-and-diced approach to internet content;
  3. Your internet bill will become just as confusing, frustrating, and expensive as your cable-TV bill, where ISPs force you to buy several expensive packages of sites in order to access your favorite sites;
  4. The new, expensive tolls allow ISPs to decide what internet content you see and don't see. Sites or content producers unwilling to pay fees to ISPs will find their content blocked or relegated to "slow" speed lanes; and
  5. Both middle-class and poor online users will bear the brunt of the price increases.

If you think this can't happen in the United States, consider:

"Some countries are already living this reality. In New Zealand, Vodafone offers mobile internet packages that are comprised of different types of services. You might have to pay a certain amount to access social apps like Snapchat and Instagram, and a separate fee to chat with friends via Facebook Messenger and iMessage. A similar framework is used by Portugal’s MEO, where messaging, social media, music streaming, video streaming, and email are also split into separate packages.

Long ago, FCC Chairman Pai made his position clear. Breitbart News reported on April 28, 2017:

"Federal Communications Commission (FCC) Chairman Ajit Pai told Breitbart News in an exclusive interview that an open and free internet is vital for America in the 21st century. During a speech at the Newseum on Wednesday, Pai said he plans to roll back the net-neutrality regulations and to restore the light-touch regulatory system established by President Bill Clinton and Congressional Republicans by the 1996 Telecommunications Act... Chairman Pai said during his speech that the internet prospered before net neutrality was enacted... Breitbart News asked the FCC chief why he thinks that net neutrality is a problem, and why we must eliminate the rule. He said: "Number one there was no problem to solve, the internet wasn’t broken in 2015. In that situation, it doesn’t seem me that preemptive market-wide regulation is necessary. Number two, even if there was a problem, this wasn’t the right solution to adopt. These Title II regulations were inspired during the Great Depression to regulate Ma Bell which was a telephone monopoly. And the broadband market we have is very different from the telephone market of 1934. So, it seems to me that if you have 4,462 internet service providers and if a few of them are behaving in a way that is anti-competitive or otherwise bad for consumer welfare then you take targeted action to deal with that. You don’t declare the entire market anti-competitive and treat everyone as if they are a monopolist. Going forward we are going to propose eliminating that Title II classification and figure out the right way forward. The bottom line is, everyone agrees on the principles of a free and open internet what we disagree with is how many regulations are needed to preserve the internet." "

Note the language. Pai uses "free and open internet" to refer to freedoms for ISPs to do what they want; a slick attempt to co-opt language net neutrality proponentsused for freedoms for consumers go online where they want without additional fees. Pai's "Light touch" means fewer regulations for ISPS regardless of the negative consequences upon consumers. Pai's comments in April attempted to spin existing net neutrality laws as antiquated ("the telephone market of 1934"), when, in fact, net neutrality was established recently... in 2010. Even the same Breitbart News article admitted this:

"Net neutrality passed under former Democrat Tom Wheeler’s FCC in 2010."

Pai's exaggerations and falsehoods are astounding. Plenty of bogus claims by Pai and net neutrality critics. In January of this year, President Donald Trump appointed Ajit Pai, a former lawyer with Verizon, as the FCC Chairman. Earlier this year, CNN reported:

"More than 1,000 startups and investors have now signed an open letter to Pai opposing the proposal. The Internet Association, a trade group representing bigger companies like Facebook, Google, and Amazon, has also condemned the plan. "The current FCC rules are working for consumers and the protections need to be kept in tact," Michael Beckerman, president and CEO of the Internet Association, said at a press conference Wednesday."

Regular readers of this blog are aware that more than "a few" ISPs committed abused consumers and content producers. (A prior blog post listed many historical problems and abuses of consumers by some ISPs.) Also, consider this: Pai made his net-neutrality position clear long before the public submitted comments to the FCC this past summer. Sounds like he never really intended to listen to comments from the public. Not very open minded.

As bad it all of this sounds, it's even worse. How? An FCC Commissioner, 28 U.S. senators, and the New York State Attorney General (AG) have lobbied FCC Chairman Pai to delay the net neutrality vote planned by the FCC on December 14, due to clear and convincing evidence of the massive fraud of comments submitted to the FCC's online commenting system.

In short, the FCC's online comments system is corrupted, hacked, and unreliable. The group (e.g., FCC commissioner, 28 Senators, and NY State AG) also objects to the elimination of net neutrality on the merits.

The fraud evidence is pretty damning, but Chairman Pai seems intent upon going ahead with a vote to kill net neutrality despite the comments fraud. Why? How? Ars Technica reported on December 4th:

"FCC Chairman Ajit Pai says that net neutrality rules aren't needed because the Federal Trade Commission can protect consumers from broadband providers... When contacted by Ars, Pai's office issued this statement in response to the [delay request] letter: "This is just evidence that supporters of heavy-handed Internet regulations are becoming more desperate by the day as their effort to defeat Chairman Pai's plan to restore Internet freedom has stalled. The vote will proceed as scheduled on December 14."

I find the whole process deeply disturbing. First, only 28 U.S. Senators seem concerned about the massive comments fraud. Why aren't all 100 concerned? Second, why aren't any House members concerned? Third, President Trump hasn't said anything about it. (This makes one wonder if POTUS45 either doesn't care consumers are hurt, or is asleep at the wheel.) Elected officials in positions of responsibility seem willing to ignore valid concerns.

Logo-verizon-protestsMany consumers are concerned, and protests to keep net neutrality are scheduled for later today outside Verizon stores nationwide. What do you think?


'Tens Of Thousands' Of Fake Comments Submitted. New York State Attorney General Demands Answers From the FCC

Just before the Thanksgiving holiday, the attorney general for the New York State sent an open letter to the U.S. Federal Communications Commission (FCC) about fake comments submitted to the agency's online comments system. Eric T. Schneiderman directed his letter to FCC Chairman Ajit Pai. It read in part:

"Recent press reports suggest that the Federal Communications Commission (FCC), under your leadership, soon will release rules to dismantle your agency’s existing “net neutrality” protections under Title II of the Communications Act, which shield the public from anti-consumer behaviors of the giant cable companies that provide high-speed internet to most people... Yet the process the FCC has employed to consider potentially sweeping alterations to current net neutrality rules has been corrupted by the fraudulent use of Americans’ identities — and the FCC has been unwilling to assist my office in our efforts to investigate this unlawful activity.

Specifically, for six months my office has been investigating who perpetrated a massive scheme to corrupt the FCC’s notice and comment process through the misuse of enormous numbers of real New Yorkers’ and other Americans’ identities. Such conduct likely violates state law— yet the FCC has refused multiple requests for crucial evidence in its sole possession that is vital to permit that law enforcement investigation to proceed.

In April 2017, the FCC announced that it would issue a Notice of Proposed Rulemaking concerning repeal of its existing net neutrality rules. Federal law requires the FCC and all federal agencies to take public comments on proposed rules into account — so it is important that the public comment process actually enable the voices of the millions of individuals and businesses who will be affected to be heard. That’s important no matter one’s position on net neutrality, environmental rules, and so many other areas in which federal agencies regulate.

In May 2017, researchers and reporters discovered that the FCC’s public comment process was being corrupted by the submission of enormous numbers of fake comments concerning the possible repeal of net neutrality rules. In doing so, the perpetrator or perpetrators attacked what is supposed to be an open public process by attempting to drown out and negate the views of the real people, businesses, and others who honestly commented on this important issue. Worse, while some of these fake comments used made up names and addresses, many misused the real names and addresses of actual people... My office analyzed the fake comments and found that tens of thousands of New Yorkers may have had their identities misused in this way... Impersonation and other misuse of a person’s identity violates New York law, so my office launched an investigation... So in June 2017, we contacted the FCC to request certain records related to its public comment system that were necessary to investigate which bad actor or actors were behind the misconduct. We made our request for logs and other records at least 9 times over 5 months: in June, July, August, September, October (three times), and November.

We reached out for assistance to multiple top FCC officials, including you, three successive acting FCC General Counsels, and the FCC’s Inspector General. We offered to keep the requested records confidential, as we had done when my office and the FCC shared information and documents as part of past investigative work. Yet we have received no substantive response to our investigative requests. None."

According to an analysis by the New York State AG's office, "tens of thousands" of fraudulent comment were submitted affecting residents not only in New York but also in California, Georgia, Missouri, Ohio, Pennsylvania, and Texas. Clearly, this is both very troubling and unacceptable.

The FCC is supposed to accept comments without tampering and to weigh comments submitted by the public (e.g., consumers, businesses, technology experts, legal experts, etc.) equally to arrive at a decision based upon the majority of comments. If a sizeable portion of the comments submitted were fraudulent, then any FCC decision to kill net neutrality is (at best) both flawed and in error; and (at worst) illegal and undermines both the process and the public's trust.

AG Schneiderman's letter to the FCC is also available on the Medium site. It is most puzzling that the FCC and Chairman Pai have refused data requests since June. What are they hiding? The FCC must balance often competing needs of consumers and industry.

Consumers are very concerned about plans by the FCC to kill net neutrality. Consumers are concerned that their internet needs are not being addressed by the FCC, and that our monthly broadband costs will rise. There is so much concerns that protests are scheduled for December 7th outside Verizon stores. Killing net neutrality may be great for telecom and providers' profits, but it's bad for consumers.

Clearly, the FCC should not make any decisions regarding net neutrality, or any other business, until the fake comments allegations have been answered and resolved. And, an investigation should happen soon. As AG Schneiderman wrote:

"We all have a powerful reason to hold accountable those who would steal Americans’ identities and assault the public’s right to be heard in government rulemaking. If law enforcement can’t investigate and (where appropriate) prosecute when it happens on this scale, the door is open for it to happen again and again."

Democracy and consumers lose if the FCC kills net neutrality. What do you think?


FCC Approved Plan To Allow Telecom Companies To Block Robocalls

Last week, commissioners at the U.S. Federal Communications Commission (FCC) voted to allow telecommunications companies to block automated phone calls, known as robocalls, by scammers.

Unwanted calls, including illegal robocalls, are a leading complaint by consumers. Some experts estimated that consumers in the United States received about 2.4 billion robocalls per month during 2016. Many tools make it cheap and easy to make for scammers to both make robocalls and to "spoof" -- or hide -- the caller’s true identity (e.g.,, Caller ID information). The robocalls usually try to trick consumers into revealing sensitive personal and financial information.

The FCC announcement stated that the agency:

"... approved new rules to protect consumers from unwanted robocalls, allowing phone companies to proactively block calls that are likely to be fraudulent because they come from certain types of phone numbers... For example, perpetrators have used IRS phone numbers that don’t dial out to impersonate the tax agency, informing the people who answer that they are calling to collect money owed to the U.S. government. Such calls appear to be legitimate to those who receive them and can result in fraud or identity theft.

To combat these scams, the new rules approved today expressly authorize voice service providers to block robocalls that appear to be from telephone numbers that do not or cannot make outgoing calls... [telecommunications companies] will be allowed to block calls purporting to be from a phone number placed on a “do not originate” list by the number’s subscriber. They will also be allowed to block calls purporting to be from invalid numbers, like those with area codes that don’t exist..."

Neighbor spoofing is a huge problem and part of the robocall fraud. FCC Chairman Ajit Pai released a statement, which said:

"... the FCC’s top consumer protection priority is aggressively pursuing the scourge of illegal robocalls.  This Report and Order and Further Notice of Proposed Rulemaking is one more step toward fulfilling that commitment... It is important to stress that today’s action is deregulatory in nature. We aren’t piling more rules upon industry. Instead, we’re providing relief from FCC rules that are having the perverse effect of facilitating unlawful and unwanted robocalls."

Pai's statement failed to mention exactly which rules facilitated unlawful and unwanted robocalls. President Trump appointed Pai as FCC Chairman in January.

While this latest FCC action will somewhat help consumers, it won't stop all robocalls. Why? Consumer Reports explained:

"... that only a small percentage of the calls will end up being blocked. David Frankel, a California-based telecommunications professional who has taken up the fight against robocalls, says his analysis of 3.5 million robocall complaints to the Federal Trade Commission shows that the new rules would block only 10 percent of robocalls, at best. And that would probably last for only a short period, he says, as robocallers no doubt change the techniques they use."

Commissioner Clyburn's comments acknowledged the limitations in her comments accompanying the FCC's announcement. Kudos to the agency for trying to help consumers. Hopefully, the FCC will do more for consumers especially since the agency under Chairman Pai's leadership has already hurt consumers by revoking broadband privacy rules, lowering broadband standards, and by moving to overturn net neutrality protections for consumers.

A final FCC vote to kill net neutrality is expected on December 14. Consumers want to decide how to use their high-speed internet connections to visit the sites they want to visit. Killing net neutrality would prevent this and allow internet service providers to create higher-cost "fast lanes" to some websites with "paid prioritization." That would be great for telecommunications companies' profits and bad for consumers with price increases; and internet bills as complicated and convoluted as cable TV bills.

Chairman Pai seems intent upon pleasing his corporate overlords while doing little to help consumers.


Consequences And New Threats From The Massive Equifax Breach

Equifax logo To protect themselves and their sensitive information, many victims of the massive Equifax data breach have signed up for the free credit monitoring and fraud resolution services Equifax arranged. That's a good start. Some victims have gone a step further and placed Fraud Alerts or Security Freezes on their credit reports at Equifax, Experian, and TransUnion. That's good, too. But, is that enough?

The answer to that question requires an understanding of what criminals can do with the sensitive information accessed stolen during the Equifax breach. Criminals can commit types of fraud which credit monitoring, credit report alerts, and freezes cannot stop. Consumer Reports (CR) explained:

"Freezing your credit report specifically at Equifax will also prevent crooks from registering as you at the government website, my Social Security, and block them from attempting to steal your Social Security benefits. But taking these steps won't protect you against every identity fraud threat arising from the Equifax data breach."

Sadly, besides credit and loan fraud the Equifax breach exposed breach victims to tax refund fraud, health care fraud, and driver's license (identity) fraud. This is what makes the data breach particularly nasty. CR also listed the data elements criminals use with each type of fraud:

"With your Social Security number, crooks can file false income tax returns in your name, take bogus deductions, and steal the resulting refund. More than 14,000 fraudulent 2016 tax returns, with $92 million in unwarranted refunds, were detected and stopped by the Internal Revenue Service (IRS) as of last March... Data from the Equifax breach can be used to steal your benefits from private health insurance, Medicare, or Medicaid when the identity thief uses your coverage to pay for his own medical treatment and prescriptions... Using your driver’s license number, identity thieves can create bogus driver’s licenses and hang their moving violations on you...."

The CR article suggested several ways for consumers to protect themselves from each type of fraud: a) request an Identity Protection PIN number from the IRS; b) request copies of your medical file from your providers and review your MIB Consumer File each year; and c) request a copy of your driving license record and get your free annual consumer report from ChexSystemsCertegy, and TeleCheck -  the three major check verification companies.

Never considered reviewing your tax account with the IRS? You can. Never heard of a Consumer MIB File? I'm not surprised. Most people haven't. I encourage consumers to read the entire CR article. While at the CR site, read their review of TrustedID Premier service which Equifax arranged for breach victims. It's an eye-opener.

Do these solutions sound like a lot of preventative work? They are. You have Equifax to thank for that. Will Equifax help breach victims with the time and effort required to research and implement the solutions CR recommended? Will Equifax compensate breach victims for the costs incurred with these solutions? These are questions breach victims should ask Equifax and TrustedID Premier.

Consumers and breach victims are slowly learning the consequences of a data breach are extensive. The consequences include time, effort, money, and aggravation. You might say breach victims have been mugged. Worse, consumers are saddled the burden from the consequences. That isn't fair. The companies making money by selling consumers' credit reports and information should be responsible for the burdens. Things are out of balance.

What are your opinions?


Here Comes The Post-Equifax-Breach Spam From Scammers

If you haven't received them yet, you probably will soon. Here comes the spam - unwanted e-mail messages - from scammers, supposedly related to the massive Equifax data breach. The spam will likely include phishing attacks: attempts to trick consumers into disclosing sensitive bank account and payment data.

What might this spam look like? The spam filter by my e-mail provider recently trapped the message below in my spam folder:

Suspected spam email. Click to view larger version

The sender's intent is to clearly leverage consumers' anxieties and fears about the massive, horrific Equifax breach. The e-mail message also states:

Suspected spam email. Click to view larger version

The message offers both three free credit scores and free credit reports. The problems I see with this e-mail:

  1. The message doesn't list a price for its offer. The company name -- FreeCreditClick -- implies the offer is free.
  2. Key items in the e-mail don't match. The company name in the "From" field doesn't match the e-mail address. Nor does the company name in the "From" field match the company name in the body of the message.
  3. The sender's e-mail address in the "From" field includes a version of an e-mail address I've seen before in other spam.
  4. The Equifax site already directs consumers affected by the data breach to an Equifax site to learn how to get protection (e.g., credit monitoring and fraud resolution services) for free.
  5.  The e-mail offers credit reports from the three major credit reporting agencies: Experian, Equifax, and TransUnion. Informed consumers know that the official website for free credit reports is annualcreditreport.com.
  6. Informed consumers know that while there are several brands of credit scores, they probably need a single good one.
  7. The e-mail contains order and unsubscribe links with destinations that doesn't match either the company's name in "1" nor "2."

To understand #7, I reviewed the underlying HTML markup language used to create this e-mail message:

HTML markup of the suspected spam email. Click to view larger version

The destinations for both the order link (A) and the unsubscribe link (B) contain the "proffbuilder.com" site and embedded redirect commands. The redirect commands could take your web browser anywhere. Too risky, so I did not click on them.

As best I can tell, this definitely is spam. I don't trust it. What do you think?


Wells Fargo: 1.4 Million More Fake Accounts Found By Latest Investigation

Wells Fargo logo Just before the long holiday weekend, Wells Fargo Bank announced in an August 31 news release the latest results of a third-party investigation into its retail bank account practices since 2009:

"The original account analysis reviewed 93.5 million current and former customer accounts opened in an approximately four and half year time period – from May 2011 through mid-2015 – and identified approximately 2.1 million potentially unauthorized accounts. The expanded analysis reviewed more than 165 million retail banking accounts opened over a nearly eight-year period – from January 2009 through September 2016 – and identified a new total of approximately 3.5 million potentially unauthorized consumer and small business accounts... In connection with these 3.5 million potentially unauthorized accounts, approximately 190,000 accounts incurred fees and charges, up from 130,000 previously identified accounts that incurred fees and charges, and Wells Fargo will provide a total of $2.8 million in additional refunds and credits on top of the $3.3 million previously refunded as a result of the original account review... a review of online bill pay services, as required by the Sept. 8, 2016, consent orders... the analysis identified approximately 528,000 potentially unauthorized online bill pay enrollments and Wells Fargo will refund $910,000 to customers who incurred fees or charges. "

To summarize: the latest investigation went two years further back in time, found about 1.4 million more phony accounts, found more customers affected by unauthorized bank accounts, and found possibly more phony online bill-pay enrollments. In a settlement agreement last year with the Consumer Financial Protection Bureau (CFPB), Wells Fargo paid a $185 million fine last year for alleged unlawful sales practices with the number of phony accounts known then.

Of course, the bank tried a different spin in its news release about the investigation's findings:

"... the completion of its previously announced expanded third-party review of retail banking accounts dating back to the beginning of 2009. Combined with a recent class action settlement and ongoing broad customer outreach and complaint resolution, the completion of the analysis further paves the way for making things right for Wells Fargo customers who may have been harmed by unacceptable retail sales practices."

Yeah, right. That sounds like some wayward teenager wanting praise for providing a complete list of damage to the family car which they didn't have permission nor a license to drive in the first place.

Much of Wall Street has seen through the spin. Some financial experts advise investors to sell Well Fargo shares and buy other banks' shares instead. One of the world's largest fund managers withheld support for three of the bank's directors. Some news headlines focused on the growing estimate of phony accounts uncovered. MSN Money listed reasons why the bank may not survive the growing scandal.

There is plenty of bad news. The Los Angels Times reported a lawsuit by former bank executives who claimed they were scapegoated and fired earlier this year after reporting unethical sales practices. News reports broke earlier this month about alleged insurance abuses of the bank's auto-loan customers.

Well, we now know more about the bank's retail banking practices. The latest announcement makes one wonder, a) how much damage one bank can do, and b) how many more phony accounts would have been uncovered if the investigation started before 2009. What are your opinions?


Neighbor Spoofing: What It Is And The Best Way To Stop It

A friend recently posted on social media:

"I get five to seven phone calls daily from a 617-388-(random) number. I keep blocking them but new ones keep calling. My number is a 617-388- number. I've called a few back and they're actually people's personal mobile numbers. What is going on?! Anyone know how to stop it?"

This is neighbor spoofing... where robocallers pretend to be neighbors with familiar looking phone numbers. NPR explained neighbor spoofing is:

"... when callers disguise their real phone numbers with a fake phone number that has the same area code and prefix as yours. The idea is you might be more likely to pick up because maybe you're thinking, this call could be my neighbor or my kid's school, someone I know... Even the chairman of the Federal Communications Commission, Ajit Pai, cannot escape... The calls have gotten so aggravating to Pai, he is doubling down and making the fight against spoofers a top priority for the FCC. Robocalls and telemarketers are the No. 1 complaint the agency gets from the public. New technology has made spoofing easier to do and harder to detect. Last year, people received about 2.5 billion robocalls every month...this spring, the FCC started investigating ways to let phone carriers block calls from spoofers..."

The best solution is a system where phone companies authenticate callers. That would stop or block neighbor spoofing. Until then, the FCC is using deterrence. Back in June, the FCC proposed a $120 million fine against a habitual robocall scammer, Adrian Abramovich, based in Florida:

"Over the course of several years, Abramovich's companies disrupted emergency services, bilked vulnerable consumers out of thousands of dollars and hurt legitimate businesses, the FCC contends... TripAdvisor was deluged by consumer complaints about robocalls that the company had not initiated or authorized. After conducting an internal investigation, TripAdvisor determined that the offending calls were linked to a Mexican hotel and resort chain that had contracted with Abramovich for advertising services."

Consumers interested in something they could do might consider Nomorobo, which works (landline or mobile) with many service providers. Users of Apple and Andorid OS phones might investigate Hiya. Windows and BlackBerry phone users can check the CTIA Wireless Association's guide for free (or low-cost) mobile apps to block robocalls.

Robocalls from schools, physicians, airlines, and law enforcement are helpful, while robocalls from scammers aren't. The best solution -- true authentication -- can't come fast enough. Consumers and businesses are suffering.

While I don't wish anything bad on anyone, I am happy that FCC Chairmann Pai is also directly feeling the pain. Perhaps, now he knows how consumers feel. The loss of broadband privacy and Pai's push to kill net neutrality annoy consumers almost as much as neighbor spoofing.


Real Scams, Real Cons and Fake Law Enforcement

[Editor's Note: Today's guest post is by Arkady Bukh of Bukh & Associates, PLLC which specializes in criminal law, family law, and several areas of civil law. Aware consumers know how to recognize scams.]

By Arkady Bukh, Esq.

A man in Nigeria died recently. When the coroner went to the home for the body, he found $25 BILLION dollars. Apparently, the decedent had been trying to give away his money for years, but no one answered his email.

If you've been on the Internet for over, say, one-hour, you recognize the source for that joke. The Nigerian email scam is so infamous it's been given its own, easily recognizable, name: The Nigerian Email Scam.

Despite scams and cons being popular online, they're not confined to the virtual world. They crop up in the real world, too. Often, in unexpected ways.

Pennsylvania Teen Tries to Scam and It Doesn’t Go Well at Home
Police in Westtown Township nabbed a teenage boy in March after linking the kid to a scam involving fake traffic tickets. The fraudulent fines were placed in mailboxes at four homes. Each fake ticket claimed the homeowners' vehicle was captured on camera speeding in nearby West Chester. An accompanying note asked for $96 to be left in the mailbox.

"It does look real," said Jackie McGlone, a West Chester resident.

Detectives have found the photographs of the vehicle's' plates were taken while the car was parked in their owner's' driveway and unoccupied.

Police tracked the 16-year old boy, who lives in the area, by a tip phoned in by the teenager's dad.

The teen's father found some notifications waiting to be mailed and called the police. Charges are pending.

Truckers Lose Big Money in Oregon
In 2013, an Oregon-based scam dug into the pockets of truck drivers with automated calls telling them to pay their unpaid traffic tickets using re-loadable debit cards — or face a penalty.

The caller identified himself as, "Alex James Murphy of the Oregon State Police," and informed drivers of a bench warrant for an outstanding speeding ticket. To pay, the drivers were told to buy re-loadable prepaid cards through Green Dot MoneyPak, put $154 on the card, and then call a second phone number to provide the card information.

If the driver does all that, they'll find out there was never an unpaid speeding ticket and their $154 has hit the road. The scam, which occasionally crops up in difference places, first appeared on the radar in November 2012 and had gone through a few variations since.

An offshoot which also relies on confusing the lines between a con artist and legitimate law enforcement agencies is the “Support Your Sheriff” sticker scam. The Federal Trade Commission's website has a page warning consumers about cons which play on citizens' desire to help support local law enforcement.

Fake Police
A vehicle which appears to be an unmarked police car pulls you over. The ‘officer' says you are about to be handed a large fine and see points added to your driver's license. "However," says the supposed-cop, "you can avoid this by paying a smaller fee, up front, in cash."

That's not a tactic used by legitimate law enforcement agencies anywhere. Real cops want to make sure the law is obeyed and not about a discount if a speeder pays on the front end. Legitimate cops will issue a real ticket that must be paid in person, or mail, at the department.

If in doubt, request another officer to come to the scene. It's your right.

Phishing Scam
Someone receives an e-mail message claiming them they are guilty of a traffic violation. A wise person will delete the email immediately. Any email saying you owe money for traffic tickets is a phishing scam.

Usually, the email says the person needs to pay for the traffic citation right now. The e-mail includes a link where the individual to find details. The link often contains a computer virus, and can redirect the user to a phishing page meant to request personal information from the user.

Buy a Sticker and Get Out of Jail Free
Scammers have called individuals at work and home at claiming the local Department of Public Safety (DPS) offers decals for autos with the DPS logo to waive their next traffic ticket.

The caller instructs the person to place the sticker next to the car's license plate. To get the sticker, the vehicle owner must pay $10. Many persons fall for the scam as $10 is smaller than any traffic ticket issued after 1946.

If you get a traffic citation, you broke the law. You will pay for that. There is no such thing as a law enforcement sticker which gets you one free traffic ticket.