US government agencies can't just make up rules: they're require to show that the rules they make reflect the best evidence, and part of that is a "notice and comment" period for major policy shifts where the public gets to weigh in on proposals.
When Trump's FCC Chairman Ajit Pai decided to kill Net Neutrality, he knew he had to open his systems up for public comment, but the anti-Net-Neutrality side had that figured out: they flooded the FCC with millions of fraudulent comments that used stolen identities (dead people, people caught in massive breaches, sitting US Senators!) to rehearse a word-salad of cable lobbyist talking points against Net Neutrality.
Despite the mountains of evidence that the real comments were almost entirely in support of Net Neutrality, the FCC said it would give both bots and humans equal weight in its deliberations, and then it shut down the commenting system and stonewalled the States attorneys generals who were investigating the fake comments as a criminal matter.
Now, Gizmodo writers Dell Cameron and Jason Prechtel have done incredible work, using freedom of information act requests to correlate the precise moment at which known-fake comments appeared in the FCC's comment system with the API keys used to submit comments a few seconds before the fake comments were registered, and were thus able to produce a high-confidence guess about the identities of the astroturfers who violated federal laws and defrauded the US government and the American people in order to help Ajit Pai kill Net Neutrality.
The likely culprits are CQ Roll Call and the Center for Individual Freedom (CFIF).
CFIF may ring a bell or two: they're the dark-money group credited with masterminding the disinformation campaigns designed to defend Big Tobacco from cancer lawsuits. CQ Roll Call is the "advocacy" arm of a well-known DC news organization.
Records from both CFIF and CQ Roll Call have been subpoenaed by the New York Attorney General, along with records from 12 other groups, including the Taxpayers Protection Alliance and other well-known astroturf organizations.
Incidentally, one of Roll Call's reporters was physically accosted by security officials while trying to ask questions of Republican FCC Commissioner Michael O'Rielly following a May 2017, hearing about the net neutrality rules.
Beyond CQ, 12 additional entities were likewise subpoenaed by the New York attorney general, including Free Our Internet, an organization founded by a former Trump campaign statewide director; and Ethan Eilon, a GOP consultant, whose firm, Conservative Connector, received more than $31 million from the Trump campaign and Republican National Committee during 2016 election.
With patterns of repetitive text and timestamps consistently formatted across the data, it's possible that API submissions and FCC comments can be easily matched with a reasonably high degree of confidence. If a culprit is eventually found, it will likely be as a result of intense analysis of the API data, aided by the sloppiness of uploaders who left their digital fingerprints all over it.
How an Investigation of Fake FCC Comments Snared a Prominent D.C. Media Firm [Dell Cameron and Jason Prechtel/Gizmodo]