Least Transparent FCC Ever Goes Dark as Former IT Chief Walks Back DDoS Attack Claims

Illustration for article titled Least Transparent FCC Ever Goes Dark as Former IT Chief Walks Back DDoS Attack Claims
Photo: Getty

A former FCC senior official who issued false statements to reporters, claiming a cyberattack hobbled the agency’s comment system in 2014 and that the ex-chairman ordered it kept quiet, is now backpedaling amid renewed scrutiny by U.S. lawmakers and a wholesale denial by the former chairman himself.


The FCC, meanwhile, has commenced a media blackout over the affair, refusing to address or even acknowledge questions from reporters for more than a week.

After the Federal Communications Commission’s comment system was battered by internet traffic in June 2014, then-agency IT chief David Bray repeatedly misportrayed the cause, claiming a malicious attack was a responsible. But until Commissioner Ajit Pai was appointed chairman of the agency in early 2017, Bray could only propagate his claims as an anonymous source—contradicting the findings of his agency’s own independent security contractors.

After the Obama-appointed chairman, Tom Wheeler, stepped down in early 2017, Bray’s claims became FCC canon; for the first time, the agency’s press office began echoing his allegations about denial-of-service attacks pounding the agency’s comment system years ago, until the story eventually appeared in a print edition of the Wall Street Journal, among other outlets.

But the story grew larger over time: As Gizmodo reported Tuesday, the FCC began telling journalists there was a reason this 2014 attack was never officially reported—the former chairman wanted it kept under wraps.

None of it was true.


On Wednesday, Wheeler confirmed major elements of Gizmodo’s reporting, which until now relied mainly on the accounts of current and former FCC officials who spoke on condition of anonymity and a trove of emails released under the Freedom of Information Act (FOIA). “FCC officials who were there at the time said it didn’t happen” and “independent IT contractors that were hired said it didn’t happen,” Wheeler said, adding: “So if it didn’t happen, it’s hard to have a cover-up for something that didn’t happen.” (Wheeler’s remarks were made during a taping of C-Span’s The Communicators, which airs Sunday, as first reported by Axios.)

The FCC has gone dark on this issue. It is refusing to answer questions from reporters. It is even refusing to go on the record to say it stands by its own story about a malicious cyberattack causing its system to crash for a second time last year. Notably, the claim it was attacked in May 2017 was first made by Bray, who is now shown to be a less-than-credible source.


The FCC continues to deny reporters and lawmakers access to any records that might demonstrate there’s a professional analysis supporting its more recent cyberattack claim. It is preventing hundreds of pages of related records from being disclosed through FOIA requests, citing the Trade Secrets Act and the deliberative process privilege, whereby the agency claims revealing the records would impair its ability to make sound decisions in the future.


Reached by Gizmodo, Bray walked back his accusation that the FCC’s silence over the non-exist 2014 cyberattack was Wheeler’s decision, saying that the concerns over potential “copycats” were actually his own, and that he would “not ascribe them to the former Chairman.” Further, Bray said that the phrase “the Chairman,” as used in his emails to reporters, was actually “short-hand” for his own work with the agency’s media relations department. (During the C-Span interview, Wheeler said he accepted Bray’s explanation.)

In four emails to Gizmodo on Wednesday, Bray also copied Brian Hart, FCC director of media relations, and concluded them by saying that all future inquiries should be addressed to Hart’s office. Hart did not respond to multiple emails for over a week. Newsweek and Ars Technica also received no response. When reached by Nextgov, the FCC declined to comment. 


But this is not entirely surprising, as the agency is steadily developing a reputation under Chairman Pai as one of the least transparent in the federal government. Its lack of transparency is aided in large part by a Republican-controlled Congress that has ignored its commitment to hold quarterly oversight hearings; left to its own devices, the agency is free to toil away in the dark and withhold from the public explanations for any of its questionable decisions or ethical controversies.


This is the will of the Trump administration. Over a year ago, the Justice Department provided the president’s counsel with a memo titled: “Authority of Individual Members of Congress to Conduct Oversight of the Executive Branch.” In it, a Trump-appointed deputy assistant outlined the legal arguments for why agencies such as the FCC have no obligation to respond to questions posed by the Democrat lawmakers who oversee them, without the GOP majority’s say so. Whether it is legally grounded or not is beside the point; the document itself was a signal to the FCC and other agencies that they’re free to ignore attempts at transparency outside the scarce and sporadic oversight hearings convened by high-ranked GOP lawmakers.

U.S. Representatives Frank Pallone, Jr. and Mike Doyle, ranking members of the Energy and Commerce Committee and Communications and Technology Subcommittee, respectively, issued a letter to majority leaders last week calling for an immediate FCC oversight hearing “to account for its repeated and willful evasiveness.” In a statement, the lawmakers wrote: “At the beginning of this Congress, the Committee’s Republican leadership committed to holding quarterly oversight hearings with the Commission but, six quarters later, only two hearings have been held.”


Last month, Democratic lawmakers openly criticized the FCC chairman for what they called a “lack of candor,” writing in a letter to Pai: “We are concerned that you have been unable to give complete responses to verbal questions, questions for the record, or oversight letters from our members.”

They can add to that list: potentially violating federal law by withholding records purely for the purpose of saving Pai from public embarrassment and refusing to engage with reporters whose job it is to cover the agency seriously on the public’s behalf—as opposed to, say, shooting videos of the chairman wearing a Santa Claus suit and dancing around him as he swings a toy lightsaber.


Got a tip about the FCC? Contact the reporter: dell@gizmodo.com

Senior Reporter, Privacy & Security



Good thing we drained the swamp. Could have been bad otherwise.