The rules are clear and transparent enough, saying: "Prior to commenting, you will be prompted to log in, either by providing your e-mail address or by linking your comment to an existing account on a popular website such as Google, Facebook, Flickr, Instagram or Twitter.
"While your e-mail address will not be made public if you log in with a social media service, your picture, as well as a link to your profile will be posted alongside your comment."
However, this rule applies to blog posts from members of the FCC, including Ajit "Weed Whacker" Pai. It doesn't apply to the main net neutrality commenting process, which according to Ars Technica overrides that with the warning
"You are filing a document into an official FCC proceeding. All information submitted, including names and addresses, will be publicly available via the web."
Now, although you are not required to fill in an email address if you don't then you can't get a confirmation that your voice has been heard.
With nearly five million people commenting on the plan so far, this has the potential to affect a lot of people who didn't know that their email address was going into the public domain.
Here's the rub. The email address isn't on the page. That bit is hidden. It's on the FCC's API. So although you can't obviously see that your email address is being used, anyone who is using the data to crunch numbers over the content of comments, or worse still harvest a mailing list (totally illegal but since when has that stopped anyone) are going to have your details.
This is how the National Legal and Policy Centre (NLPC) were able to release a report claiming that a fifth of pro-net neutrality comments are fake.
Ironically, a whole bunch of anti-net neutrality comments have been found with email addresses that were taken from data breaches and submitted by spambots, and the FCC isn't acting on it.
"More than 465,322 pro-net neutrality comment submissions (close to 20 percent of all pro-net neutrality comments filed) were made in which either the filers' names were being submitted with the e-mail address of an obviously different person or in which the same e-mail address was used to file multiple comments—in some cases thousands of times."
It's like someone just gave you a millionaire's shortbread, and added extra caramel
A promise that should never have been needed.
Suddenly your security device is the most nickable thing in the house