Arabic
Azerbaijani
Chinese (Traditional)
Danish
Dutch
English
French
German
Italian
Kazakh
Norwegian
Portuguese
Russian
Spanish
Swedish
Turkish
Ukrainian
Across the federal government, Elon Musk’s so-called Department of Government Efficiency (DOGE) has gained access to untold volumes of data containing the personal information of hundreds of millions of Americans. The data includes information like addresses, tax filings, family members, and medical records for everyone from average citizens receiving Social Security benefits, to millions of current and past federal employees, and applicants for government jobs, as well as judges who hear disputes between government agencies, companies, and everyday Americans.
Exactly what DOGE is doing with all this data seems to be an open question, according to court filings reviewed by Rolling Stone and American Doom. Those filings show that lawyers representing Donald Trump’s administration have failed to explain why DOGE needs the data. And even the simple fact that DOGE has access to this data appears to represent a blatant and widespread violation of the Privacy Act of 1974, according to plaintiffs in a slew of lawsuits directed at DOGE’s work inside the government.
The lawsuits — and DOGE’s access to reams of data at agencies like the Social Security Administration (SSA), the Treasury Department, and the Office of Personnel Management (OPM) — have prompted federal judges to issue restraining orders prohibiting DOGE from continuing to access the data. In Maryland, U.S. District Judge Deborah Boardman recently ordered that DOGE stop accessing data at the Treasury Department, saying it was likely a violation of the Privacy Act. Also in Maryland, another federal judge, Ellen Lipton Hollander, ordered DOGE to stop accessing data at the SSA that has provided Musk’s organization with the personal information of every single person in the country who possesses a Social Security number. DOGE has access not just to every U.S. citizen’s personal information thanks to the SSA data, but also anyone who has applied for or been granted Social Security numbers, like legal immigrants, according to court documents reviewed by Rolling Stone and American Doom.
In both cases, unions representing workers have sued the agencies, alleging that DOGE’s access to the personal information of union members contained in government datasets violates the Privacy Act. The law — created in the wake of Watergate to prevent the abuse of data held by government agencies, like former President Richard Nixon’s attempts to punish political enemies by blackmailing them with IRS tax information — is at the center not just of the Maryland lawsuits, but several more in which unions and other organizations are suing the government over DOGE’s information gathering.
“It goes back to why the Privacy Act exists in the first place — to prevent someone in the government like the president from accessing data to create an enemies list or effectuate a mass firing of employees who aren’t loyal,” says Rhett Millsaps of Lex Lumina, a law firm that is representing several groups in their lawsuit in the Southern District of New York against OPM over DOGE’s access to agency data. “It’s not just about information that’s shared outside of the agency, the Privacy Act even restricts within an agency who can access the data to those who need to know.”
That’s why, Millsaps said, it doesn’t matter if DOGE employees are technically working for DOGE or are named employees of the agency itself, as is the case with two DOGE staffers who were recently named to staff positions at the SSA. Even agency staff must comply with the Privacy Act’s stipulations that data is accessed only for the purposes it was collected, or other specific purposes of work within an agency, according to Millsaps. According to Judge Hollander, DOGE failed to adequately explain how its access to Americans’ personal information falls within the scope of what’s allowed by the Privacy Act, court filings show.
However, a panel of federal appeals court judges ruled that DOGE should be able to at least temporarily access Americans’ personal data at the Department of Education and the Office of Personnel Management (OPM), an issue at the heart of a lawsuit brought by Protect Democracy, which has sued Education, Treasury, and OPM on behalf of the American Federation of Teachers and other unions.
It “does not stretch the imagination to think that modernizing an agency’s software and IT systems would require administrator-level access to those systems, including any internal databases,” Judge Steven Agee wrote in a Monday ruling that lifted an injunction on DOGE from accessing data at Education and OPM. The panel allowed the injunction to remain in place for Treasury Department data.
The Trump administration appears to have found something of a workaround for Privacy Act concerns by technically classifying some DOGE employees as working for government agencies.
Agee added: “The harm that might come from granting database access to an additional handful of government employees — prone as they may be to hacks or leaks, as the plaintiffs have alleged — strikes me as different in kind, not just in degree, from the harm inflicted by reporters, detectives, and paparazzi.”
The ruling conflicts with other judges’ opinions of DOGE’s access to data. In her order prohibiting DOGE from continuing to access SSA data, Judge Hollander said that government lawyers representing the Trump administration “offered no meaningful explanation as to why the DOGE Team was in ‘need’ of unprecedented, unfettered access to virtually SSA’s entire data systems in order to accomplish the goals of modernizing technology, maximizing efficiency and productivity, and detecting fraud, waste, and abuse.” Hollander added that the “silence is deafening” when it came to the administration’s failure to explicitly detail why DOGE needs access to SSA data. Instead, lawyers representing the Trump administration simply repeated an “incantation of a need to modernize the system and uncover fraud.”
DOGE’s access of SSA data supposedly to improve IT systems and uncover fraud “is tantamount to hitting a fly with a sledgehammer,” Hollander wrote in her order, which came on March 20.
In response, SSA’s acting commissioner Leland Dudek provided Hollander with an affidavit claiming DOGE employees need access to Americans’ personal information as part of a project called “Are You Alive,” in addition to another project seeking to identify dead people within Social Security systems and a third project to detect fraud.
“To perform the Are You Alive Project,” DOGE employees “need access to individual Social Security numbers (SSNs), demographics, benefits status, and contact information, among other fields,” Dudek testified in his affidavit. “The access is necessary to examine whether the agency has assigned SSNs to all individual records, and to research and conduct outreach (as needed) to confirm a person’s status as living or deceased.”
In addition to arguing that DOGE needs access to Americans’ personal data to find dead people within SSA systems, the Trump administration has also claimed that data must be shared across government agencies to root out “fraud, waste, and abuse.” On the same day as Hollander’s order demanding DOGE stop accessing SSA data, Trump signed an executive order titled “Stopping Waste, Fraud, and Abuse by Eliminating Information Silos.” The order calls for agencies to share data with one another and “rescind or modify all agency guidance that serves as a barrier to the inter- or intra-agency sharing of unclassified information.”
Like DOGE’s access to government data, the “Information Silos” executive order is another violation of the Privacy Act, according to Millsaps.
“The president can’t just say, ‘Well everyone has to share data.’ The Privacy Act prohibits that,” Millsaps says. “The president is obviously just trying to get around the law. He’s clearly just trying to rule by fiat. It’s an unprecedented assault on the rule of law in our country.”
MILLSAP’S LAWSUIT — filed on behalf of the Electronic Frontier Foundation, the AFL-CIO, the Association of Administrative Law Judges and others — is just one of several lawsuits alleging DOGE is actively violating the Privacy Act by accessing Americans’ personal information. Public Citizen is suing the Department of Education on behalf of the University of California Students Association; and Democratic attorneys general from 19 states are suing the Trump administration over DOGE’s access to data as well as funding freezes.
At OPM, DOGE has accessed the personal information of about 20 million Americans, including current and former federal employees as well as applicants for government jobs. Those employees include administrative law judges who adjudicate disagreements between agencies, companies and the public. Judge Som Ramrup is one of those judges, hearing disability cases for the SSA. As president of the Association of Administrative Law Judges (AALJ), she says the personal information of the organization’s members is at risk of exposure thanks to DOGE’s infiltration of OPM, noting that she and other administrative law judges are “are subjected to threats by disaffected members of the public.”
Judges have to undergo background checks, information that’s included in the OPM data DOGE has access to, as well as “a lot of information about judges, family members, and associates,” Ramrup tells Rolling Stone and American Doom. It’s also not clear, according to Ramrup, what fraud DOGE might find in the personal information of 20 million government employees.
“Why do you need to know my Social Security number, my health care information, my family information? Because you don’t need this data to accomplish the goal of modernizing the workforce or improving IT infrastructure,” Ramrup said.
Ramrup and Millsaps note that this exact data was the target of a hack of OPM databases by Chinese hackers in 2015. Part of their concerns — shared by the AFL-CIO labor union in its DOGE-related lawsuit against the SSA — is that Musk’s organization isn’t following proper security procedures to keep Americans’ personal information out of the wrong hands. Those concerns were recently heightened when Reuters reported that DOGE’s Edward “Big Balls” Coristine has ties to a cyber-crime group that claimed it had hacked government emails and had harassed a former FBI agent. Millsaps noted that Coristine was also fired from a cyber security firm under suspicion of leaking company information.
“They’re not people who have Americans’ best interest at heart,” Millsaps said of Coristine and other DOGE staffers. “They’re people who have the best interest of Elon Musk at heart.”
MUSK, THE WHITE HOUSE, and congressional Republicans continue to insist that DOGE is working solely toward eliminating “waste, fraud and abuse” at government agencies. But a growing number of groups have expressed concern that DOGE is simply engaged in a massive data-gathering operation aimed at punishing Trump and Musk’s political enemies and vulnerable populations.
Advocates for the trans and immigrant communities are particularly concerned that DOGE’s access to government data will allow the Trump administration to target trans Americans and even legal immigrants.
“They are obviously trying to create lists of people — legal and illegal immigrants, trans… all the various types of people that they want to do harm to,” a former government employee with knowledge of DOGE’s operations tells Rolling Stone and American Doom. “If you do not care about various laws, this is incredibly easy to do.”
Trans and immigrant advocates say that DOGE’s access to Social Security data allows the Trump administration to identify undocumented immigrants, green card holders, and trans Americans. Some of their suspicions were validated when The Washington Post reported that the IRS is finalizing a deal with Immigration Customs and Enforcement (ICE) to share tax data with the agency to carry out immigration enforcement. The paper subsequently reported that the Department of Homeland Security (DHS) is seeking access to confidential IRS tax data to track down 7 million immigrants. Public Citizen is suing the IRS — the same agency whose data Nixon tried to use as a weapon against his political foes.
Deborah Fleischaker, who worked in Homeland Security’s civil rights office before serving as ICE’s director of policy and later DHS’ Chief Privacy Officer, tells Rolling Stone and American Doom that DOGE’s access to government data and Trump’s “Information Silos” executive order are “unbound from the law.”
“There are reasons you have to balance the reasons for data sharing and privacy,” Fleischaker says. “There were processes and procedures in place, but we’re in the wild west now.”
Under other recent executive orders to rescind temporary protective status for hundreds of thousands of migrants from Cuba, Haiti, Venezuela, and Nicaragua, Fleischaker says the Trump administration has simply increased the number of undocumented immigrants by removing protections for immigrants from the four counties, and can now use government data to track them down.
“They are very consciously widening the aperture of people who will be undocumented, then maximalizing data-sharing to go after them and get them,” Fleischaker says.
Another recent executive order requires the SSA to share data with state and local officials involved in removing ineligible voters from voter rolls — another possible violation of the Privacy Act. The order, titled “Preserving and Protecting the Integrity of Elections,” gives DOGE the power to subpoena state voter rolls to hunt for ineligible voters, potentially expanding the data-gathering operation of Musk’s organization.
That data-gathering could separately benefit Musk, who “has a huge incentive to get all this data to further his business interests,” according to Millsaps.
Millsaps is among those who are openly calling attention to the potential that DOGE’s data gathering is part of a list-making project by the Trump administration — lists of anyone who opposes Trump and his policies.
“We’re seeing things playing out every day. At the present moment it’s legal immigrants being disappeared off the streets,” Millsaps tells Rolling Stone and American Doom. “If they’re doing that to legal immigrants I don’t think it’s a stretch to think that it could happen to citizens, and access to this data helps to facilitate that.”
This story is being published in partnership with American Doom, a newsletter that focuses on right-wing extremism and other threats to democracy. Have a tip? Contact Justin Glawe on Signal at justinglawe.20.
