The Trump administration's fast-moving efforts to limit the size of the U.S. federal bureaucracy, primarily through the recently minted Department of Government Efficiency, are raising privacy and data security concerns among current and former government officials across the government, particularly as the administration scales back positions charged with privacy oversight. Efforts to limit the independence of a host of federal agencies through a new executive order — including the independence of the Federal Trade Commission and Securities and Exchange Commission — are also ringing alarm bells among civil society and some legal experts.
Cuts to OPM's privacy, records management team
According to CNN, several staff within the Office of Personnel Management's privacy and records keeping department were fired last week. Staff who handle communications and respond to Freedom of Information Act requests were also let go. Though the entire privacy team was not fired, according to the OPM, details about what kind of oversight will remain within the department were limited. The report also states the staff's termination date is 15 April.
It is one of several moves the Trump administration has made in recent days reshaping how entities access and provide oversight to government agencies' information.
The New York Times reports on a wide range of incidents within the government where DOGE's efforts to limit fraudulent government spending by accessing sensitive agency databases have run up against staffers who are concerned about the privacy of Americans' personal information. In one incident, Social Security Administration acting Commissioner Michelle King was fired after resisting a request from DOGE to access the agency's database. "The episode at the Social Security Administration ... has played out repeatedly across the federal government," the Times reported.
The Washington Post reported that some Internal Revenue Service officials were concerned about potential DOGE access to personal taxpayer data. "According to a draft of the memorandum obtained by The Washington Post, DOGE software engineer Gavin Kliger is set to work at the IRS for 120 days, though the tax agency and the White House can renew his deployment for the same duration. His primary goal at the IRS is to provide engineering assistance and IT modernization consulting." The report also stated the agreement would require Klinger to "maintain confidentiality of tax return information, shield it from unauthorized access and destroy any such information shared with him upon the completion of his IRS deployment."
Another recent request involves the government's notification system, which allows for the sending of mass texts. Notify.gov is available to all federal agencies and can be used by state and local agencies to send alerts to people participating in government programs such as Medicaid. 404Media reported the Technology Transformation Services commissioner requested administrative access to the system. An employee resigned in protest, saying such access would allow Thomas Shedd to look at and download personally identifiable information without any checks.
"I don't believe that I can operate a program and system without the ability to manage access to PII," the employee wrote in their resignation.
The department is also reportedly using the assistance of AI systems, including a AI chatbot.
Lawsuits proliferate
Several lawsuits have been filed by state attorneys general and civil advocacy groups attempting to check DOGE's broad access. The lawsuits have argued that DOGE's access to sensitive data, such as Social Security, bank account or contact information, which are typically only viewable by authorized employees, is dangerous for people's privacy. The courts' reception has been mixed: a New York federal judge temporarily blocked DOGE from accessing U.S. Department of Treasury systems in mid-February. But a Washington, D.C., federal judge declined to restrict similar access to agencies including the departments of Labor, Education, Health and Human Services, Energy, Transportation and Commerce, as well as OPM, while the lawsuit plays out.
U.S. District Judge Tanya Chutkan wrote in her decision that the dozen-plus states bringing the lawsuit raised legitimate questions about DOGE, but had not yet proved the unofficial department was causing harm, Reuters reported.
"The court is aware that DOGE’s unpredictable actions have resulted in considerable uncertainty and confusion for Plaintiffs and many of their agencies and residents. But the 'possibility' that defendants may take actions that irreparably harm plaintiffs is not enough," Chutkan said.
New executive order limits independence of FTC, FCC, SEC, others
On Tuesday, the Trump administration also released a new executive order that would effectively limit the independence of several federal agencies. The broad executive order grants Office of Management and Budget head Russell Vought with oversight of agencies including the Federal Communications Commission, the Federal Trade Commission and the Securities and Exchange Commission. Those agencies are responsible for, among other duties, enforcing consumer protection and financial security laws. The move effectively brings those agencies under Trump's more direct control.
"These agencies issue rules and regulations that cost billions of dollars and implicate some of the most controversial policy matters, and they do so without the review of the democratically elected President," a fact sheet related to the order reads. "Now they will no longer impose rules on the American people without oversight or accountability."
According to the fact sheet, all agencies will be required to "submit draft regulations for White House review — with no carve-out for so-called independent agencies, except for the monetary policy functions of the Federal Reserve," and the OMB "will adjust so-called independent agencies' apportionments to ensure tax dollars are spent wisely." The order also states that the president and attorney general, "(subject to the President's supervision and control) will interpret the law for the executive branch, instead of having separate agencies adopt conflicting interpretations."
The order was slammed by the Electronic Privacy Information Center, which said those agencies would not be able to do their work without the risk of interference by the White House. It compared the move to Trump's firings of Democratic appointees of the Privacy and Civil Liberties Oversight Board and reducing the Consumer Financial Protection Bureau's oversight actions.
"For more than a century, independent agencies have served the American people by interpreting and enforcing essential consumer protection standards," EPIC executive director Alan Butler said. "These agencies are responsible for ensuring that our most sensitive data is secured and not abused. We all lose if these independent regulators lose their protection from political machinations."
Caitlin Andrews is a staff writer for the IAPP.
