DOGE says it needs to know the government’s most sensitive data, but can’t say why
Fewer than 50 people have access to Social Security Administration databases containing hundreds of millions of people’s private financial and personal information.
But only one also has access to the government’s human resources and student loan files.
Akash Bobba is one of many Department of Government Efficiency staffers who have embedded in federal agencies the last few months with virtually unfettered access to the sensitive, compartmentalized sources of data collected by the government. The team, which is steered by billionaire Elon Musk, says it’s scouring government records for signs of waste, fraud and abuse.
Bobba is also one of many DOGE employees who, according to several federal judges, were inappropriately given that access in violation of privacy laws and without proper training to handle the personally identifiable information the agencies collect.
In one order last week blocking DOGE’s access to Social Security data, U.S. District Judge Ellen Lipton Hollander of Maryland said the government “never identified or articulated even a single reason for which the DOGE Team needs unlimited access to SSA’s entire record systems, thereby exposing personal, confidential, sensitive, and private information that millions of Americans entrusted to their government.”
Instead of a more narrow approach to data access and work to “modernize the system and uncover fraud,” Hollander wrote that DOGE’s unprecedented access to protected data “is tantamount to hitting a fly with a sledgehammer.”
An NPR review of thousands of pages of records across more than a dozen lawsuits in federal court finds an alarming pattern across agencies, where DOGE has given conflicting information about what data it has accessed, who has that access, and most importantly — why.
“No need to know”
When President Trump signed an order creating the DOGE initiative, it directed agencies to create dedicated teams that would have “full and prompt access to all unclassified agency records, software systems, and IT systems” that would also “adhere to rigorous data protection standards.”
Numerous court filings and affidavits paint a picture of agencies rushing to give DOGE access without accompanying rigor of protecting data or documenting the scope of its work.
On Monday, a federal judge in Maryland temporarily halted DOGE from accessing data of millions of union members in a lawsuit against the Office of Personnel Management, the Treasury Department and Education Department after finding the agencies shared private information with DOGE affiliates “who had no need to know the vast amount of sensitive personal information to which they were granted access.”
“No matter how important or urgent the President’s DOGE agenda may be, federal agencies must execute it in accordance with the law,” Judge Deborah L. Boardman wrote. “That likely did not happen in this case.”
In the Social Security Administration lawsuit, Hollander found several DOGE staffers “were granted access to SSA systems before their background checks were completed or their inter-agency detail agreements were finalized.“
One of those is Bobba, who was given access to the master data warehouse at SSA that includes the Master Beneficiary Record, Supplemental Security Record and Numident files containing “extensive information about anyone with a social security number,” according to filings in the case.
According to a memorandum of understanding detailing Bobba’s work with SSA, the Office of Personnel Management and Education Department that was improperly redacted by OPM, Bobba agreed to do any work on Social Security data from the agency headquarters.
But an affidavit from former SSA chief of staff Tiffany Flick said that Bobba was working off-site from OPM where other people “may have also had access to this protected information,” Flick wrote.
Not even lawyers for the government can account for when and how DOGE staffers received access to sensitive databases. In a Labor Department lawsuit, Judge John D. Bates notes that “defendants themselves acknowledge inconsistencies across their evidence” regarding DOGE.
Marko Elez, a DOGE employee who resigned from his post at the Treasury Department in early February after racist social media posts resurfaced, “sent an email with a spreadsheet containing PII to two United States General Services Administration officials,” according to an audit of his email account submitted in one court filing.
Government lawyers said Elez was “erroneously” and “mistakenly” given the ability to change data on Treasury’s Secure Payment System, which a judge said demonstrates DOGE access was “rushed and undertaken by political pressure.”
In a ruling blocking DOGE access to Treasury systems, Judge Jeannette Vargas warned that “a real possibility exists that sensitive information has already been shared outside of the Treasury Department, in potential violation of federal law.”
Congress warned against this — a half-century ago
When Congress passed the Privacy Act of 1974, lawmakers expressed concerns about personal information amassed in digital databases by the “omnivorous fact collectors” of federal agencies.
During the debate about the bill, Arizona Republican Sen. Barry Goldwater was worried about the possibility “that every detail of our personal lives can be assembled instantly for use by a single bureaucrat or institution.”
“I hope that we never see the day when a bureaucrat in Washington or Chicago or Los Angeles can use his organization’s computer facilities to assemble a complete dossier or all known information about an individual,” Republican Sen. Charles Percy said.
Fifty years later, the Department of Government Efficiency effort headed by Musk appears to be doing just that, bypassing the Privacy Act, agency security protocols and training for handling the most sensitive data maintained by federal agencies.
The White House did not respond to questions about DOGE following privacy laws, or whether Americans should be concerned about the level of DOGE’s access.
The federal government maintains a large amount of sensitive data, from health records of veterans and Medicare recipients to troves of information about companies being investigated by the Consumer Financial Protection Bureau and the National Labor Relations Board.
The rapid insertion of DOGE employees into the system is raising alarm bells for privacy and security advocates.
“The government has also repeatedly failed to articulate a clear purpose for the unprecedented access it seeks to deeply sensitive information, and why the data it wants access to is necessary for that purpose,” said Kristin Woelfel, a lawyer with the nonprofit Center for Democracy and Technology. “If the government cannot answer those questions, then DOGE has no business accessing that data.”
“Part of what is unnerving and is scary both to companies whose data is involved and also Americans whose most sensitive financial information is at risk, is that we don’t know what they’re doing,” former CFPB chief technologist Erie Meyer previously told NPR.
Anne Weismann, a George Washington University Law School professor who focuses on government accountability and transparency, said DOGE and its employees have control over a “staggering” amount of data about Americans.
“It’s so ironic because Trump supporters are so worried about ‘Big Brother’ and government, and they are allowing this entity to amass that data,” Weismann said. “I mean, I don’t think there’s another entity in the federal government that collectively has access to that kind of data.”
Weismann is also outside counsel for the nonprofit Project On Government Oversight, which is suing DOGE over access to records about how it operates.
Last week, Trump signed an executive action that appears to continue to push agencies toward “eliminating information silos” and sharing more sensitive data across federal agencies, including ensuring that the government has “unfettered access to all unemployment data and related payment records.”
It encourages federal agency leaders to find ways to rescind existing regulations and guidance about information sharing within and between agencies — with no mention of privacy or data security.
Peter Mohler named new University of Alabama president
Mohler comes to the role from Ohio State University where he served as executive vice president for research, innovation and knowledge and as chief scientific officer of the Wexner Medical Center. He also served as Ohio State’s acting president in 2023.
The Taliban has banned a lot of things … but chess?
A former chess coach says a member of the Taliban vice squad told him: "Playing chess is forbidden. Buying a chess set is forbidden. Even watching it — is forbidden." Why was the game banned?
How Apple turbocharged China’s development
A new book raises the specter that corporate offshoring of manufacturing may have undermined America's lead in technological innovation and even its national security.
Russia pummels Kyiv with drones and missiles, killing at least 15
The attacks was one of the largest on Ukraine's capital in months. It came as President Volodymyr Zelenskyy prepared for the G7 summit in Canada, where he is pushing for stronger sanctions on Russia.
Medicaid keeps getting more popular as Republicans aim to cut it by $800 billion
Americans across the political spectrum like Medicaid and think it should get more funding, not less, according to a new poll from health research organization KFF.
The essential listening guide to Bruce Springsteen’s ‘Tracks II: The Lost Albums’
It's a great day when your favorite artist releases a new record. But what if they released seven new records at once, full of music you didn't even know existed? That's what Bruce Springsteen is doing on his forthcoming box set Tracks II: The Lost Albums.