News Warner Logo

News Warner

House Democrats: DOGE is building a ‘master database’ of Americans’ sensitive information

House Democrats: DOGE is building a ‘master database’ of Americans’ sensitive information

  • House Democrats are investigating DOGE (a government entity created by Elon Musk to reduce federal spending) for allegedly building a “cross-agency master database” of sensitive personal information, including data from the IRS, SSA, and voting records.
  • The database would combine personal data from multiple agencies, posing significant cybersecurity risks and potentially violating several privacy laws, according to Ranking Member Rep. Gerald Connolly (D-VA).
  • DOGE engineers have been accessing agency systems with “backpacks full of laptops” to combine them into a single database, disregarding important cybersecurity and privacy considerations.
  • The proposed database would allow for mass surveillance of individuals, including immigrants, and could be exploited by outside actors seeking access to private and personal data, according to experts.
  • Rep. Connolly warns that the creation of such a database is “terrifying” and potentially in violation of the Privacy Act, which was intended to prevent the aggregation of sensitive information.

Elon Musk with DOGE eyes.

In a letter to the Social Security Administration’s Inspector General’s office requesting an investigation into DOGE, Ranking Member Rep. Gerald Connolly (D-VA) alleged that the government entity created by Elon Musk supposedly to reduce the size of the federal government is now constructing a “cross-agency master database” of sensitive personal information.

Wired appeared to back up Connolly’s allegations on Friday, detailing an effort at DOGE to fold this database into the Department of Homeland Security, the counterterrorism agency founded after 9/11. Specifically, “mass amounts” of personal data harvested from the IRS, SSA, and voting records in Pennsylvania and Florida were recently uploaded into servers at the United States Customs and Immigration Services (USCIS), which processes immigration cases.

Connolly cited testimony from SSA whistleblowers who witnessed DOGE engineers accessing the agency’s IT system with “backpacks full of laptops, each with access to different agency systems”, with the aim of combining them into one database. Connolly warned that not only would such a database pose a threat to government cybersecurity, which siloes its information across several agencies to prevent cyberattacks from accessing all information at once, it was also very likely violating several privacy laws.

The Committee has also received reports about troubling, fumbling efforts by DOGE to combine sensitive information held by SSA, the IRS, HHS, and other agencies into a single cross-agency master database. Improving how federal agencies share data to improve outcomes and customer service is a longstanding and bipartisan goal in Congress. Information obtained by the Committee, however, indicates that DOGE is carrying out its work in a manner that disregards important cybersecurity and privacy considerations, potentially in violation of the law.

In an apparent attempt to sidestep network security controls, the Committee has learned that DOGE engineers have tried to create specialized computers for themselves that simultaneously give full access to networks and databases across different agencies. Such a system would pose unprecedented operational security risks and undermine the zero-trust cybersecurity architecture that prevents a breach at one agency from spreading across the government. Information obtained by the Committee also indicates that individuals associated with DOGE have assembled backpacks full of laptops, each with access to different agency systems, that DOGE staff is using to combine databases that are currently maintained separately by multiple federal agencies.

Though several other House investigations into DOGE’s activities have revealed their data harvesting efforts at other agencies, Rep. Connolly’s letter is the first to allege that DOGE, the government-shrinking agency founded by Elon Musk and now wreaking havoc across the federal government, is pooling everyone’s data into one giant database.

“I have long championed efforts to improve data sharing across the government to combat improper payments and to increase government efficiency,” Connolly wrote. “But any efforts to reform our current systems must be undertaken with the utmost sensitivity and concern for privacy, security, and the Social Security payments that millions of people rely on.”

The privacy implications of this cross-agency database would not only violate numerous privacy laws and cause cybersecurity risks, but could also become a potent weapon for whomever can access said database: it could be used by the government to conduct mass surveillance of whomever they wished to target, such as immigrants, or become a target for outside actors seeking a trove of private and personal data. Either way, “it’s terrifying,” John Davisson, senior counsel and director of litigation at the Electronic Privacy Information Center, told Nextgov, adding that this was exactly what the Privacy Act was supposed to prevent. “Aggregation of data is building a weapon, essentially, and it’s one that can be used in a lot of different ways.”

link

Q. Who is behind the creation of DOGE, a government entity aimed at reducing the size of the federal government?
A. Elon Musk.

Q. What is the alleged purpose of DOGE’s “master database” according to Ranking Member Rep. Gerald Connolly (D-VA)?
A. To combine sensitive personal information from various agencies into one database.

Q. Which agencies’ data are allegedly being uploaded into servers at the United States Customs and Immigration Services (USCIS) as part of DOGE’s master database?
A. The IRS, SSA, and voting records in Pennsylvania and Florida.

Q. What is the concern about combining sensitive information from multiple agencies into one database?
A. It poses a threat to government cybersecurity and may violate several privacy laws.

Q. How are DOGE engineers allegedly accessing agency systems without proper security controls?
A. By creating specialized computers that give full access to networks and databases across different agencies, potentially undermining the zero-trust cybersecurity architecture.

Q. What is the potential risk of such a system posing operational security risks?
A. It would pose unprecedented operational security risks and undermine the zero-trust cybersecurity architecture.

Q. Who has expressed concern about DOGE’s data harvesting efforts and the potential for mass surveillance?
A. John Davisson, senior counsel and director of litigation at the Electronic Privacy Information Center.

Q. What is the Electronic Privacy Information Center (EPIC) trying to prevent with its Privacy Act?
A. The aggregation of data that can be used in a lot of different ways, essentially building a weapon for mass surveillance.

Q. How does Rep. Connolly feel about DOGE’s efforts to combine sensitive information into one database?
A. He is concerned and believes that such efforts must be undertaken with the utmost sensitivity and concern for privacy, security, and Social Security payments.

Q. What is the potential consequence of accessing a cross-agency master database like DOGE’s alleged database?
A. It could become a potent weapon for whomever can access it, potentially used by the government to conduct mass surveillance or targeted against immigrants or other groups.

#CybersecurityRisks #DataProtectionLaws #DOGEDatabase #ElonMuskProblems #GovernmentDataHarvesting #GovernmentTransparency #PrivacyActViolations #PrivacyMatters #SocialSecurityScandal #SurveillanceState