This admission, made by the Justice Department in a filing on Friday, January 16, 2026, confirms long-standing allegations from whistleblowers that the cost-cutting initiative led by Elon Musk bypassed security protocols to obtain some of the government’s most protected personal information
In a significant legal shift, the Trump administration has admitted in a federal court filing that members of the Department of Government Efficiency (DOGE) accessed and shared sensitive Social Security data without the authorisation or knowledge of agency leadership.
This admission, made by the Justice Department in a filing on Friday, January 16, 2026, confirms long-standing allegations from whistleblowers that the cost-cutting initiative led by Elon Musk bypassed security protocols to obtain some of the government’s most protected personal information.
Secret political agreements and election interference
The court filing reveals that the Social Security Administration (SSA) recently discovered a “Voter Data Agreement” signed by a DOGE employee in March 2025. This secret pact was made with an unidentified political advocacy group whose stated goal was to use the federal data to identify “voter fraud” and overturn election results in specific states.
While the agency stated it has not yet seen direct evidence that the data was successfully transferred to the political group, the discovery has triggered referrals for potential Hatch Act violations, the law that prohibits federal employees from engaging in partisan political activities.
“I’m flabbergasted,” said Danielle Citron, a privacy law expert at the University of Virginia. “If that information is shared willingly and knowingly and they are sharing without the reason they collected it, it’s a violation of the Privacy Act.”
Security breaches and unsanctioned servers
The disclosures also shed light on how DOGE members handled sensitive information within the agency. Officials now acknowledge that DOGE staffers used Cloudflare, an unapproved third-party service, to share data links. Because this server is outside federal control, the SSA admitted it cannot determine what data was shared or if it still exists on the private server.
Furthermore, the filing describes a March 2025 incident where a DOGE staffer emailed an encrypted file containing personal information for approximately 1,000 individuals. To date, the SSA’s chief information office has been unable to bypass the password protection to view the file’s contents.
The new details align with warnings issued last year by Charles Borges, the SSA’s former chief data officer. Although the agency initially dismissed his claims as unfounded, the latest filing marks a total reversal of that position.
“Having admitted what Borges has said all along, the Social Security Administration must take appropriate action to protect Americans’ data, and Borges must get justice for the violation of his rights,” said Debra Katz, Borges’s attorney.
John Davisson, deputy director of the Electronic Privacy Information Center, added: “These are very serious allegations. In another administration, this would have prompted at least a DOJ investigation.”
End of Article
