DOGE has disregarded data protection and privacy norms. The consequences will be felt years down the line

It has been a tumultuous few weeks since Donald Trump took office for the second time as president of the United States, While Trump has garnered headlines for his outlandish executive orders aimed at recasting the country in his own shape, Elon Musk, the tech billionaire turned government quango-buster as the head of the Department of Government Efficiency (DOGE), has been no less busy.

Musk and a small group of staff working under him have been traveling between government departments, demanding access to data they hold with the purported goal of making government operations more efficient. Serious questions—including by the U.S. Treasury itself—have been raised about whether that’s the case, with Musk and his team running roughshod over government and data access norms. (That those barriers exist, Musk and his team have argued on social media, is exactly why they need access to details of how the government works.)

The immediate impact is already being felt. And plenty of alarms are being raised. But it’s not just the here and now that millions of Americans need to consider when thinking about their data integrity. The shockwaves of Musk’s shock and awe approach to accessing government data will continue for decades to come.

“What we know from Musk’s model of what he did to Twitter—which, unfortunately, seems to be the model for what he’s doing with sort of orders of magnitude more complex and sensitive government systems—is really not reassuring,” says Ian Brown, a visiting professor at the Getulio Vargas Foundation Law School in Rio de Janeiro. (DOGE did not respond to Fast Company‘s request for comment.)

Reports indicate that DOGE has already been granted access to highly sensitive personal information across a number of federal agencies. That sensitive data includes information such as a person’s social security number (SSNs), family income, and tax records. “It is hard to overstate how devastating any leakage of information of this level of sensitivity would be because it is high-value data to identity thieves, deeply personal, and difficult to fix as this type of information is intended to stick with you for a long time,” says Elizabeth Laird, director of equity in civic technology at the Center for Democracy and Technology, a U.S. non-profit. (SSNs are appended to you for your entire life—meaning that any breach of them could have a long-term impact.)

“What Musk is reportedly doing is not just to say, ‘In order to modernize these U.S. government federal processes, we’re going to take significant parts of the data and do new things with it,’” says Brown. “He’s saying, ‘We’re going to just completely bypass all those controls, take the data wholesale out of the protected government environments, and import it into environments DOGE is running— with who knows what security and privacy controls, who knows what technical limits on what is done with that data, who gets access to it.’”

There doesn’t have to be an actual breach of that data in order to have an impact on users, Laird reckons. “Just knowing that this information has been shared without your consent can inflict distress and can lead to life-impacting harms like identity theft,” she says.

Ideally, the best way to mitigate the risk of a data breach would be to not collect or share that data in the first place, Laird says. “The second best thing to do is to place strict safeguards on its handling and sharing,” she adds. “Unfortunately, the public, including individuals whose data is being shared, is left in the dark about what is being done to protect them in the face of these increased security risks.”

Anupam Chander, a law professor at Georgetown University, feels these concerns on a personal level. “When I filed my tax return electronically last year, I didn’t think that my data might possibly end up in the hands of people poring through files with a political agenda,” he says. “One hopes our private data is not sitting unencrypted on a 19-year-old’s laptop somewhere.”

https://www.fastcompany.com/91276537/doge-has-disregarded-data-protection-and-privacy-norms-the-consequences-will-be-felt-years-down-the-line?partner=rss&utm_source=rss&utm_medium=feed&utm_campaign=rss+fastcompany&utm_content=rss