New Trump order pours gasoline on DOGE's data quest
Add Axios as your preferred source to
see more of our stories on Google.
Illustration: Aïda Amer/Axios
President Trump signed an executive order last week that compels federal agencies to tear down internal barriers to sharing government data, with no new cybersecurity requirements to prevent misuse or breaches.
Why it matters: The order gives DOGE and other agencies sweeping access to sensitive personal data, and experts warn it attempts to sidestep longstanding privacy laws that judges have used to block similar efforts.
The big picture: Critics of the Trump administration fear that DOGE and other offices could weaponize existing government databases to monitor people's finances, addresses and other sensitive personal information.
- The Washington Post reported Saturday that the IRS and Immigration and Customs Enforcement (ICE) are nearing an agreement to share the addresses of individuals suspected of being in the country illegally.
- Meanwhile, targeted attacks against protesters and researchers are on the rise. ICE has detained several protesters and academics tied to pro-Palestinian causes.
Zoom out: Trump signed his new order before Monday's jaw-dropping revelation that his cabinet members had planned a Yemen bomb strike in a Signal chat to which they'd also accidentally invited a journalist.
- The administration's efforts to loosen information protections may have started out under the banner of breaking down "silos" in the name of efficiency, but after the Signal leak, they're more likely to look like an invitation to further breaches.
In its aggressive push to root out government waste, DOGE has broadened its scope well beyond traditional anti-fraud efforts.
- DOGE-driven cuts at the National Oceanic and Atmospheric Administration, the National Park Service and other federal agencies have gone far beyond what's needed to root out fraud, Sydney Saubestre, a senior policy analyst at New America's Open Technology Institute, told Axios.
- And many of the privacy protections and information-sharing laws that the executive order is trying to override were created to prevent fraud in the first place, said Kristin Woelfel, policy counsel at the Center for Democracy and Technology.
What they're saying: "Rules protecting data are being swept aside in the name of fighting waste, fraud and abuse," Greg Nojeim, senior counsel and director of the security and surveillance project at the Center for Democracy and Technology, told Axios.
- "Less oversight, less restrictions on sharing of data, plus application of questionable technology to analyze that data — it's the perfect storm."
Between the lines: Expanding access to government databases increases the number of users and endpoints that malicious actors can target.
- Poor access controls — including accounts with too many permissions — mean a single compromised login could expose sensitive information across multiple agencies.
- And agencies could start using their expanded access for unrelated purposes, including immigration enforcement, raising new surveillance and civil liberties concerns.
Flashback: During the Biden administration, the federal government spent years transitioning to a "zero trust" cybersecurity framework, which limits which users have access to specific data to contain damage in the event a hacker compromises their account.
The intrigue: Many of the watchdogs and career officials who once provided oversight of interagency data access have either been fired or forced out.
What we're watching: Agencies must submit plans for complying with the order within 30 days, and changes to agency regulations typically need to be published in the Federal Register.
- It's unclear how well the executive order will stand up in court given executive orders can't supersede laws passed by Congress, Woelfel said.
Go deeper: DOGE's "AI-first" strategy courts disaster
