Illustration: Sarah Grillo/Axios
Downsizing and major shifts at federal agencies will disrupt privacy-related work as Congress lags on passing comprehensive protections for Americans, according to former staff and experts.
Why it matters: Newer rules around consumer privacy may go unenforced as agencies grapple with inadequate staffing and new priorities.
Zoom in: On the Hill, lawmakers are starting from scratch on federal privacy legislation after many previous failed attempts.
- Groups like the Electronic Frontier Foundation are suing DOGE using existing privacy laws on the books, and it's unclear how much congressional action would thwart Elon Musk's team.
State of play: DOGE is targeting agencies from the Treasury Department to the IRS, putting sensitive personal information at risk.
- DOGE is also cutting budgets and staff across tech and consumer protection-focused agencies with privacy work underway.
CFPB: Staffing and work at the agency has been gutted, including its team of technologists.
- The CFPB had published a rule supervising Big Tech payment apps, been carrying out enforcement actions against tech companies with financial apps for misconduct, and was studying Big Tech and financial technology.
- CFPB's proposed Data Broker rule is also at risk of being killed.
"With little chance of agency enforcement, data brokers will rest easy and continue to traffic in their extensive, and potentially inaccurate, consumer financial data," Eric Null, co-director of the CDT's Privacy & Data project, told Axios.
- OPM did not respond to a request for comment asking if these initiatives would continue.
FTC: Chair Andrew Ferguson withdrew a request for comment on a study looking into how companies surveil the shopping habits of consumers online and offer dynamic pricing as a result.
- The FTC finalized a new COPPA rule in December, and was going after companies deceiving consumers about their uses of AI.
- The FTC declined comment on whether either of those things would continue.
- "The new administration seems determined to haphazardly fire countless federal workers, which in the case of the FTC would remove the very investigators and attorneys working to protect Americans' privacy," Douglas Farrar, former FTC chair Lina Khan's director of public affairs, told Axios.
- FTC did not respond to a request for comment as of publication time.
NSF work is in limbo.
- The agency, which declined to comment, has been helping develop technology that protects privacy when data is being shared and supporting research into making global cyber systems trustworthy among other projects.
NIST provides a privacy framework for organizations to follow, catalogs of security controls to fend off cyber attacks and develops risk models to protect privacy.
- NIST did not respond to a request for comment.
Under the previous administration, the FCC had set up a data protection task force to help the agency's bureaus coordinate on protecting privacy.
- NTIA had been working to protect kids online and was exploring the intersection of privacy, equity, and civil rights. Under Trump's first term, the agency had also sought a new approach to protecting data privacy.
- FCC chair Brendan Carr's chief of staff Greg Watson said there are no announcements to share at this point regarding the agency's privacy work.
What we're watching: EFF and the coalition it's leading are using the Privacy Act, which requires written consent to disclose government records about individuals.
- "Americans' privacy rights are violated every day by governments and companies. U.S. privacy law is full of holes that would benefit from a comprehensive privacy law," EFF staff attorney Mario Trujillo told Axios.
The intrigue: Children's online privacy is an area of bipartisan agreement, so agency work there may continue without interruption.
- But with fewer staff, less enforcement can happen.
The bottom line: The future of agency privacy work is highly uncertain as President Trump tramples through existing laws and new ones are nowhere near the finish line.
