Last week, the Social Security Administration (SSA) quietly updated a public notice to reveal that the agency would be sharing “citizenship and immigration information” with the Department of Homeland Security (DHS). This data sharing was already happening: WIRED reported in April that the Trump administration had already started pooling sensitive data from across the government for the purpose of immigration enforcement.
This public notice issued by SSA makes that official, months after the fact. The notice is known as a system of record notice (SORN), a document that outlines how an agency will share the data it has, with whom, and for what purpose. This notice is required under the Privacy Act of 1974. Normally, SORNs are issued before any data is shared between agencies, giving the public and government officials sufficient time to offer comment. But WIRED found that the so-called Department of Government Efficiency (DOGE) was pulling in data from across DHS, SSA, the Internal Revenue Service (IRS), and state voter data, among other sources, based largely on the US Citizenship and Immigration Service’s (USCIS) Systematic Alien Verification for Entitlements (SAVE) database.
“There are laws that require the government to inform the public about their use of various kinds of databases and other surveillance technologies,” says Adam Schwartz, privacy litigation director at the Electronic Frontier Foundation, a nonprofit focused on digital privacy and free speech. “If the government starts using the database and does not put out the appropriate disclosure and then later does put out that appropriate disclosure, they still have violated the law.”
The Trump administration has gone to drastic lengths to remake the government in its image. A core component of this has been an effort to vacuum up large swathes of data from across federal agencies, many of which were never meant to be comingled. This has frequently happened regardless of the laws, norms, or procedures that normally govern the access and sharing of sensitive data. The SORN from SSA is just the latest confirmation of exactly how much data is being shared in ways experts tell WIRED is “unprecedented.”
Much of this data sharing begins with misinformation about the data at hand. In the early days of the Trump administration, Elon Musk seized on a misunderstanding of SSA’s data to spread the claim that 150-year-old people were receiving benefits. They weren’t, but DOGE capitalized on the idea that the SSA’s systems were inefficient and fraudulent to burrow into the agency’s data and technology systems. In April, reporting from The New York Times found that in an effort to force immigrants to self-deport, the administration was adding them to the SSA’s database of dead people, effectively meaning that their Social Security numbers could not be used to get jobs or access government services. As part of the effort to combine disparate data across the government to verify citizenship and surveil immigrants, DHS recently published a different but related SORN that effectively transforms SAVE into a voter verification system, which experts also warned could be bypassing the requirements of the Privacy Act.
Leland Dudek, who served as acting commissioner for the Social Security Administration between February and May 2025, led the agency when members of DOGE first appeared. Dudek says he was initially supportive of DOGE and acted as a bridge between SSA staff and members of the DOGE team before becoming disillusioned.
