The U.S. Government Accountability Office (GAO) is conducting an expansive audit of the Department of Government Efficiency (DOGE), a contentious initiative spearheaded by Elon Musk and backed by an executive order from President Donald Trump. Launched in March, the audit seeks to determine whether DOGE’s rapid entry into federal agencies has jeopardized data privacy, violated protocols, or overstepped legal boundaries.
Watchdog Probes Deep Into Data Practices
According to internal records obtained by WIRED, the GAO is reviewing DOGE’s access to systems at several high-profile federal agencies, including the Departments of Labor, Education, Health and Human Services, Homeland Security, Treasury, and the Social Security Administration. DOGE operatives—many of whom are former Musk employees with little government background—are said to have gained access to highly sensitive data, sparking concerns from lawmakers and federal employees alike.
The U.S. Digital Service (USDS), whose teams DOGE operatives reportedly collaborate with, is also under scrutiny as part of this probe. The investigation is focused on how data is being accessed, stored, and potentially misused.
Serious Red Flags Over Access and Oversight
A growing body of reports suggests DOGE personnel have gained entry into sensitive government databases, including tax and payment systems housed at the Treasury Department. Some operatives have reportedly attempted to link disconnected systems—an effort presented under the banner of increasing efficiency but seen by critics as a privacy minefield.
Internal meeting notes from the Department of Labor (DOL), dated March 18 and labeled “Internal/Confidential,” show that DOGE operatives were restricted to “read-only” access at the time. However, the same notes reveal that these operatives had requested expanded permissions and were particularly interested in pay systems and grant databases.
“So far, they do not have write access,” one official noted. “They have asked; we’ve held them at bay.”
This hands-off policy hasn’t reassured critics, especially as evidence mounts that DOGE’s reach is growing faster than safeguards can keep up.
Lawmakers Sound the Alarm
The GAO’s audit comes in direct response to pressure from Congress. In early February, Rep. Bobby Scott (D-Va.) referred to DOGE’s activities as a potential “constitutional emergency.” He was soon joined by Rep. Richard Neal (D-Mass.), who asked for a formal review of DOGE’s involvement with the Treasury and Social Security Administration.
“Americans expect their private information to be protected when they share it with the government,” Neal said. “That clearly hasn’t been the case with DOGE.”
Exposing Lax Controls and Questionable Access
One particularly concerning case centers on Marko Elez, a 25-year-old former engineer at X (formerly Twitter), who was granted not only viewing rights but also editing access to sensitive Treasury Department systems. This meant Elez, with no prior federal service background, had the power to alter core financial infrastructure, according to sources inside the agency.
“It’s like watching someone break into the network and being told you can’t stop them,” one Treasury employee remarked.
Elez has also been linked to DOGE operations within the DOL and the Social Security Administration, though a court has since blocked DOGE access to SSA data. Elez has not responded to media requests for comment.
GAO’s In-Depth Requests
The GAO has asked all relevant agencies to provide detailed documentation of DOGE’s involvement, including:
- Logs of all systems and accounts accessed by DOGE personnel
- Levels of access granted (read, write, execute)
- How and from where DOGE operatives accessed data (on-site or remotely)
- Risk assessments and insider threat protocols
- Security training provided to DOGE-affiliated individuals
- Communications between agency staff regarding DOGE activities between October 2024 and March 2025
GAO investigators have also requested access to laptops issued to DOGE workers and details of how agencies track and limit sensitive data interactions.
A Push to Link Systems—or a Trojan Horse?
DOGE’s overarching mission, as outlined by a Trump-era executive order, is to “eliminate information silos” and reduce bureaucratic redundancy. While that mission may sound reasonable on paper, critics argue that consolidating vast databases of sensitive data opens the door to major privacy risks.
“There’s real concern this information could be misused, exported, or even used to train private AI models,” said a congressional aide who requested anonymity. “We don’t know what DOGE is really doing with the data.”
The same aide noted that one of the most basic tenets of data security—granting access only to those who truly need it—appears to have been ignored in this case.
Oversight Gaps and Shadowy Management
Further complicating matters is DOGE’s opaque management structure. Internal records suggest that even DOGE employees were unclear on who was leading the effort in the weeks after Trump’s return to office. This lack of clarity has made accountability nearly impossible, prompting GAO officials to dig deeper into the operatives’ roles, responsibilities, and oversight mechanisms.
The watchdog’s requests cite guidance from the National Institute of Standards and Technology (NIST), which lays out privacy and security standards for all federal information systems outside of national defense.
GAO spokesperson Sarah Kaczmarek confirmed the investigation but declined to provide specific timelines. However, documents reviewed by WIRED suggest a final report is expected by late spring and will be released to the public.
