last week, The Social Security Administration (SSA) quietly updated a public notice, revealing that the agency will share “citizenship and immigration information” with the Department of Homeland Security (DHS). This data sharing was already happening: WIRED reported in April that the Trump administration had begun collecting sensitive data from across the government for the purpose of immigration enforcement.
This public notice issued by the SSA months after the fact makes it official. The notice is known as a System of Records Notice (SORN), a document that outlines how an agency will share the data it holds, with whom, and for what purpose. This notice is required under the Privacy Act of 1974. Typically, SORNs are issued before any data is shared between agencies, giving the public and government officials ample time to comment. But WIRED found that the so-called Department of Government Efficiency (DOGE) was pulling data from other sources, including DHS, SSA, Internal Revenue Service (IRS), and state voter data, primarily based on the U.S. Citizenship and Immigration Services (USCIS) Systematic Alien Verification for Entitlements (SAVE) database.
“There are laws that require the government to inform the public about its use of different types of databases and other surveillance technologies,” says Adam Schwartz, privacy litigation director at the Electronic Frontier Foundation, a nonprofit focused on digital privacy and free speech. “If the government starts using the database and does not make proper disclosures and then later does Make proper disclosures, they still violated the law.”
The Trump administration has gone to great lengths to remake the government in its image. A key component of this has been an effort to vacuum up massive amounts of data from various federal agencies, many of which were never intended to be collected. This often occurs regardless of the laws, norms, or procedures that typically govern access to and sharing of sensitive data. SSA’s SORN is the latest confirmation of just how much data is actually being shared, in a way experts describe to WIRED as “unprecedented.”
Much of this data sharing starts with misinformation about the data available. In the early days of the Trump administration, Elon Musk took advantage of a misunderstanding of the SSA’s data to spread the claim that people as young as 150 were receiving benefits. They weren’t, but DOGE took advantage of the idea that SSA’s systems were inefficient and fraudulent to break into the agency’s data and technology systems. In April, The New York Times reported that in an effort to force immigrants to self-deport, the administration was adding them to the SSA’s database of dead people, effectively meaning that their Social Security numbers could not be used to get jobs or access government services. As part of an effort to combine disparate data across the government to verify citizenship and survey immigrants, DHS recently published a separate but related SORN that effectively turns SAVE into a voter verification system, which experts also warn could circumvent Privacy Act requirements.
Leland Dudek, who served as acting commissioner for the Social Security Administration between February and May 2025, led the agency when DOGE members first emerged. Dudek says he was initially a supporter of DOGE and worked as a bridge between SSA employees and DOGE team members before becoming disillusioned.