Privacy Litigation Surges as Courts Rein In DOGE Data Access

Federal judges issue restraining orders amid mounting lawsuits over Trump-era data sharing initiative

Mounting Legal Challenges

Nemeth-Greenleaf v. OPM: Federal employees allege unauthorized access to personnel records by Musk-affiliated contractors without security clearances.
Gribbon v. Musk: Class action claims systematic CFAA violations through DOGE’s access to Treasury payment systems containing 200M+ financial records.
EPIC v. DOGE: Privacy groups secured a temporary restraining order blocking Education Department data sharing on Feb 24.

The Privacy Act of 1974 strictly limits sharing of records without consent. Plaintiffs allege:

OPM provided full database access to Musk’s team despite lacking “routine use” exemptions
Treasury shared income/asset details from payment systems to unauthorized private actors

The Computer Fraud and Abuse Act forms basis for claims that:

Contractors like Amanda Scales exceeded authorized access by copying SSNs and disability statuses
Musk allegedly directed logins to Treasury systems despite conflict of interest with SpaceX/SolarCity contracts

Action	Date	Effect	Source
Education Dept. TRO	Feb 24	Blocks DOGE from 45M student records	Court order
OPM access suspension	Feb 12	Limits reviews of 2.8M files	OPM memo
Treasury audit ordered	Feb 18	Full log review required	Treasury report

The cases test whether presidential EO 14159 creating DOGE can override:

Recent Biden Executive Order mandates may conflict with DOGE’s practices:

Requirement	DOGE’s Alleged Shortfall
Multi-factor authentication	Used unvetted private servers
Third-party vendor reviews	Lacked NIST 800-171 compliance
Data minimization	Collected full financial histories

March 5 Hearing: EPIC seeks preliminary injunction to purge already-collected OPM data
CFAA Criminal Referrals: DOJ weighing whether Musk team actions meet §1030(a)(2) thresholds
Interagency Fallout: GAO announces government-wide audit of data sharing