Article Details

Democrats demand to know WTF is up with that DOGE server on OPM's network. Are you trying to make this easy for China and Russia?. Who bought it, who installed it, and what's happening with the data on it. Answers for these key questions, and others, regarding the DOGE server rapidly added to the US government's Office of Personnel Management network, have been demanded from the acting head of the OPM by Democrats. The machine in question was hastily put in place by Elon Musk's Department of Government Efficiency (DOGE) in the days after President Trump's January 20 inauguration. With the commander in chief's blessing, the server was used to send mass emails from hr@opm.gov asking federal employees to confirm they had received test messages and then repeatedly offered nearly all of them a severance deal That sparked a lawsuit, filed at the end of last month, which alleged a privacy impact assessment of the server, as required by law, was not carried out and published. The two anonymous federal workers who brought that legal action want the courts to force the government to perform and share that assessment. On Tuesday, the pair asked [PDF] for a temporary restraining order to block the OPM from operating any computer systems connected to hr@opm.gov until the matter is resolved. Now Democratic members of the House Committee on Oversight and Government Reform have given [PDF] the agency's acting director Charles Ezell until February 14 to respond to their questions about the email box. Like the lawsuit, the Dems want to know whether the system underwent a privacy impact assessment, as mandated by the 2002 E-Government Act. In addition, they want to know why senior OPM staff were locked out of the office's critical systems. The committee members also want the OPM to produce details of any IT equipment installed between January 21 and January 24, including copies of any necessary privacy impact assessments; and list who installed or accessed that gear and how they were vetted by the agency, if at all. The Dems want to know who was behind the severance offer emails, whether CISA was consulted about the setup, and what happened to data collected by the email system. These queries are pertinent because the OPM was cyber-ransacked in 2014, quite likely by China, and had more than 21 million records of government workers including security clearance details and fingerprint data stolen. Their letter, which refers to the hr@ emails as an OPM initiative, reads: What steps were taken to safeguard the privacy of the millions of federal employees included in those databases and repositories? What IT assets, software systems, code, or other tools did the relevant team employ to collect contact information and emails for the initiative? Has any federal employee contact information or personal information been moved, copied, or in any way distributed to IT systems outside of the federal government network as part of the initiative? Did any federal government data travel outside the boundaries of the US as part of the initiative? The Democrats also want to know what role the DOGE team and its server played, if any, in the reported spamming of US National Oceanic and Atmospheric Administration staff. "At best, the Trump administration’s actions at OPM to date demonstrate gross negligence, severe incompetence, and a chaotic disregard for the security of our government data and the countless services it enables our agencies to provide to the public," wrote ranking committee member Gerald Connolly (D-VA), and Shontel Brown (D-OH), ranking member of the Subcommittee on Cybersecurity, Information Technology, and Government Innovation. "At worst, we fear that Trump Administration officials know full well that their actions threaten to break our government and put our citizens at risk of foreign adversaries like China and Russia gaining access to our sensitive data." The duo argue they have the authority to request this information under House rules. It remains unclear whether the Republican-controlled committee will support the request, and the OPM and DOGE could simply ignore it. There are meanwhile signs DOGE is gearing up to protect itself from such information requests. The federal body formerly known as the US Digital Service has reportedly told staffers to stop using Slack as it prepares to slide under the wing of the Executive Office of the President. That shift, when completed, will place DOGE under the Presidential Records Act, exempting its communications from Freedom of Information Act requests and delaying public access until after the current administration ends. On Tuesday, acting OPM chief Ezell sent out a memo pushing agencies to reclassify their CIO roles to allow them to be replaced with political appointees. That would make it easier for the White House to replace federal CIOs who resist policy directives.