A new lawsuit filed by more than 100 federal workers today in the US Southern District Court of New York alleges that the Trump administration’s decision to give Elon Musk’s so-called Department of Government Efficiency (DOGE) access to their sensitive personal data is illegal. The plaintiffs are asking the court for an injunction to cut off DOGE’s access to information from the Office of Personnel Management (OPM), which functions as the HR department of the United States and houses data on federal workers such as their Social Security numbers, phone numbers, and personnel files. WIRED previously reported that Musk and people with connections to him had taken over OPM.
“OPM defendants gave DOGE defendants and DOGE’s agents—many of whom are under the age of 25 and are or were until recently employees of Musk’s private companies—‘administrative’ access to OPM computer systems, without undergoing any normal, rigorous national-security vetting,” the complaint alleges. The plaintiffs accuse DOGE of violating the Privacy Act, a 1974 law that determines how the government can collect, use, and store personal information.
Elon Musk, the DOGE organization, the Office of Personnel Management, and the OPM’s acting director Charles Ezell are named as defendants in the case. The plaintiffs include over a hundred individual federal workers from across the US government as well as groups that represent them, including AFL-CIO, a coalition of labor unions, the American Federation of Government Employees, and the Association of Administrative Law Judges. The AFGE represents over 800,000 federal workers ranging from Social Security Administration employees to border patrol agents.
The plaintiffs are represented by prominent tech industry lawyers, including counsel from the Electronic Frontier Foundation, a digital rights group, as well as Mark Lemley, an intellectual property and tech lawyer who recently dropped Meta as a client in its contentious AI copyright lawsuit because he objected to what he alleges is the company’s embrace of “neo-Nazi madness.”
“DOGE’s unlawful access to employee records turns out to be the means by which they are trying to accomplish a number of other illegal ends. It is how they got a list of all government employees to make their illegal buyout offer, for instance. It gives them access to information about transgender employees so they can illegally discriminate against those employees. And it lays the groundwork for the illegal firings we have seen across multiple departments,” Lemley told WIRED.
EFF lawyer Victoria Noble says there are heightened concerns about DOGE’s data access because of the political nature of Musk’s project. For example, Noble says, there’s a risk that Musk and his acolytes may use OPM data to target ideological opponents or “people they see as disloyal.”
“There’s significant risk that this information could be used to identify employees to essentially terminate based on improper considerations,” Noble told WIRED. “There’s medical information, there’s disability information, there’s information about people’s involvement with unions.”
The Office of Personnel Management and the White House did not immediately respond to requests for comment.
The team behind the lawsuit plans to push even further. “This is just phase one, focused on getting an injunction to stop the continuing violation of the law,” says Lemley. The next phase will include filing a class-action lawsuit on behalf of impacted federal workers.
“Any current or former federal employee who spends or loses even a small amount of money responding to the data breach, for example, by purchasing credit monitoring services, is entitled to a minimum of $1000 in statutory damages,” Lemley says. The complaint specifies that the plaintiffs have already paid for credit monitoring and web monitoring services to protect themselves against DOGE potentially mishandling their data.
The lawsuit is part of a flurry of complaints filed in recent days opposing various executive orders signed by Trump as well as activities conducted by DOGE, which has dispatched a cadre of Musk loyalists to radically overhaul and sometimes effectively dismantle various government agencies.
An earlier lawsuit filed against the Office of Personnel Management on January 27 alleges that DOGE was operating an illegal server at OPM. On Monday, the Electronic Privacy Information Center, a privacy-focused nonprofit, brought its own lawsuit against OPM, the US Department of the Treasury, and DOGE, alleging “the largest and most consequential data breach in US history.” Filed in a US District Court in Virginia, it also called for an injunction to halt DOGE’s access to sensitive data.
The American Civil Liberties Union (ACLU) has similarly characterized DOGE’s data access as potentially illegal in a letter to members of Congress sent last week.
The courts have already taken some limited actions to curb DOGE’s campaign. On Saturday, a federal judge blocked Musk’s lieutenants from accessing Treasury Department records that contained sensitive personal data such as Social Security and bank account numbers. The Trump Administration is already aggressively pushing back, calling the order “unprecedented judicial interference.” Today, President Trump reportedly prepared to sign an executive order directing federal agencies to work with DOGE.