WASHINGTON, D. C. – U.S. Rep. Shontel Brown wants a pair of inspectors general offices to probe a Department of Government Efficiency (DOGE) staffer’s mishandling of Americans’ personally identifiable information.
On Thursday, the Warrensville Heights Democrat joined with Democrats Susan Del Bene of Washington and Lori Trahan of Massachusetts in a letter asking the Treasury Department and the General Services Administration watchdogs to investigate a DOGE employee’s “unauthorized and potentially illegal” sending of a spreadsheet of personally identifiable information from the Treasury Department to GSA, which manages federal real estate.
The employee, Marko Elez, emailed a spreadsheet that contained names, transaction types, and amounts of money to two people at GSA, the letter says. The information came from the Treasury Department’s payment system, which processes approximately $200 billion in payments each day to Americans, including Social Security benefits, tax refunds and payments to government contractors.
The letter quotes a Treasury Department privacy officer’s declaration that Elez did not obtain prior approval to share the data nor did he bother to encrypt the spreadsheet, a basic practice in information security.
Elez resigned from his Treasury Department post after The Wall Street Journal linked him to a deleted social-media account that advocated racism and eugenics, but was rehired to work at the Labor Department and the Department of Health and Human Services.
DOGE leader Elon Musk announced his rehiring on social media in response to a post where Vice President JD Vance opined that although he disagrees with some of Elez’s statements, “I don’t think stupid social media activity should ruin a kid’s life.”
“He will be brought back,” Musk replied. “To err is human, to forgive divine.”
The Congress members believe Elez also erred by violating the Privacy Act. They said he did not gain approval or encrypt the spreadsheet despite receiving a briefing on cybersecurity and privacy rules just days before.
“Under the Privacy Act, which was passed in the wake of the Watergate scandal to protect Americans’ privacy, federal agencies may not disclose records contained within a system of records to third parties without an individual’s prior written consent, subject to certain exceptions,” their letter says. “With this understanding, Elez’s compilation of names, transaction types, and payment amounts into a spreadsheet, even if not entire records from Treasury systems, and subsequent disclosure to GSA officials constitutes a likely violation of the Privacy Act.”
Their letter said that if the illegal disclosure of personally identifiable information caused harm to individuals, those individuals may have grounds to seek monetary damages from the government.
It urged the investigators to find out how many individuals’ data was compromised, whether they were told of the breach, what recipients of the spreadsheet did with it, what the Treasury Department has done to mitigate future risks, and how it justified giving Elez access to payment systems while his security clearance process was still ongoing.
“Congress and the public must fully understand the extent to which this Administration has improperly granted access to critical systems and sensitive data,” their letter said.