Judge finds OPM broke law in granting data access to DOGE
Judge Denise Cote granted a preliminary injunction that will restrict how DOGE can access OPM databases. The scope of the injunction is still to be determined.
A federal judge has granted a preliminary injunction that will restrict how the Department of Government Efficiency can access Office of Personnel Management databases.
In a written opinion Monday, Judge Denise Cote found OPM “violated the law and bypassed its established cybersecurity practices” when officials first granted individuals from DOGE broad access to its IT systems.
“The plaintiffs have shown that the defendants disclosed OPM records to individuals who had no legal right of access to those records,” Cote wrote. “In doing so, the defendants violated the Privacy Act and departed from cybersecurity standards that they are obligated to follow. This was a breach of law and of trust. Tens of millions of Americans depend on the Government to safeguard records that reveal their most private and sensitive affairs.”
Cote granted a motion from the plaintiffs for a preliminary injunction. The scope of the injunction will be addressed in a separate order, she added. Cote directed the parties in the case to submit proposals for the injunction by noon on June 12.
]]>
The plaintiffs in the case, including the American Federation of Government Employees, have sued OPM to block DOGE from accessing systems any further. They argue OPM violated federal law by granting “unvetted and untrained” DOGE agents broad access to multiple systems that house personal data on millions of individuals, including current and former federal employees.
Cote appeared receptive to those arguments during a hearing in New York on May 29.
“I’m a little concerned, because I don’t think the administrative record is one to be proud of,” Cote said after Justice Department lawyers argued the plaintiffs hadn’t shown any violation of federal law.
In her opinion Monday, Cote again criticized the defense for not acknowledging any errors when granting DOGE access to sensitive OPM systems in the early days of the new administration.
“The government could have acknowledged that in its rush to accomplish a new president’s agenda mistakes were made and established, important protocols were overlooked. It has not,” she wrote. “The government has defended this lawsuit by repeatedly invoking a mantra that it adhered to all established procedures and safeguards. It did not. Without a full-throated recognition that the law and established cybersecurity procedures must be followed, the risk of irreparable harm will continue to exist.”
The Electronic Frontier Foundation, which is helping to represent the plaintiffs in the case, called today’s ruling “a victory for personal privacy.”
During the May hearing, however, Cote said the preliminary injunction put forward by the plaintiffs would have to be modified. DoJ lawyers argued for one that included carveouts for high-level OPM officials.
]]>
They also touted a preliminary injunction issued in a separate case involving DOGE access to Treasury Department systems. That injunction, first issued in February has been modified several times to allow DOGE officials to access Treasury system so long as they meet certain requirements, such as training and vetting.
Meanwhile, in a separate filing in the OPM case on Friday, DoJ pointed to the Supreme Court’s recent stay of a lower court preliminary injunction order that had restricted DOGE’s access to Social Security Administration systems.
Copyright
© 2025 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.