In a move that has privacy advocates sounding the alarm, the Social Security Administration (SSA) has officially confirmed what many suspected: sensitive data concerning immigrants is being shared with the Department of Homeland Security (DHS). This revelation, presented through a quietly updated public notice, codifies an ongoing practice that has been unfolding behind the scenes for months. The notice, known as a System of Record Notice (SORN), is a critical document mandated by the Privacy Act of 1974. It’s designed to provide transparency by outlining how an agency collects, uses, and shares data, and with whom. Typically, SORNs are published for public comment and scrutiny before any data sharing commences. However, this instance appears to be a retroactive validation of a practice already in motion, a practice that stems from a broader initiative dubbed the "Department of Government Efficiency" (DOGE).
The Genesis of DOGE: A Data-Driven Immigration Strategy
The DOGE initiative, as reported previously, represents a significant effort by the Trump administration to consolidate vast troves of data from across various government agencies. The goal? To bolster immigration enforcement efforts. This ambitious undertaking has involved pooling information from diverse sources, including the IRS, state voter rolls, and crucially, the Systematic Alien Verification for Entitlements (SAVE) database maintained by U.S. Citizenship and Immigration Services (USCIS). The SSA’s SORN now officially brings its own valuable data into this expanding network.
Unprecedented Data Consolidation and Legal Questions
Adam Schwartz, the privacy litigation director at the Electronic Frontier Foundation (EFF), a staunch defender of digital privacy and free speech, highlights the legal quandary. "There are laws that require the government to inform the public about their use of various kinds of databases and other surveillance technologies," Schwartz stated. "If the government starts using the database and does not put out the appropriate disclosure and then later does put out that appropriate disclosure, they still have violated the law." This sentiment underscores the concern that the SSA’s SORN, issued after the fact, may represent a violation of the spirit, if not the letter, of the Privacy Act.
The Trump administration’s approach to government has been characterized by a drive to reshape agencies and their functions, with data consolidation emerging as a central pillar. The DOGE initiative, in particular, exemplifies an effort to integrate data sources that were never intended to be commingled. Experts speaking with WIRED have described the scale and nature of this data sharing as "unprecedented," raising serious questions about how sensitive personal information is being leveraged and protected.
Misinformation as a Catalyst for Data Access
Interestingly, the impetus for accessing and integrating certain datasets, like that of the SSA, has sometimes been fueled by misinformation. Early in the administration, a misunderstanding regarding SSA data was amplified, leading to claims about ineligible individuals receiving benefits. While such claims were later debunked, the underlying narrative of inefficiency and potential fraud within SSA systems seemingly provided a justification for DOGE to gain deeper access to the agency’s data and technological infrastructure.
Further complicating the picture, a New York Times report revealed an earlier strategy to add immigrants to the SSA’s "dead people" database. This tactic, intended to push immigrants toward self-deportation, would effectively render their Social Security numbers unusable for employment or accessing government services. The current data-sharing arrangement appears to be a more sophisticated and comprehensive evolution of these earlier efforts, aimed at verifying citizenship and surveilling immigrants through an interconnected web of government data.
SAVE Transforms: A Voter Verification System?
Adding another layer to these developments, DHS recently published its own related SORN. This notice has the effect of transforming the SAVE program into a system that can be used for voter verification. Privacy experts have voiced concerns that this could be another instance of bypassing the strict requirements of the Privacy Act, allowing for broad data usage without adequate public oversight.
A Former SSA Commissioner’s Perspective
Leland Dudek, who served as acting commissioner for the SSA between February and May 2025, offers a valuable insider’s perspective. Dudek recalls his initial support for DOGE, acting as a liaison between SSA staff and the DOGE team. However, his enthusiasm waned as he became privy to the evolving scope of data sharing.
"Though there had been agreements to share data with DHS before—mostly Social Security numbers—the scope of the recent SORN seems unprecedented," Dudek remarked. He explained that while DHS previously had limited access to verify certain Social Security numbers against SSA data, the new SORN introduces a significant change: the creation of a "special indicator code" for "questionable data or special circumstances" related to an SSN application.
"This," Dudek elaborated, "appears to mean that there would now be a way to essentially flag a Social Security number and take it out of use, without marking them as deceased. You can literally cut off anyone’s financial life you want, and you don’t need to use the death master file."
This capability represents a profound shift, moving beyond a simple verification process to a mechanism that can potentially disable an individual’s ability to function financially within the United States based on data flagged by DHS.
The Broader Immigration Enforcement Landscape
President Trump’s administration has made immigration enforcement a cornerstone of its policy agenda. Actions have included rescinding Temporary Protected Status (TPS) for hundreds of thousands of individuals, deploying the National Guard to assist with enforcement, and claiming significant numbers of deportations. A parallel effort has involved increased data collection on immigrants, particularly those utilizing social services, and a renewed push for a citizenship question on the U.S. Census. The creation of a national citizenship database appears to be a logical extension of these broader goals.
Nikhel Sus, senior counsel at Citizens for Responsibility and Ethics in Washington (CREW), a watchdog group involved in legal challenges against the government’s data consolidation practices, views this as a deliberate attempt to build a centralized citizenship registry. "It seems that DHS was dead set on creating a national citizenship data bank, and for whatever reason, they determined that the Social Security Administration had the largest set of citizenship data across any agency in the government," Sus explained. "The American people had no opportunity to weigh in on this dramatic new expansion of the SAVE system before the government illegally repurposed Social Security Administration data."
Legal Challenges and Concerns Over Data Reliability
CREW is among the organizations actively suing the U.S. government over what they perceive as unlawful data consolidation. "These belated systems of records notices only confirm after the fact that the government has run roughshod over the law," Sus stated, echoing the sentiment that legal procedures have been circumvented.
Historically, the SSA has maintained that its data is not definitive for determining U.S. citizenship. In a 2023 letter, an SSA lawyer noted that while SSA records offer an "indication of citizenship," they do not provide "definitive information" and that the agency "does not have citizenship information for all individuals who have been issued an SSN." The definitive authority for such matters rests with DHS.
A DHS spokesperson, Tricia McLaughlin, asserted that USCIS remains committed to securing the electoral process and empowering states to verify voter eligibility efficiently. "We encourage all federal, state, and local agencies to use the SAVE program," she added, signaling a desire for wider adoption of these verification tools.
However, John Davisson, director of litigation and senior counsel at the Electronic Privacy Information Center (EPIC), another organization part of the lawsuit, expresses concern about the legal basis for this broad data sharing. Davisson argues that the statute cited by the SSA to justify the data sharing predates current legal interpretations and does not grant an "affirmative grant of authority" for unrestricted disclosure outside the Privacy Act’s strictures.
"This administration has attempted to subvert that reading of the statute and to claim that it has carte blanche to obtain from any agency, anywhere in government, whatever immigration or citizenship information it wants," Davisson commented.
The Perils of Data Inaccuracy and Mismatches
Beyond the legal and procedural concerns, a significant worry among experts is the inherent unreliability of using Social Security data for citizenship and immigration verification. Since SSA data was not originally collected for these purposes, it may not accurately reflect an individual’s current status. For instance, when a person becomes a naturalized citizen, their SSA records might not be updated to reflect this change.
"There are a lot of reliability concerns when you match disparate data sets across agencies, especially when the data was collected for different purposes," Sus warned. "You could have mismatches. You could have the wrong people’s records being incorrectly linked together." This risk is particularly concerning, as it could lead to individuals who are legally present in or are citizens of the United States facing adverse consequences, such as being prevented from voting or working, due to erroneous data matches.
Dudek concurs with these concerns, emphasizing that SSA data is not a reliable sole determinant of citizenship. He advocates for a rigorous process of data cleaning and cross-matching with other sources to minimize the risk of false positives and negatives. Furthermore, he stresses the need for agencies to transparently disclose any inherent risks or biases within the data itself.
"Is that being done?" Dudek asked, his concern evident. "I’m not aware of it being done, and that concerns me."
The Path Forward: Transparency, Oversight, and Due Process
The expanding use of government data for immigration enforcement raises critical questions about the balance between national security, immigration control, and individual privacy rights. The SSA’s decision to share its data with DHS, while framed within a new SORN, has ignited a debate about the adequacy of current privacy laws and the government’s commitment to transparency and due process. As these data-sharing practices evolve, continued scrutiny from privacy advocates, legal experts, and the public will be crucial in ensuring that fundamental rights are protected and that data is used responsibly and ethically.
The implications of this data sharing extend far beyond immigration enforcement. It touches upon the very definition of what government data is collected, how it is protected, and who has access to it. The precedent set by the DOGE initiative and the SSA’s participation could pave the way for even more extensive data consolidation in the future, making it imperative to address these concerns proactively.
This situation highlights the ongoing tension between the government’s legitimate need to enforce laws and protect national borders, and the fundamental right of individuals to privacy and due process. The lack of pre-disclosure and the potential for inaccuracies in the data paint a concerning picture for immigrants and citizens alike, underscoring the need for robust legal frameworks and vigilant oversight in the digital age.