Top Oversight Democrat warns of DOGE AI use in federal agencies

Rep. Gerry Connolly, D-Va., said the use of unauthorized tools by Elon Musk and DOGE may violate privacy laws and software regulations.

By Caroline Nihill

March 12, 2025

Listen to this article

0:00

This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.

Rep. Gerry Connolly, D-Va., speaks to reporters outside of the U.S. Capitol on May 15, 2023 in Washington, D.C. (Photo by Drew Angerer/Getty Images)

The top Democrat on the House Oversight and Government Reform Committee is warning agencies against using artificial intelligence without adhering to privacy laws and software regulations, a request that comes amid reports that Elon Musk’s Department of Government Efficiency is employing unauthorized AI tools in its work.

In letters sent to the heads of the departments of Commerce, Homeland Security, Education, Energy and others, Rep. Gerry Connolly, D-Va., wrote that if agencies are failing to ensure that AI vendors have adequate approval through programs like FedRAMP, then they risk violating the law. Connolly specifically pointed to the Privacy Act of 1974, the Federal Information Security Management Act (FISMA) and the E-Government Act of 2002. He also referenced the Advancing American AI Act, noting that agencies must keep a public inventory of current or planned uses.

Connolly asked agencies to provide documentation that includes a list of sources of the data collected and used by Musk and DOGE in connection with AI, a description of all AI used since the second Trump administration began, a list of individuals who managed or accessed federal data in the process of feeding it through AI and more. Responses from agencies are expected by March 26.

“If sensitive personnel files were uploaded to AI models, those files may now be accessible to third parties, including foreign adversaries,” Connolly wrote.

He continued: “Moreover, concerns that Elon Musk is using sensitive government data to ‘supercharge’ his proprietary AI model ‘Grok’ developed by xAI raise the possibility that Musk is leveraging access to sensitive government data for commercial advancement and private enrichment.”

Connolly cited a Washington Post story that said DOGE members have probed internal agency datasets — containing sensitive information — with AI. The House Oversight ranking member also highlighted an analysis from the Cyber-Intelligence Brief that found government IP addresses linked to an AI product called Inventry.ai that was designed for supply chain management. The analysis found “indications of a ‘massive firehose of data being sent to the AI company’s servers’ likely connected to the disclosure of ED data to the company by DOGE team members,” Connolly’s letter stated.

The lawmaker wrote that Inventry.ai has not yet been approved for federal cloud use through the FedRAMP process.

“These actions demonstrate reckless AI misuse, blatant disregard for data privacy and a severe failure to maintain the cybersecurity of federal systems,” Connolly wrote.