Policy

House Democrat wants to modernize privacy law in light of DOGE data access

Rep. Lori Trahan of Massachusetts is asking the public to respond to a list of questions regarding how the Privacy Act of 1974 could be modernized.

By Caroline Nihill

March 18, 2025

Listen to this article

0:00

This feature uses an automated voice, which may result in occasional errors in pronunciation, tone, or sentiment.

Rep. Lori Trahan, D-Mass., speaks at a news conference at the U.S. Capitol Building following a weekly caucus meeting on May 22, 2024 in Washington, D.C. (Photo by Andrew Harnik/Getty Images)

As litigation plays out on DOGE access to individuals’ sensitive data, a House lawmaker is asking civil society groups, privacy experts, government technologists and others to inform legislation seeking to modernize the Privacy Act of 1974.

Rep. Lori Trahan, D-Mass., said in a press release that she is beginning an effort to reform the Privacy Act, which has been cited in various lawsuits against agencies over allegedly allowing unauthorized DOGE staffers to access data that could contain personally identifiable information. “Unaccountable billionaires, inexperienced programmers and unvetted political appointees are perpetrating the biggest government privacy scandal since Watergate,” Trahan said in the release.

Ann Lewis, former director of the General Services Administration’s Technology Transformation Services, said in a statement that “the Privacy Act lacks necessary provisions to address modern challenges presented by national-scale data breaches, widespread adoption of AI, and the need for secure cross-agency information sharing. Additionally, it lacks sufficient transparency and accountability mechanisms for how agencies use emerging technologies to collect, store, and analyze personal information.”

In order to begin this effort, Trahan is asking the public to respond to a series of questions, including the federal government’s need to balance privacy with other priorities like reducing waste, how the government can effectively leverage privacy-enhancing technologies, the privacy risks associated with artificial intelligence and more.

Other questions include whether the modernized privacy act should address privacy concerns faced by organizations, including businesses and nonprofits, and how potential legislation could accomplish that. Trahan is also interested in disclosure requirements, including how those regarding individuals’ access to and ability to amend their information could be improved and how agencies’ implementation could be modernized.

Trahan argued in the request for feedback that the federal government’s use of technology has “dramatically evolved,” since the Privacy Act’s enactment, which was created in response to the Watergate scandal. Since then, Congress has implemented legislation that governs the federal management of electronic information, like the E-Government Act of 2002 or the Federal Information Technology and Modernization Act.

“The combination of challenges stemming from unchecked government officials and significant technological advances warrant a reevaluation of the Privacy Act … and related laws governing privacy and federal information technology,” Trahan wrote.