Senate Democrats seek audit of DOGE access to Social Security systems
In the aftermath of DOGE incursions into Social Security Administration computer systems, a trio of Senate Democrats is pushing legislation that would require performance and security audits into what the Elon Musk-founded group left behind in those networks.
The Protecting Seniors’ Data Act of 2025, introduced Wednesday by Sens. Sheldon Whitehouse of Rhode Island, Elizabeth Warren of Massachusetts and Ron Wyden of Oregon, calls on the country’s comptroller general to deliver a “comprehensive audit” of all SSA systems that have been accessed by DOGE staffers or volunteers.
That audit, according to bill text shared with FedScoop, would identify security vulnerabilities or bugs in software that was installed, created or modified by DOGE representatives. The lawmakers also want answers on whether DOGE’s work in SSA networks violated the Privacy Act and the Federal Information Security Management Act.
Whitehouse made the case for his bill on the Senate floor Wednesday, arguing that DOGE entered SSA under the auspices of rooting out waste, fraud and abuse, but in reality did so “with bad intent.”
“If you were actually concerned about waste, fraud and abuse, you wouldn’t fire all the inspectors general,” he said. “You’d actually probably try to recruit the inspectors general into your so-called government efficiency effort.”
DOGE’s foray into Social Security systems has been the subject of ongoing litigation aimed at blocking further access to agency networks that contain personally identifiable information. But even if DOGE is no longer in SSA’s IT networks, Whitehouse told his Senate colleagues that “there remains the lingering danger” that “they exfiltrated data, because data has enormous value, or they infiltrated bugs to do damage to the old systems of Social Security.”
“Or worst of all,” Whitehouse continued, “perhaps they left backdoors so that Elon Musk or other folks who are interested in getting access to massive amounts of Americans’ data can find their way into Social Security’s data systems secretly.”
If signed into law, Democrats’ bill would require the comptroller general to deliver a report of their findings, within a year, to the Senate Finance Committee, the House Ways and Means Committee and the Social Security commissioner. The report should include recommendations for legislation and administrative action.
SSA’s commissioner, meanwhile, would be responsible for addressing any vulnerabilities or bugs mentioned in the report, and provide details to Congress on the status of those fixes.
During his Senate confirmation hearing to be SSA commissioner, Frank Bisignano vowed to protect Americans’ personally identifiable information, telling lawmakers that PII “needs the highest level of scrutiny and protection, and we need to understand who can access what information and ensure that that information is anonymized, so they’re not getting data they could use in a bad way.”
Bisignano, who was confirmed as commissioner a month ago, also told Wyden during the hearing that he would “do whatever is required to protect the information that is private information,” though he declined to say whether he’d lock DOGE out of SSA databases.
And Bisignano promised Whitehouse he’d make sure no backdoors were left behind, committing to “a total review” of agency databases.
