doge

government-it-whistleblower-calls-out-doge,-says-he-was-threatened-at-home

Government IT whistleblower calls out DOGE, says he was threatened at home

doge, Policy / /

“Stay out of DOGE’s way”: IT worker details how Musk group infiltrated US agency.

Elon Musk at the White House on March 9, 2025 in Washington, DC. Credit: Getty Images | Samuel Corum

A government whistleblower told lawmakers that DOGE’s access to National Labor Relations Board (NLRB) systems went far beyond what was needed to analyze agency operations and apparently led to a data breach. NLRB employee Daniel Berulis, a DevSecOps architect, also says he received a threat when he was preparing his whistleblower disclosure.

“Mr. Berulis is coming forward today because of his concern that recent activity by members of the Department of Government Efficiency (‘DOGE’) have resulted in a significant cybersecurity breach that likely has and continues to expose our government to foreign intelligence and our nation’s adversaries,” said a letter from the group Whistleblower Aid to the Senate Select Committee on Intelligence leaders and the US Office of Special Counsel.

The letter, Berulis’ sworn declaration, and an exhibit with screenshots of technical data are available here. “This declaration details DOGE activity within NLRB, the exfiltration of data from NLRB systems, and—concerningly—near real-time access by users in Russia,” Whistleblower Aid Chief Legal Counsel Andrew Bakaj wrote. “Notably, within minutes of DOGE personnel creating user accounts in NLRB systems, on multiple occasions someone or something within Russia attempted to login using all of the valid credentials (e.g. Usernames/Passwords). This, combined with verifiable data being systematically exfiltrated to unknown servers within the continental United States—and perhaps abroad—merits investigation.”

Bakaj said they notified law enforcement about an “absolutely disturbing” threat Berulis received on April 7. Someone “taped a threatening note to Mr. Berulis’ home door with photographs—taken via a drone—of him walking in his neighborhood,” Bakaj wrote. “The threatening note made clear reference to this very disclosure he was preparing for you, as the proper oversight authority. While we do not know specifically who did this, we can only speculate that it involved someone with the ability to access NLRB systems.”

NLRB denies breach

Berulis’ disclosure said that several days before receiving this threat, he had been instructed to drop his investigation and not report his concerns to US security officials.

Bakaj’s letter to senators and the Office of Special Counsel requested “that both law enforcement agencies and Congress initiate an immediate investigation into the cybersecurity breach and data exfiltration at NLRB and any other agencies where DOGE has accessed internal systems.”

An NLRB spokesperson denied that there was any breach. “Tim Bearese, the NLRB’s acting press secretary, denied that the agency granted DOGE access to its systems and said DOGE had not requested access to the agency’s systems,” according to NPR. “Bearese said the agency conducted an investigation after Berulis raised his concerns but ‘determined that no breach of agency systems occurred.'”

We contacted the NLRB and will update this article if it provides further comment.

There have been numerous lawsuits over the access to government systems granted to DOGE, the Trump administration entity led by Elon Musk. One such lawsuit described DOGE’s access as “the largest and most consequential data breach in US history.” There have been mixed results in the cases so far; a US appeals court decided last week that DOGE can access personal data held by the US Department of Education and Office of Personnel Management (OPM), overturning a lower-court ruling.

After the whistleblower disclosure, US Rep. Gerry Connolly (D-Va.) sent a letter urging inspectors general at the NLRB and Department of Labor to investigate. Connolly said the whistleblower report indicates “that Department of Government Efficiency (DOGE) employees may be engaged in technological malfeasance and illegal activity at the National Labor Relations Board (NLRB) and the Department of Labor (DOL).” Connolly asked for a report to Congress on “the nature of the work the DOGE team has performed at NLRB and DOL, including any and all attempts to exfiltrate data and any attempts to cover up their activities.”

Because of Musk’s role at DOGE and the fact that his “companies face a series of enforcement actions from NLRB and DOL,” there is “an inherent conflict of interest for him to direct any work at either agency—let alone benefit from stolen nonpublic information,” Connolly wrote.

Login attempts from Russia

Berulis’ disclosure said that on March 11, internal metrics indicated there had been “abnormal usage” over the past week with higher-than-usual response times and “increased network output above anywhere it had been historically.” When examining the data, “we noticed a user with an IP address in Primorsky Krai, Russia started trying to log in. Those attempts were blocked, but they were especially alarming,” he wrote.

The person logging in from Russia apparently had the correct credentials for a DOGE account, according to Berulis. “Whoever was attempting to log in was using one of the newly created accounts that were used in the other DOGE-related activities, and it appeared they had the correct username and password due to the authentication flow only stopping them due to our no-out-of-country logins policy activating,” he wrote. “There were more than 20 such attempts, and what is particularly concerning is that many of these login attempts occurred within 15 minutes of the accounts being created by DOGE engineers.”

This was not the first troubling sign described in the disclosure. On March 7, Berulis says he had “started tracking what appeared to be sensitive data leaving the secured location.” About 10GB of data was exfiltrated, but it was “unclear which files were copied and removed,” he wrote.

Berulis said the evidence indicated there was “a data breach facilitated by an internal actor,” and that he observed “the exact behaviors (Indicators of Compromise) of one who was trying to erase records of activities, retard detection, and covertly hide what data was being extracted after the fact.”

The NLRB hosts lots of private information that is supposed to remain confidential, he noted. This includes “sensitive information on unions, ongoing legal cases, and corporate secrets.” The database involved in the apparent breach contains “PII [personally identifiable information] of claimants and respondents with pending matters before the agency” and confidential business information “gathered or provided during investigations and litigation that were not intended for public release,” he wrote.

Berulis has almost two decades of experience, and his “work often includes high-level coordination with executive teams, establishing red-blue war game security events, and building cross-functional teams to align IT capabilities with mission-critical goals,” he said in his declaration. “Having worked at sensitive US Government institutions, I have held a Top Secret security clearance with eligibility for access to Sensitive Compartmented Information, commonly known as TS/SCI.”

“Stay out of DOGE’s way”

In late February, Berulis and his team were notified of DOGE’s impending arrival. “On or around March 3, 2025, we saw a black SUV and police escort enter the garage, after which building security let the DOGE staffers in. They interacted with only a small group of NLRB staff, never introducing themselves to those of us in Information Technology,” he wrote.

An assistant chief information officer (ACIO) was given instructions that IT employees “were not to adhere to SOP [standard operating procedure] with the DOGE account creation in regards to creating records,” Berulis wrote. “He specifically was told that there were to be no logs or records made of the accounts created for DOGE employees.”

DOGE officials were to be given “the highest level of access and unrestricted access to internal systems,” specifically “tenant owner” accounts in Microsoft Azure that come “with essentially unrestricted permission to read, copy, and alter data,” Berulis wrote. These “permissions are above even my CIO’s access level to our systems” and “well above what level of access is required to pull metrics, efficiency reports, and any other details that would be needed to assess utilization or usage of systems in our agency.”

The NLRB systems “have built-in roles that auditors can use and have used extensively in the past,” which do not have “the ability to make changes or access subsystems without approval,” Berulis wrote. DOGE apparently wasn’t willing to use these accounts. “The suggestion that they use these accounts instead was not open to discussion,” he wrote.

Berulis said IT staff were ordered “to hand over any requested accounts, stay out of DOGE’s way entirely, and assist them when they asked. We were further directed not to resist them in any way or deny them any access.”

More suspicious events

Berulis described several more suspicious events that followed DOGE’s arrival. There was a new container that he described as “basically an opaque, virtual node that has the ability to build and run programs or scripts without revealing its activities to the rest of the network.” There was also a token that “was configured to expire quickly after creation and use, making it harder to gain insight into what it was used for during its lifetime.”

To Berulis, these were signs of an attack on the NLRB systems. The methods used seemed to reflect “the desire of the attackers to work invisibly, leaving little to no obvious trace of their activities once removed.”

On March 6, various users “reported login issues to the service desk and, upon inspection, I found some conditional access policies were updated recently,” he wrote. This was odd because “policies that had been in place for over a year were suddenly found to have been changed with no corresponding documentation or approvals,” he wrote. “Upon my discovery of these changes, I asked the security personnel and information assurance team about it, but they had no knowledge of any planned changes or approvals.”

On March 7, Berulis says he “started tracking what appeared to be sensitive data leaving the secured location.” About 10GB of data was exfiltrated, but it was “unclear which files were copied and removed,” he wrote. On that same day, Berulis says he reported his concerns about sensitive data being exfiltrated to CIO Prem Aburvasmy.

Aburvasmy took the concerns seriously and put together a leadership group “to discuss insider threat response on an ongoing cadence and how we could get better at detecting it,” Berulis wrote. “Going forward after this, the team met every Friday and continue to do so to this day.”

Berulis described some shortcomings in the NLRB’s ability to detect attacks. “During one of these meetings, it was confirmed that our team did not have the technical capability to detect or respond in real time to internal threat actors, and that we likely did not have the ability to obtain more details about the past events,” he wrote.

The department subsequently “shifted budget to allow for better tooling going forward,” which “has vastly improved our detection and logging so we can provide more concrete evidence if covert exfiltration occurs by an insider threat again,” Berulis wrote. “We also shut down a public endpoint and corrected rogue policies that had been altered to allow much broader traffic in/out of our network.”

Berulis: “We were directed not to… create an official report”

On March 10, Berulis found that controls in Microsoft Purview to prevent insecure or unauthorized access from mobile devices had been disabled, he wrote. “In addition, outside of expected baselines and with no corresponding approvals or records I could find I noted the following: an interface exposed to the public Internet, a few internal alerting and monitoring systems in the off state, and multi-factor authentication changed,” he wrote.

The team observed more odd activity in the ensuing weeks, Berulis wrote. Data was sent to “an unknown external endpoint,” but the network team was unable to obtain connection logs or determine what data was removed, he wrote. There were also “spikes in billing in Mission Systems related to storage input/output” associated with projects that could no longer be found in the NLRB system, indicating that “resources may have been deleted or short-lived,” he wrote.

During the week of March 24, an assistant CIO for security at the NLRB “concluded that following a review of data, we should report it” to US-CERT, the US Computer Emergency Readiness Team at the Cybersecurity and Infrastructure Security Agency (CISA), according to Berulis.

“Accordingly, we launched a formal review and I provided all evidence of what we deemed to be a serious, ongoing security breach or potentially illegal removal of personally identifiable information,” he wrote.

But on April 3 or 4, the assistant CIO “and I were informed that instructions had come down to drop the US-CERT reporting and investigation and we were directed not to move forward or create an official report,” Berulis wrote.

Photo of Jon Brodkin

Jon is a Senior IT Reporter for Ars Technica. He covers the telecom industry, Federal Communications Commission rulemakings, broadband consumer affairs, court cases, and government regulation of the tech industry.

Government IT whistleblower calls out DOGE, says he was threatened at home Read More »

victory-for-doge-as-appeals-court-reinstates-access-to-personal-data

Victory for DOGE as appeals court reinstates access to personal data

doge, Policy / /

A US appeals court ruled yesterday that DOGE can access personal data held by the US Department of Education and Office of Personnel Management (OPM), overturning an order issued by a lower-court judge.

The US government has “met its burden of a strong showing that it is likely to succeed on the merits of their appeal,” said yesterday’s ruling by the US Court of Appeals for the 4th Circuit. In a 2-1 decision, a panel of judges granted the Trump administration’s motion to stay the lower-court ruling pending appeal.

“The Supreme Court has told us that, unlike a private party, the government suffers an irreparable harm when it cannot carry out the orders of its elected representatives… Judicial management of agency operations offends the Executive Branch’s exclusive authority to enforce federal law,” wrote Court of Appeals Judge Steven Agee, a George W. Bush appointee.

Agee was joined by Judge Julius Richardson, a Trump appointee, in voting to grant the motion to stay pending appeal. Judge Robert King, a Clinton appointee, voted to deny the motion.

Judge “strongly” dissents

In a separate 8-7 vote, the full court denied King’s request for an en banc hearing. King’s dissent said:

Given the exceptional importance of this matter, I sought initial en banc consideration of the government’s motion for a stay pending appeal of the district court’s award of preliminary injunctive relief—an injunction that bars the defendant federal agencies and officials from disclosing to affiliates of the President’s new Department of Government Efficiency, or “DOGE,” highly sensitive personal information belonging to millions of Americans. Regrettably, my request for initial hearing en banc has been denied on an 8-7 vote, and the panel majority has granted the government’s motion for a stay pending appeal on a 2-1 vote. I strongly dissent from both decisions.

At stake is some of the most sensitive personal information imaginable—including Social Security numbers, income and assets, federal tax records, disciplinary and other personnel actions, physical and mental health histories, driver’s license information, bank account numbers, and demographic and family details. This information was entrusted to the government, which for many decades had a record of largely adhering to the Privacy Act of 1974 and keeping the information safe. And then suddenly, the defendants began disclosing the information to DOGE affiliates without substantiating that they have any need to access such highly sensitive materials.

Yesterday’s decision overturned a ruling by US District Judge Deborah Boardman in the District of Maryland. Plaintiffs include the American Federation of Teachers; the International Association of Machinists and Aerospace Workers; the National Active and Retired Federal Employees Association; the National Federation of Federal Employees; and the International Federation of Professional & Technical Engineers. There are also six individual plaintiffs who are military veterans.

Victory for DOGE as appeals court reinstates access to personal data Read More »

doge-staffer’s-youtube-nickname-accidentally-revealed-his-teen-hacking-activity

DOGE staffer’s YouTube nickname accidentally revealed his teen hacking activity

department of government efficiency, doge, elon musk, hacking, pirated ebooks, Policy, Spaces, video game cheats, X, youtube / /

A SpaceX and X engineer, Christopher Stanley—currently serving as a senior advisor in the Deputy Attorney General’s office at the Department of Justice (DOJ)—was reportedly caught bragging about hacking and distributing pirated e-books, bootleg software, and game cheats.

The boasts appeared on archived versions of websites, of which several, once flagged, were quickly deleted, Reuters reported.

Stanley was assigned to the DOJ by Elon Musk’s Department of Government Efficiency (DOGE). While Musk claims that DOGE operates transparently, not much is known about who the staffers are or what their government roles entail. It remains unclear what Stanley does at DOJ, but Reuters noted that the Deputy Attorney General’s office is in charge of investigations into various crimes, “including hacking and other malicious cyber activity.” Declining to comment further, the DOJ did confirm that as a “special government employee,” like Musk, Stanley does not draw a government salary.

The engineer’s questionable past seemingly dates back to 2006, Reuters reported, when Stanley was still in high school. The news site connected Stanley to various sites and forums by tracing various pseudonyms he still uses, including Reneg4d3, a nickname he still uses on YouTube. The outlet then further verified the connection “by cross-referencing the sites’ registration data against his old email address and by matching Reneg4d3’s biographical data to Stanley’s.”

Among his earliest sites was one featuring a “crude sketch of a penis” called fkn-pwnd.com, where Stanley, at 15, bragged about “fucking up servers,” a now-deleted Internet Archive screenshot reportedly showed. Another, reneg4d3.com, was launched when he was 16. There, Stanley branded a competing messaging board “stupid noobs” after supposedly gaining admin access through an “easy exploit,” Reuters reported. On Bluesky, an account called “doge whisperer” alleges even more hacking activity, some of which appears to be corroborated by an IA screenshot of another site Stanley created, electonic.net (sic), which as of this writing can still be accessed.

DOGE staffer’s YouTube nickname accidentally revealed his teen hacking activity Read More »

what-could-possibly-go-wrong?-doge-to-rapidly-rebuild-social-security-codebase.

What could possibly go wrong? DOGE to rapidly rebuild Social Security codebase.

Biz & IT, cobol, doge, elon musk, Java, Policy, syndication / /

Like many legacy government IT systems, SSA systems contain code written in COBOL, a programming language created in part in the 1950s by computing pioneer Grace Hopper. The Defense Department essentially pressured private industry to use COBOL soon after its creation, spurring widespread adoption and making it one of the most widely used languages for mainframes, or computer systems that process and store large amounts of data quickly, by the 1970s. (At least one DOD-related website praising Hopper’s accomplishments is no longer active, likely following the Trump administration’s DEI purge of military acknowledgements.)

As recently as 2016, SSA’s infrastructure contained more than 60 million lines of code written in COBOL, with millions more written in other legacy coding languages, the agency’s Office of the Inspector General found. In fact, SSA’s core programmatic systems and architecture haven’t been “substantially” updated since the 1980s when the agency developed its own database system called MADAM, or the Master Data Access Method, which was written in COBOL and Assembler, according to SSA’s 2017 modernization plan.

SSA’s core “logic” is also written largely in COBOL. This is the code that issues social security numbers, manages payments, and even calculates the total amount beneficiaries should receive for different services, a former senior SSA technologist who worked in the office of the chief information officer says. Even minor changes could result in cascading failures across programs.

“If you weren’t worried about a whole bunch of people not getting benefits or getting the wrong benefits, or getting the wrong entitlements, or having to wait ages, then sure go ahead,” says Dan Hon, principal of Very Little Gravitas, a technology strategy consultancy that helps government modernize services, about completing such a migration in a short timeframe.

It’s unclear when exactly the code migration would start. A recent document circulated amongst SSA staff laying out the agency’s priorities through May does not mention it, instead naming other priorities like terminating “non-essential contracts” and adopting artificial intelligence to “augment” administrative and technical writing.

What could possibly go wrong? DOGE to rapidly rebuild Social Security codebase. Read More »

judge-orders-musk-and-doge-to-delete-personal-data-taken-from-social-security

Judge orders Musk and DOGE to delete personal data taken from Social Security

doge, elon musk, Policy, Trump / /

The lawsuit was filed by the American Federation of State, County and Municipal Employees; the Alliance for Retired Americans; and American Federation of Teachers. “Never before has a group of unelected, unappointed, and unvetted individuals—contradictorily described as White House employees, employees of either existing or putative agencies (multiple and many), and undefined ‘advisors’—sought or gained access to such sensitive information from across the federal government,” the lawsuit said.

A temporary restraining order preserves the status quo until a preliminary injunction hearing can be held, although the legal standards for granting a temporary restraining order or preliminary injunction are essentially the same, Hollander wrote. A temporary restraining order lasts 14 days by default but can be extended.

“In my view, plaintiffs have shown a likelihood of success on the merits as to their claim that the access to records provided by SSA to the DOGE Team does not fall within the need-to-know exception to the Privacy Act. Therefore, the access violates both the Privacy Act and the APA,” Hollander wrote.

The SSA has meanwhile been hit with DOGE-fueled budget cuts affecting its operations.

The order

The order says the SSA must cut off DOGE’s access. Musk, Gleason, and all other DOGE team members and affiliates “shall disgorge and delete all non-anonymized PII [personally identifiable information] data in their possession or under their control, provided from or obtained, directly or indirectly, from any SSA system of record to which they have or have had access, directly or indirectly, since January 20, 2025,” it says.

The DOGE defendants are also prohibited “from installing any software on SSA devices, information systems, or systems of record, and shall remove any software that they previously installed since January 20, 2025, or which has been installed on their behalf,” and are prohibited “from accessing, altering, or disclosing any SSA computer or software code.”

The SSA is allowed to provide DOGE with redacted or anonymized records, and may provide “access to discrete, particularized, and non-anonymized data, in accordance with the Privacy Act” under certain conditions. “SSA must first obtain from the DOGE Team member, in writing, and subject to possible review by the Court, a detailed explanation as to the need for the record and why, for said particular and discrete record, an anonymized or redacted record is not suitable for the specified use,” the order said. “The general and conclusory explanation that the information is needed to search for fraud or waste is not sufficient to establish need.”

Judge orders Musk and DOGE to delete personal data taken from Social Security Read More »

us-tries-to-keep-doge-and-musk-work-secret-in-appeal-of-court-ordered-discovery

US tries to keep DOGE and Musk work secret in appeal of court-ordered discovery

doge, musk trump, Policy, President Donald Trump, us doge service / /

The petition argues that discovery is unnecessary to assess the plaintiff states’ claims. “Plaintiffs allege a violation of the Appointments Clause and USDS’s statutory authority on the theory that USDS and Mr. Musk are directing decision-making by agency officeholders,” it said. “Those claims present pure questions of law that can be resolved—and rejected—on the basis of plaintiffs’ complaint. In particular, precedent establishes that the Appointments Clause turns on proper appointment of officeholders; it is not concerned with the de facto influence over those who hold office.”

States: Discovery can confirm Musk’s role at DOGE

The states’ lawsuit alleged that “President Trump has delegated virtually unchecked authority to Mr. Musk without proper legal authorization from Congress and without meaningful supervision of his activities. As a result, he has transformed a minor position that was formerly responsible for managing government websites into a designated agent of chaos without limitation and in violation of the separation of powers.”

States argued that discovery “may confirm what investigative reporting has already indicated: Defendants Elon Musk and the Department of Government Efficiency (‘DOGE’) are directing actions within federal agencies that have profoundly harmed the States and will continue to harm them.”

Amy Gleason, the person the White House claims is running DOGE instead of Musk, has reportedly been working simultaneously at the Department of Health and Human Services since last month.

“Defendants assert that Mr. Musk is merely an advisor to the President, with no authority to direct agency action and no role at DOGE,” the states’ filing said. “The public record refutes that implausible assertion. But only Defendants possess the documents and information that Plaintiffs need to confirm public reporting and identify which agencies Defendants will target next so Plaintiffs can seek preliminary relief and mitigate further harm.”

“Notably, Plaintiffs seek no emails, text messages, or other electronic communications at this stage, meaning Defendants will not need to sort through such exchanges for relevance or possible privilege,” the states said. “The documents that Plaintiffs do seek—planning, implementation, and organizational documents—are readily available to Defendants and do not implicate the same privilege concerns.”

Discovery related to DOGE and Musk’s conduct

Chutkan wrote that the plaintiffs’ “document requests and interrogatories generally concern DOGE’s and Musk’s conduct in four areas: (1) eliminating or reducing the size of federal agencies; (2) terminating or placing federal employees on leave; (3) cancelling, freezing, or pausing federal contracts, grants, or other federal funding; and (4) obtaining access, using, or making changes to federal databases or data management systems.”

US tries to keep DOGE and Musk work secret in appeal of court-ordered discovery Read More »

ftc-can’t-afford-to-fight-amazon’s-allegedly-deceptive-sign-ups-after-doge-cuts

FTC can’t afford to fight Amazon’s allegedly deceptive sign-ups after DOGE cuts

Amazon, Amazon Prime, Consumer protection, dark patterns, department of government efficiency, doge, Donald Trump, elon musk, federal trade commission, ftc, Policy / /

The Federal Trade Commission is moving to push back a trial set to determine if Amazon tricked customers into signing up for Prime subscriptions.

At a Zoom status hearing on Wednesday, the FTC officially asked US District Judge John Chun to delay the trial. According to the FTC’s attorney, Jonathan Cohen, the agency needs two months to prepare beyond the September 22 start date, blaming recent “staffing and budgetary shortfalls” stemming from the Trump administration’s Department of Government Efficiency (DOGE), CNBC reported.

“We have lost employees in the agency, in our division, and on our case team,” Cohen said, explaining that “there is an extremely severe resource shortfall in terms of money and personnel,” Bloomberg reported. Cuts are apparently so bad, Cohen told Chun that the FTC is stuck with a $1 cap on any government credit card charges and “may not be able to purchase the transcript from Wednesday’s hearing,” Bloomberg reported.

Further threatening to scramble the agency’s trial preparation, the FTC anticipates that downsizing may require a move to another office “unexpectedly,” Cohen told Chun.

Amazon does not agree that a delay is necessary. The e-commerce giant’s attorney, John Hueston, told Chun that “there has been no showing on this call that the government does not have the resources to proceed to trial with the trial date as presently set.”

FTC can’t afford to fight Amazon’s allegedly deceptive sign-ups after DOGE cuts Read More »

china-aims-to-recruit-top-us-scientists-as-trump-tries-to-kill-the-chips-act

China aims to recruit top US scientists as Trump tries to kill the CHIPS Act

Chips Act, department of government efficiency, doge, Donald Trump, intel, Micron, NSF, NVIDIA, Policy, samsung, semiconductors, TSMC / /

Tech innovation in US likely to stall if Trump ends the CHIPS Act.

On Tuesday, Donald Trump finally made it clear to Congress that he wants to kill the CHIPS and Science Act—a $280 billion bipartisan law Joe Biden signed in 2022 to bring more semiconductor manufacturing into the US and put the country at the forefront of research and innovation.

Trump has long expressed frustration with the high cost of the CHIPS Act, telling Congress on Tuesday that it’s a “horrible, horrible thing” to “give hundreds of billions of dollars” in subsidies to companies that he claimed “take our money” and “don’t spend it,” Reuters reported.

“You should get rid of the CHIPS Act, and whatever is left over, Mr. Speaker, you should use it to reduce debt,” Trump said.

Instead, Trump potentially plans to shift the US from incentivizing chips manufacturing to punishing firms dependent on imports, threatening a 25 percent tariff on all semiconductor imports that could kick in as soon as April 2, CNBC reported.

The CHIPS Act was supposed to be Biden’s legacy, and because he made it a priority, much of the $52.7 billion in subsidies that Trump is criticizing has already been finalized. In 2022, Biden approved $39 billion in subsidies for semiconductor firms, and in his last weeks in office, he finalized more than $33 billion in awards, Reuters noted.

Among the awardees are leading semiconductor firms, including the Taiwan Semiconductor Manufacturing Co. (TSMC), Micron, Intel, Nvidia, and Samsung Electronics. Although Trump claims the CHIPS Act is one-sided and only serves to benefit firms, according to the Semiconductor Industry Association, the law sparked $450 billion in private investments increasing semiconductor production across 28 states by mid-2024.

With the CHIPS Act officially in Trump’s crosshairs, innovation appears likely to stall the longer that lawmakers remain unsettled on whether the law stays or goes. Some officials worried that Trump might interfere with Biden’s binding agreements with leading firms already holding up their end of the bargain, Reuters reported. For example, Micron plans to invest $100 billion in New York, and TSMC just committed to spending the same over the next four years to expand construction of US chips fabs, which is already well underway.

So far, Commerce Secretary Howard Lutnick has only indicated that he will review the finalized awards, noting that the US wouldn’t be giving TSMC any new awards, Reuters reported.

But the CHIPS Act does much more than provide subsidies to lure leading semiconductor companies into the US. For the first time in decades, the law created a new arm of the National Science Foundation (NSF)—the Directorate of Technology, Innovation, and Partnerships (TIP)—which functions unlike any other part of NSF and now appears existentially threatened.

Designed to take the country’s boldest ideas from basic research to real-world applications as fast as possible to make the US as competitive as possible, TIP helps advance all NSF research and was supposed to ensure US leadership in breakthrough technologies, including AI, 6G communications, biotech, quantum computing, and advanced manufacturing.

Biden allocated $20 billion to launch TIP through the CHIPS Act to accelerate technology development not just at top firms but also in small research settings across the US. But as soon as the Department of Government Efficiency (DOGE) started making cuts at NSF this year, TIP got hit the hardest. Seemingly TIP was targeted not because DOGE deemed it the least consequential but simply because it was the youngest directorate at NSF with the most workers in transition when Trump took office and DOGE abruptly announced it was terminating all “probationary” federal workers.

It took years to get TIP ready to flip the switch to accelerate tech innovation in the US. Without it, Trump risks setting the US back at a time when competitors like China are racing ahead and wooing US scientists who suddenly may not know if or when their funding is coming, NSF workers and industry groups told Ars.

Without TIP, NSF slows down

Last month, DOGE absolutely scrambled the NSF by forcing arbitrary cuts of so-called probationary employees—mostly young scientists, some of whom were in transition due to promotions. All those cuts were deemed illegal and finally reversed Monday by court order after weeks of internal chaos reportedly stalling or threatening to delay some of the highest-priority research in the US.

“The Office of Personnel Management does not have any authority whatsoever under any statute in the history of the universe to hire and fire employees at another agency,” US District Judge William Alsup said, calling probationary employees the “life blood” of government agencies.

Ars granted NSF workers anonymity to discuss how cuts were impacting research. At TIP, a federal worker told Ars that one of the probationary cuts in particular threatened to do the most damage.

Because TIP is so new, only one worker was trained to code automated tracking forms that helped decision-makers balance budgets and approve funding for projects across NSF in real time. Ars’ source likened it to holding the only key to the vault of NSF funding. And because TIP is so different from other NSF branches—hiring experts never pulled into NSF before and requiring customized resources to coordinate projects across all NSF fields of research—the insider suggested another government worker couldn’t easily be substituted. It could take possibly two years to hire and train a replacement on TIP’s unique tracking system, the source said, while TIP’s (and possibly all of NSF’s) efficiency is likely strained.

TIP has never been fully functional, the TIP insider confirmed, and could be choked off right as it starts helping to move the needle on US innovation. “Imagine where we are in two years and where China is in two years in quantum computing, semiconductors, or AI,” the TIP insider warned, pointing to China’s surprisingly advanced AI model, DeepSeek, as an indicator of how quickly tech leadership in global markets can change.

On Monday, NSF emailed all workers to confirm that all probationary workers would be reinstated “right away.” But the damage may already be done as it’s unclear how many workers plan to return. When TIP lost the coder—who was seemingly fired for a technicality while transitioning to a different payscale—NSF workers rushed to recommend the coder on LinkedIn, hoping to help the coder quickly secure another opportunity in industry or academia.

Ars could not reach the coder to confirm whether a return to TIP is in the cards. But Ars’ source at TIP and another NSF worker granted anonymity said that probationary workers may be hesitant to return because they are likely to be hit in any official reductions in force (RIFs) in the future.

“RIFs done the legal way are likely coming down the pipe, so these staff are not coming back to a place of security,” the NSF worker said. “The trust is broken. Even for those that choose to return, they’d be wise to be seeking other opportunities.”

And even losing the TIP coder for a couple of weeks likely slows NSF down at a time when the US seemingly can’t afford to lose a single day.

“We’re going to get murdered” if China sets the standard on 6G or AI, the TIP worker fears.

Rivals and allies wooing top US scientists

On Monday, six research and scientific associations, which described themselves as “leading organizations representing more than 305,000 people in computing, information technology, and technical innovation across US industry, academia, and government,” wrote to Congress demanding protections for the US research enterprise.

The groups warned that funding freezes and worker cuts at NSF—and other agencies, including the Department of Energy, the National Institute of Standards & Technology, the National Aeronautics and Space Administration, the National Institutes of Health—”have caused disruption and uncertainty” and threaten “long-lasting negative consequences for our competitiveness, national security, and economic prosperity.”

Deeming America’s technology leadership at risk, the groups pointed out that “in computing alone, a federal investment in research of just over $10 billion annually across 24 agencies and offices underpins a technology sector that contributes more than $2 trillion to the US GDP each year.” Cutting US investment “would be a costly mistake, far outweighing any short-term savings,” the groups warned.

In a separate statement, the Computing Research Association (CRA) called NSF cuts, in particular, a “deeply troubling, self-inflicted setback to US leadership in computing research” that appeared “penny-wise and pound-foolish.”

“NSF is one of the most efficient federal agencies, operating with less than 9 percent overhead costs,” CRA said. “These arbitrary terminations are not justified by performance metrics or efficiency concerns; rather, they represent a drastic and unnecessary weakening of the US research enterprise.”

Many NSF workers are afraid to speak up, the TIP worker told Ars, and industry seems similarly tight-lipped as confusion remains. Only one of the organizations urging Congress to intervene agreed to talk to Ars about the NSF cuts and the significance of TIP. Kathryn Kelley, the executive director of the Coalition for Academic Scientific Computation, confirmed that while members are more aligned with NSF’s Directorate for Computer and Information Science and Engineering and the Office of Advanced Cyberinfrastructure, her group agrees that all NSF cuts are “deeply” concerning.

“We agree that the uncertainty and erosion of trust within the NSF workforce could have long-lasting effects on the agency’s ability to attract and retain top talent, particularly in such specialized areas,” Kelley told Ars. “This situation underscores the need for continued investment in a stable, well-supported workforce to maintain the US’s leadership in science and innovation.”

Other industry sources unwilling to go on the record told Ars that arbitrary cuts largely affecting the youngest scientists at NSF threatened to disrupt a generation of researchers who envisioned long careers advancing US tech. There’s now a danger that those researchers may be lured to other countries heavily investing in science and currently advertising to attract displaced US researchers, including not just rivals like China but also allies like Denmark.

Those sources questioned the wisdom of using the Elon Musk-like approach of breaking the NSF to rebuild it when it’s already one of the leanest organizations in government.

Ars confirmed that some PhD programs have been cancelled, as many academic researchers are already widely concerned about delayed or cancelled grants and generally freaked out about where to get dependable funding outside the NSF. And in industry, some CHIPS Act projects have already been delayed, as companies like Intel try to manage timelines without knowing what’s happening with CHIPS funding, AP News reported.

“Obviously chip manufacturing companies will slow spending on programs they previously thought they were getting CHIPS Act funding for if not cancel those projects outright,” the Semiconductor Advisors, an industry group, forecasted in a statement last month.

The TIP insider told Ars that the CHIPS Act subsidies for large companies that Trump despises mostly fuel manufacturing in the US, while funding for smaller research facilities is what actually advances technology. Reducing efficiency at TIP would likely disrupt those researchers the most, the TIP worker suggested, proclaiming that’s why TIP must be saved at all costs.

Photo of Ashley Belanger

Ashley is a senior policy reporter for Ars Technica, dedicated to tracking social impacts of emerging policies and new technologies. She is a Chicago-based journalist with 20 years of experience.

China aims to recruit top US scientists as Trump tries to kill the CHIPS Act Read More »

federal-firings-could-wreak-havoc-on-great-lakes-fishery

Federal firings could wreak havoc on Great Lakes fishery

conservation, doge, great lakes, Invasive species, Science, syndicatino, syndication, USFWS / /

Her performance reviews for the last year had been glowing, so the letter made no sense. “It’s not a real explanation,” she said.

The USFWS layoffs will not affect the sea lamprey control program in Canada, McClinchey said. “The Canadian government has assured us that the money from Canada will continue to be there and we’re on track to deliver a full program in Canadian waters,” he said. “That’s great, but this program works because it’s border blind.”

In other words: Cuts to lamprey control in US waters are a threat to fish and fishermen everywhere on the Great Lakes.

Just a week ago, the Great Lakes Fishery Commission faced a more dire staffing situation, as the USFWS informed directors they’d also be unable to hire seasonal workers to spread lampricide come April. Within a few days, that hiring freeze was reversed, said McClinchey.

This reversal gives him a bit of hope. “That at least tells us no one is rooting for the lamprey,” he said.

McClinchey is currently in DC for appropriation season, presenting the commission’s work to members of Congress and defending the agency’s budget. It’s an annual trip, but this year he’s also advocating for the reinstatement of laid-off lamprey control employees.

He is optimistic. “It seems clear to me that it’s important we preserve this program, and so far everyone we’ve encountered thinks that way and are working to that end,” he said.

Cutting back the program isn’t really on the table for the commission. Even minor cuts to scope would be devastating for the fishery, he said.

Even the former USFWS employee from Marquette is remaining hopeful. “I still think that they’re going to scramble to make it happen,” she said. “Because it’s not really an option to just stop treating for a whole season.”

This story originally appeared on Inside Climate News.

Federal firings could wreak havoc on Great Lakes fishery Read More »

judge:-us-gov’t-violated-privacy-law-by-disclosing-personal-data-to-doge

Judge: US gov’t violated privacy law by disclosing personal data to DOGE

doge, Policy / /

“The plaintiffs have made a clear showing that they are likely to suffer irreparable harm without injunctive relief,” the order said. “DOGE affiliates have been granted access to systems of record that contain some of the plaintiffs’ most sensitive data—Social Security numbers, dates of birth, home addresses, income and assets, citizenship status, and disability status—and their access to this trove of personal information is ongoing. There is no reason to believe their access to this information will end anytime soon because the government believes their access is appropriate.”

The American Federation of Teachers, which represents 1.8 million teachers and nurses, was joined in the lawsuit by the International Association of Machinists and Aerospace Workers, International Federation of Professional and Technical Engineers, National Active and Retired Federal Employees Association, and National Federation of Federal Employees.

No need to know

The government insisted that the DOGE affiliates are employees of Education and OPM, and the judge assumed that is true for purposes of evaluating the motion for a restraining order. Even with that allowance, Boardman decided the data access is not permissible under the “need-to-know” exception to the law prohibiting unnecessary disclosure.

The Trump administration did not explain why “the DOGE affiliates at Education need such comprehensive, sweeping access to the plaintiffs’ records to audit student loan programs for waste, fraud, and abuse or to conduct cost-estimate analyses,” Boardman wrote, adding that “there appears to be no precedent with similar facts.”

There are six DOGE affiliates working at Education. They include Adam Ramada, a United States DOGE Service employee, and five “DOGE-affiliated individuals” who have not been identified by name.

“It may be that, with additional time, the government can explain why granting such broad access to the plaintiffs’ personal information is necessary for DOGE affiliates at Education to do their jobs, but for now, the record before the Court indicates they do not have a need for these records in the performance of their duties,” Boardman wrote.

Judge: US gov’t violated privacy law by disclosing personal data to DOGE Read More »

doge’s.gov-site-lampooned-as-coders-quickly-realize-it-can-be-edited-by-anyone

DOGE’s .gov site lampooned as coders quickly realize it can be edited by anyone

department of government efficiency, doge, Donald Trump, elon musk, Policy / /

“An official website of the United States government,” reads small text atop the Department of Government Efficiency (DOGE) website that Elon Musk’s team started populating this week with information on agency cuts.

But you apparently don’t have to work in government to push updates to the site. A couple of prankster web developers told 404 Media that they separately discovered how “insecure” the DOGE site was, seemingly pulling from a “database that can be edited by anyone.”

One coder couldn’t resist and pushed two updates that, as of this writing, remained on the DOGE site. “This is a joke of a .gov site,” one read. “THESE ‘EXPERTS’ LEFT THEIR DATABASE OPEN,” read another.

404 Media spoke to two other developers who suggested that the DOGE site is not running on government servers. Instead, it seems to be running on a Cloudflare Pages site and is relying on a database that “can be and has been written to by third parties and will show up on the live website,” the developers told 404 Media.

Archived versions of the DOGE site show that it was basically blank before Tuesday. That’s when Musk held a DOGE press conference in the Oval Office, promising that DOGE is “actually trying to be as transparent as possible.” At that time, Musk claimed that DOGE was being “maximally transparent” by posting about “all” actions to X (Musk’s social media platform) and to the DOGE website. (Wired deemed the DOGE site “one big X ad” because it primarily seems to exist to point to Musk’s social media platform.)

According to 404 Media, after Musk made that statement, his team rushed to build out the DOGE website, mirroring X posts from the DOGE account and compiling stats on the federal workforce.

But in rushing, DOGE appears to have skipped security steps that are expected of government websites. That pattern is troubling some federal workers, as DOGE has already been dinged by workers concerned by Musk’s team seizing access to sensitive government information and sharing it in ways deemed less secure. For example, last week, Department of Education officials raised alarms about DOGE employees using personal emails viewed as less secure than government email addresses, seemingly in violation of security protocols. These personal emails also seemed to shroud the true identities of DOGE staffers, whereas other government employees must use their full names in official communications.

DOGE’s .gov site lampooned as coders quickly realize it can be edited by anyone Read More »

doge-can’t-use-student-loan-data-to-dismantle-the-education-dept.,-lawsuit-says

DOGE can’t use student loan data to dismantle the Education Dept., lawsuit says

data privacy, department of education, doge, Donald Trump, elon musk, financial data, Online Privacy, Policy, student loans / /

Microsoft declined to comment, but allegedly the DOGE employees are “using AI software accessed through Microsoft’s cloud computing service Azure to pore over every dollar of money the department disburses, from contracts to grants to work trip expenses,” one source told the Post.

The lawsuit noted that several DOE employees have tried to block DOGE’s access by raising red flags up the command chain, but DOE leadership directly instructed lower-level employees to grant DOGE access, the same source alleged.

A big concern is that DOGE funneling education data into AI systems will cause sensitive data to be stored in a way that makes it more vulnerable to cyberattacks or data breaches. Another issue could be the AI system being error-prone or potentially hallucinating data that is driving decisions on major DOE cuts.

On Thursday, a DOE deputy assistant secretary for communications, Madi Biedermann, issued a statement insisting that DOGE employees are federal employees who have undergone background checks to be granted requisite security clearances.

“There is nothing inappropriate or nefarious going on,” Biedermann said.

Trump has similarly waved away concerns over DOGE’s work at DOE and other departments that officials worry are experiencing a “blitz” of seemingly unlawful power grabs, the Post reported. On Monday, Trump told reporters that “if there’s a conflict” with DOGE accessing Americans’ data, “then we won’t let him get near it.” But seemingly until Trump agrees there’s a conflict, Musk’s work with DOGE must go on, Trump said.

“We’re trying to shrink government, and he can probably shrink it as well as anybody else, if not better,” Trump suggested.

While thousands of Americans are suing, confused over whether they need to urgently protect their private financial data, one DOE staffer told the Post that DOGE “is working with almost unbelievable speed.” The staffer ominously suggested that it may already be too late to protect Americans from invasive probes or defend departments against cuts.

“They have a playbook, which is to get access to the data,” the staffer told the Post. “And once they’re in, it’s already over.”

DOGE can’t use student loan data to dismantle the Education Dept., lawsuit says Read More »