That’s what today’s opinion is here. I was running and I can’t add more now, but I thought I’d pass it on.
Update: I’ve just returned and thought I’d post this excerpt:
Plaintiffs have claimed USDS since February 20, 2025 [DOGE] Officials have gained unprecedented access to information systems at numerous federal agencies, including the Treasury Department and OPM. In this regard, the Ministry of Finance operates the Finance Bureau (“BFS”) and “a federal payment system that distributes almost 90% of all federal payments, including social security benefits, tax refunds, and vendor payments.” I’m managing it. The BFS payment system contains sensitive personal data, such as the full Social Security numbers of “tens of millions of individuals.” OPM manages the Enterprise Human Resource Integration (“EHRI”) system “responsible for maintaining the integrity of the Electronic Official Human Resource Folder (EOPF) that protects the information rights, benefits and qualifications of federal employees.” It’s there. The EHRI includes “Social Security Number, Date of Birth, Salary, Family Address, and Job Descriptions for All Civil Government Workers and the Disciplinary Actions they faced.” The plaintiff also states that the BFS and EHRI systems and the information contained therein are usually established by the Information Security Protocols required by the Federal Information Security Act 2014 (“FISMA”) and the Privacy Act 1974 (“Privacy Act”). claims to be protected by privacy protections. “), and supervision by trained personnel.
The plaintiff at the direction of the DOGE defendant, by providing the government defendant with illegal access to confidential and protected data in the BFS and EHRI systems, allowing the data to be used for prohibited purposes; They claim that they have abandoned these safeguards. After being confirmed as Secretary of Treasury on January 27, 2025, defendant Scott Bescent granted USDS personnel access to the BFS payment system and the ability to “stop federal payments” to USDS officials. It is said to provide.
As a result of granting this access, the plaintiffs alleges that Secretary Becent and the Ministry of Finance are not permitted to access them to individuals who are not permitted by law to the personal information contained in those systems. . After a USDS representative received access to the BFS system, Twitter/X’s official USDS/DOGE account tweeted, “Stop inappropriate payments.” Similarly, “an individual playing the USDS administrator or exercising substantial authority within USDS,” Elon Musk said on his personal Twitter/X account.”[t]The plaintiff further alleges that based on information and belief, USDS and Treasury officials have illegally excluded information from the BFS payment system and are rediscovering the information in individuals not employed by the Treasury. There is. USDS is moving to “stop approved payments to federal contractors, charities providing social services, and other federal sectors.”
On January 20, 2025, the plaintiffs alleged that Musk and USDS officials entered OPM’s headquarters and managed the computer system. According to the plaintiff, at least six USDS agents will be given “extensive access to all HR systems, including the EHRI system,” and will provide other history, personally identifiable information, workplace assessments and other personal data. Gives the ability to access databases to store.
The plaintiff also said that based on information and belief, USDS officials who have access to the financial and OPM systems said, “There is no training in applicable security safeguards for personal information, and therefore have no experience with the relevant Ministry of Finance or OPM. So they argue that there may not be necessary security clearance. They are not federal employees. “As a result, the plaintiffs will be able to grant government defendants access to the system to DOGE defendants a Social Security number and They claim that it constitutes illegal disclosure of personal data, including tax information. Personal data belonging to millions of federal employees stored in the EHRI system.
As a “alternative” theory of complaints, plaintiff DOE 1 claims that as a career civil servant, OPM holds personal information about her EHRI, including her Social Security number, home address and disciplinary records. The plaintiffs also allege that many of the members of DOE 1 and Epic have filed federal tax returns electronically within the past six years. As a result, the BFS system contains extensive financial information about it, including legally protected returns information. Therefore, the plaintiffs argue that their “sensitive, confidential, and personally identifiable information is illegally accessed and at risk by Doge.” The plaintiffs argue further.”[b]The harm of immediate disclosures faces a significant increase in risk: data errors that interfere with pay or other employment benefits, intentional withholding of legally entitled payments, and personal information. theft. ”
The court noted that the accused objected to the allegations that USDS officials had gained access to these information systems. Instead, the defendant argues that
In response to a legitimate executive order issued by President Trump, the Treasury Department and OPM will be offering detailed information to oversee the implementation of the new administration’s policies to eradicate waste, fraud and abuse across the federal government. We have gathered a team of staff from the institutions, including: These teams work with USDS, an element of the President’s Executive Office, but only employees who are agents and have access to data systems that contain personal information that the plaintiff is based on their claims. .
Therefore, the defendant argues that the plaintiff’s claim of illegal access to information systems by USDS officials cannot be correct.
In their allegations, the plaintiffs will assert it.”[t]His long-time defendant is more likely to access or further disclose the plaintiff’s individual data because unauthorized access to these confidential systems, and as the plaintiff’s data becomes longer, an adversary affiliated with the hostile affiliated with the plaintiff. There is an increased risk of exposure or detachment due to this. Additionally, the defendant “subjects that it can be misused easily and immediately. [personal identifying information] Violate the law by voluntarily suspending payments through access to the BFS system, as they publicly claim or assert “by Bring.” That’s a violation[ing] Finally, the plaintiffs have a considerable risk for plaintiffs suffering from future identity theft, as OPM’s network is subject to regular hacking attempts and these attempts are likely to be successful. It is claiming. As a result of the defendant’s actions.
The plaintiff’s fear of future harm is too speculative and will require the court to make some leap into reasoning to justify injunctive relief. For example, the plaintiff does not provide concrete evidence that the defendant is actively misusing or attempting to misuse sensitive data. The hypothetical scenario in which the defendant withholds payments or results in unfavourable employment measures based on the plaintiff’s confidential data is not supported by the records before this court. And to accept the plaintiff’s argument based on the detachment of information by hostile actors, the court must conclude that the defendant’s actions are causing an increase in the likelihood of hacking. Plaintiff’s information will be specifically targeted and such violations will lead to identity theft or other tangible harm, economic or otherwise.
Because the plaintiff’s claims are based on a set of possibilities, this speculative set of event chains is insufficient to establish irreparable harm, and either of them may not be realized. See Beck848 F.3d at 275 (the court had to assume that it had “targeted a stolen item of identity containing a thief” and then assumed that it had assumed that it had “probable” See the fear of identity theft as a damping chain” “Thieves thieves “select the personal information of the appointed plaintiff from thousands of other people and use that information to steal identity. Make it a success.”). “As the Supreme Court pointed out, winterthe possibility of irreparable harm does not constitute a “clear indication” that the plaintiff is entitled to remedy.
Given the extraordinary nature of the remedies and the speculative and attenuated nature of the potential harms faced by the plaintiff, the court would be able to issue injunctive relief based on previous records of the current record. I can’t do that…
