Last week, the Social Security Administration (SSA) quietly updated a public notice to reveal that the agency would be sharing “citizenship and immigration information” with the Department of Homeland Security (DHS). This data sharing was already happening: WIRED reported in April that the Trump administration had already started pooling sensitive data from across the government for the purpose of immigration enforcement.
This public notice issued by SSA makes that official, months after the fact. The notice is known as a system of record notice (SORN), a document that outlines how an agency will share the data it has, with whom, and for what purpose. This notice is required under the Privacy Act of 1974. Normally, SORNs are issued before any data is shared between agencies, giving the public and government officials sufficient time to offer comment. But WIRED found that the so-called Department of Government Efficiency (DOGE) was pulling in data from across DHS, SSA, the Internal Revenue Service (IRS), and state voter data, among other sources, based largely on the US Citizenship and Immigration Service’s (USCIS) Systematic Alien Verification for Entitlements (SAVE) database.
“There are laws that require the government to inform the public about their use of various kinds of databases and other surveillance technologies,” says Adam Schwartz, privacy litigation director at the Electronic Frontier Foundation, a nonprofit focused on digital privacy and free speech. “If the government starts using the database and does not put out the appropriate disclosure and then later does put out that appropriate disclosure, they still have violated the law.”
The Trump administration has gone to drastic lengths to remake the government in its image. A core component of this has been an effort to vacuum up large swathes of data from across federal agencies, many of which were never meant to be comingled. This has frequently happened regardless of the laws, norms, or procedures that normally govern the access and sharing of sensitive data. The SORN from SSA is just the latest confirmation of exactly how much data is being shared in ways experts tell WIRED is “unprecedented.”
Much of this data sharing begins with misinformation about the data at hand. In the early days of the Trump administration, Elon Musk seized on a misunderstanding of SSA’s data to spread the claim that 150-year-old people were receiving benefits. They weren’t, but DOGE capitalized on the idea that the SSA’s systems were inefficient and fraudulent to burrow into the agency’s data and technology systems. In April, reporting from The New York Times found that in an effort to force immigrants to self-deport, the administration was adding them to the SSA’s database of dead people, effectively meaning that their Social Security numbers could not be used to get jobs or access government services. As part of the effort to combine disparate data across the government to verify citizenship and surveil immigrants, DHS recently published a different but related SORN that effectively transforms SAVE into a voter verification system, which experts also warned could be bypassing the requirements of the Privacy Act.
Leland Dudek, who served as acting commissioner for the Social Security Administration between February and May 2025, led the agency when members of DOGE first appeared. Dudek says he was initially supportive of DOGE and acted as a bridge between SSA staff and members of the DOGE team before becoming disillusioned.
Dudek tells WIRED that though there had been agreements to share data with DHS before—mostly Social Security numbers—the scope of the recent SORN seems unprecedented. Normally, says Dudek, DHS is able to check certain Social Security numbers against SSA data, within a limited scope.
But he says that the SSA does not have a way to deactivate a Social Security number, meaning that it can’t be used to allow someone to work or collect government payments, unless that person has died. Dudek says what appears to have changed within the new SORN is that there is now “a special indicator code that identifies types of questionable data or special circumstances concerning an application for an SSN.” This, he says, appears to mean that there would now be a way to essentially flag a Social Security number and take it out of use, without marking them as deceased.
“You can literally cut off anyone’s financial life you want, and you don’t need to use the death master file,” he says.
President Donald Trump has focused heavily on cracking down on immigration since his return to office. The administration has canceled Temporary Protected Status (TPS) for hundreds of thousands of immigrants from countries in Africa and Latin America; deployed the National Guard to assist with immigration enforcement; and claims to have deported more than 500,000 undocumented immigrants. The administration has also sought to collect more data on immigrants, particularly those using government services like housing assistance or food benefits, and Republicans have renewed an effort to add a citizenship question to the US Census. Part of this effort also appears to be the creation of a national citizenship database.
“It seems that DHS was dead set on creating a national citizenship data bank, and for whatever reason, they determined that the Social Security Administration had the largest set of citizenship data across any agency in the government,” says Nikhel Sus, senior counsel at Citizens for Responsibility and Ethics in Washington (CREW). “The American people had no opportunity to weigh in on this dramatic new expansion of the SAVE system before the government illegally repurposed Social Security Administration data.”
CREW is part of a group of organizations currently suing the US government, claiming that the Trump administration is unlawfully consolidating sensitive data across agencies. “These belated systems of records notices only confirm after the fact that the government has run roughshod over the law,” says Sus.
The government also previously held that Social Security data shouldn’t be used for citizenship purposes. In a 2023 letter from the SSA to the Fair Elections Center, a nonprofit focused on voting rights, SSA lawyer Jessica Vollmer wrote that “while SSA records provide an indication of citizenship, they do not provide definitive information on U.S. citizenship,” and that “SSA does not have citizenship information for all individuals who have been issued an SSN.” That authority lies with DHS.
DHS spokesperson Tricia McLaughlin tells WIRED that “USCIS remains dedicated to securing the nation’s electoral process—by allowing states to efficiently verify voter eligibility, we are reinforcing the principle that America’s elections are reserved exclusively for American citizens. We encourage all federal, state, and local agencies to use the SAVE program.”
SSA did not respond to a request for comment.
“[I am] not aware of something happening on this scale, where there was a total disregard for the required procedures of the Privacy Act,” says John Davisson, director of litigation and senior counsel at the Electronic Privacy Information Center (EPIC), which is also part of the suit against the government.
Davisson also says that the legal statute that the SORN cites as justification—one that dates back to when immigration was handled by the now defunct Immigration and Naturalization Service (INS)—does not actually support unrestricted data sharing with DHS. In a 1999 opinion, the Department of Justice limited the kinds of restrictions agencies could put on sharing data with law enforcement. “It essentially says you cannot obstruct an otherwise lawful disclosure of citizenship- or immigration-related information. It does not actually give the Social Security Administration an affirmative grant of authority to disclose information outside of the strictures of the Privacy Act,” says Davisson.
But Davisson says that doesn’t mean there are no restrictions at all. “This administration has attempted to subvert that reading of the statute and to claim that it has carte blanche to obtain from any agency, anywhere in government, whatever immigration or citizenship information it wants.”
Experts tell WIRED that because Social Security data was never collected with the goal of being used for citizenship or immigration purposes, it is also likely to include inaccuracies.
For instance, if someone receives a Social Security number and later becomes a naturalized citizen, Social Security data would not necessarily reflect that change. “There are a lot of reliability concerns when you match disparate data sets across agencies, especially when the data was collected for different purposes,” says Sus. “You could have mismatches. You could have the wrong people’s records being incorrectly linked together.” This could mean that people who are legally in or are citizens of the United States could lose their ability to vote or work due to data matching errors.
Dudek, like Sus, says that SSA data is not a reliable way to determine citizenship and could risk disenfranchising people. Dudek says that in order to combine data responsibly, experts would need to clean and cross-match it across other data sources to reduce the risk of false negatives or positives, and agencies would need to disclose risks or biases within the data itself.
“Is that being done?” says Dudek. “I’m not aware of it being done, and that concerns me.”
The post Social Security Data Is Openly Being Shared With DHS to Target Immigrants appeared first on Wired.
