OPM Conducts Privacy Assessment in Lawsuit Regarding Government-Wide Email System
The Office of Personnel Management has provided the assessment, although attorneys from the Justice Department contended it was not needed.
The Office of Personnel Management (OPM) has presented a privacy assessment in relation to an ongoing lawsuit regarding the Trump administration’s initiative to establish a comprehensive email system for communicating with federal employees.
The filing made on February 5 came after a lawsuit where two unnamed employees claimed that the Trump administration failed to issue a privacy impact assessment (PIA) that is supposedly mandated by federal law. Following this, a motion for a temporary restraining order was filed, seeking to prevent a federal judge in Washington from allowing the OPM to operate computer systems related to the email address—[email protected]—linked to the administration’s project.
The attorneys from the Department of Justice submitted the PIA but maintained that the law did not actually necessitate one in this instance.
“For one, this case is moot because—even though the E-Government Act does not require a PIA under these circumstances—OPM has now completed a PIA of the systems associated with the [email protected] address,” stated the DOJ in a filing dated February 5.
Judge Randolph Moss of the District of Columbia had ordered both parties to attend a hearing on February 5 but later rescheduled it to February 6, citing the absence of the plaintiffs’ counsel.
Related Stories
The lawsuit included references to a Reddit post which alleged that political appointees were instructing agencies to gather information on government employees and transmit it to an employee of xAI, one of Elon Musk’s enterprises.
The post claimed, “We believe they are compiling an extensive email list of all federal employees to prepare for mass reduction in force notices later on,” referring to layoffs.
In its February 5 filings, the administration asserted that “a majority of the plaintiffs’ factual claims—derived from a now-deleted Reddit post … are unverified and will be contested if this case moves forward.”
The PIA also tackled several potential privacy issues, such as the possibility of unauthorized access by users or purposes.
The assessment stated, “This risk is alleviated by limiting access to a select group of individuals permitted to access GWES [Government Wide Email System] information and preventing others from entering.”
According to Hogan, the GWES compiled information from the Enterprise Human Resources Integration and Official Personnel Folder record systems, as well as data collected by various agencies received via email.
In response to the request for a temporary restraining order, the Trump administration argued that the law referenced by the plaintiffs—the E-Government Act—did not necessitate a PIA when the government sought to collect data on federal employees, and highlighted that the plaintiffs were trying to obtain relief based on a potential data breach.
“The plaintiffs do not claim any such data breach has occurred, and any potential harm arising from a hypothetical, future data breach is too uncertain to warrant standing,” the administration stated.
