What Happened This Week:

  • DOGE engineer stole Social Security data. A whistleblower alleges a former DOGE employee copied databases containing 500+ million Americans' records onto a personal thumb drive. Claims "God-level" access to SSA systems.
  • Meta Ray-Ban footage goes to Kenya. Workers reviewing smart glasses recordings saw bathroom visits, people undressing, and sex acts. A class action lawsuit filed March 4 accuses Meta of overstating privacy protections.
  • Palantir will surveil federal workers. A no-bid contract up to $75 million lets Palantir "optimize seating" and track return-to-office compliance at USDA. Labor advocates call it bossware.
  • EFF warns against Meta smart glasses. The recording light can be disabled with "cheap hacks." Meta is planning facial recognition to identify strangers.
  • OSI Systems breach hits 4,900. Defense contractor fell to Christmas Day ransomware. INC RANSOM claimed 250GB of stolen data.
  • FISA 702: 37 days until sunset.

DOGE Employee Allegedly Stole Social Security Data on Thumb Drive

The Social Security Administration inspector general is investigating a whistleblower complaint that a former Department of Government Efficiency engineer copied sensitive databases onto a personal thumb drive before leaving the agency [1].

According to The Washington Post, the ex-DOGE employee told coworkers at his new job that he possessed two restricted databases:

  • Numident: 548 million records of Social Security number holders
  • Master Death File: Records of deceased Americans

The former employee allegedly claimed to retain "God-level" access to SSA systems even after departing. He reportedly planned to use the data at his new company.

SSA denied the allegations, calling the report "fake news" designed to "scare seniors." The agency said all named parties refuted the claims. But that doesn't explain why the inspector general notified congressional committee leaders on March 6 that it's reviewing the complaint.

This follows January revelations that DOGE improperly accessed SSA data and shared it with external parties. Court documents in that case showed data was used to advance dubious fraud claims without agency officials' knowledge.

Related: DOGE SSA Data Access: January Revelations | The "One Big Beautiful Database" Plan

Meta's Ray-Ban Glasses: Your Intimate Moments Reviewed in Kenya

A joint investigation by Swedish newspapers Svenska Dagbladet and Göteborgs-Posten found that footage from Meta's Ray-Ban smart glasses gets reviewed by human contractors in Kenya [2].

What the reviewers saw:

  • Bathroom visits
  • People undressing
  • Sexual acts
  • Pornography viewed while wearing glasses
  • Visible bank cards in recordings

Meta's anonymization? Doesn't work. Faces sometimes remain visible, the data annotators reported.

A class action lawsuit filed March 4 in San Francisco federal court accuses Meta of overstating privacy protections built into the glasses [3]. The complaint centers on footage being sent to Kenya-based subcontractors for AI training without meaningful consent.

The Electronic Frontier Foundation published a warning on March 10: "Think Twice Before Buying or Using Meta's Ray-Bans" [4]. The EFF notes that the small recording indicator light can be disabled with "cheap hacks." Unlike phones, these glasses are designed to be invisible to people being recorded.

And Meta wants to go further. Internal plans for a "Name Tag" feature would let wearers identify strangers in real time using facial recognition. An internal memo noted this is good timing because "civil society groups that we would expect to attack us would have their resources focused on other concerns."

Palantir Gets No-Bid Contract to Surveil Federal Workers

The Agriculture Department awarded Palantir a no-bid contract to help implement Trump's return-to-office directive, potentially bringing "bossware" surveillance technology to the federal workforce [5].

Contract details:

  • Tasks: Employee seat assignments, space utilization, return-to-office compliance
  • Value: Between $750,000 and $75 million
  • Justification: Only Palantir can deliver these services "in a matter of days, not years"
  • Bidding: None. Sole source award.

Labor advocates have raised alarms about bossware: surveillance software that tracks keystrokes, monitors screens, and measures "productivity" in ways that take a documented mental and physical toll on workers.

This contract sits within a larger $300 million USDA-Palantir deal from last year tied to "national farm security" alongside the Pentagon and DHS. Palantir is also building a "One Farmer, One File" system that would consolidate agricultural data.

The pattern is clear: Palantir keeps expanding from national security into domestic surveillance infrastructure. ICE. Treasury. Now every federal worker at USDA.

Related: DOGE Master Database Plans

Defense Contractor OSI Systems Breach: 4,900 Affected

OSI Systems, a California defense and security technology company, disclosed a Christmas Day ransomware attack affecting 4,910 people [6].

The ransomware group INC RANSOM claimed responsibility on December 30, 2025, saying they stole 250GB of confidential company and client data. OSI completed its review on February 10 and started mailing notification letters on March 11.

Exposed information likely includes names, Social Security numbers, financial account data, government IDs, and employment records. OSI makes screening systems used at airports, border crossings, and government facilities.

This is the pattern: security companies that are supposed to protect critical infrastructure can't protect their own employee data.

FISA 702: 37 Days Until Sunset

Section 702 expires April 20. FBI queries of Americans' data collected under the program rose 35% in 2025, from 5,518 in December 2024 to 7,413 in November 2025 [7].

The bipartisan Government Surveillance Reform Act introduced by Senators Ron Wyden and Mike Lee would:

  • Require warrants before searching Americans' communications
  • Close the data broker surveillance loophole
  • Block the government from buying Americans' data from "shady sources"

The Trump administration still won't say what it thinks about reauthorization. Senator Tom Cotton wants an 18-month "clean" extension with no reforms.

Meanwhile, the Government Surveillance Transparency Act would require public reporting of the hundreds of thousands of criminal surveillance orders issued by courts each year. Currently, the public has no idea how often federal agencies surveil Americans.

Related: FISA 702 Sunset Countdown | SAFE Act Analysis

Quick Hits

  • Starbucks breach: Data breach exposed 889 employees' personal information. Attack occurred January 19 - February 11 [8].
  • Fidelity settles for $2.5 million: The settlement covers 155,000 individuals affected by a data breach [9].
  • ID Care breach: The largest private infectious disease practice in New Jersey announced a breach affecting current and former patients [10].
  • 20 states now have privacy laws: Indiana, Kentucky, and Rhode Island joined the list in 2026, bringing new restrictions on geolocation data, youth protections, and facial recognition [11].
  • Ring facial recognition opt-out deadline: Today is the last day for existing Ring users to opt out of facial recognition features.

Looking Ahead

This week:

  • March 14: Ring facial recognition opt-out deadline (today)

Coming up:

  • March 23-26: RSA Conference 2026 (federal agencies boycotting)
  • March 30-31: Privacy Summit, Washington DC
  • March 31: Conduent breach credit monitoring enrollment deadline
  • April 1: California "Delete My Data" requests open
  • April 20: FISA Section 702 sunset. 37 days.

References

  1. Washington Post - DOGE member took Social Security data on a thumb drive
  2. Help Net Security - Workers reviewing Meta Ray-Ban footage encounter users' intimate moments
  3. TechCrunch - Meta sued over AI smart glasses privacy concerns
  4. EFF - Think Twice Before Buying or Using Meta's Ray-Bans
  5. Jacobin - Is Palantir Under Contract to Surveil the Federal Workforce?
  6. Strauss Borrelli - OSI Systems Data Breach Investigation
  7. Nextgov - FBI queries of Americans' data under FISA 702 rose 35% in 2025
  8. Computing - Starbucks announces data breach
  9. NAPA-Net - Fidelity Settles Data Breach Claim
  10. ClassAction.org - ID Care Data Breach
  11. MultiState - Privacy Laws Taking Effect in 2026

Last updated: March 14, 2026