Washington: An email system employed by Elon Musk and his associates for communicating with all U.S. federal employees operates “entirely on government computers” and does not utilize a non-government server, according to a court filing by Office of Personnel Management (OPM) officials on Wednesday.
The filing emerges amidst concerns that Musk’s team might be bypassing security protocols while managing personal data, especially as they execute staff reductions across the U.S. government.
On January 27, an attorney representing OPM employees requested a judge to issue a temporary restraining order to stop the use of the server involved in this email system. Kelly McClanahan, executive director of the National Security Counselors, argued in the complaint that this email system poses a significant security threat to approximately two million employees in the executive and judicial branches, plus an unspecified number of contractors. He claimed the system lacked a mandatory privacy impact assessment.
On January 28, Musk’s associates utilized this system to send emails to all federal employees about a “deferred resignation program.”
In response, government lawyers argued in their filing on Wednesday that no privacy impact assessment was necessary because the system only manages federal employee data. However, they also included a privacy impact assessment dated February 5. This document, referring to the system as the “Government-Wide Email System (GWES),” indicated that it collects federal employees’ names, government email addresses, and “short, voluntary email responses.” The assessment named Riccardo Biasini, a former Tesla engineer and current director at The Boring Company, as the contact for the system, with Greg Hogan, OPM’s chief information officer, signing off on it.
It remains unclear whether the “government computers” mentioned are part of new or existing OPM infrastructure. An OPM spokesperson chose not to comment further.
McClanahan’s complaint highlighted that the email system holds “vast quantities” of personally identifiable information, potentially more vulnerable to cyberattacks than previous OPM systems. The complaint referenced an anonymous Reddit post claiming unauthorized access by someone physically connecting an email server to OPM’s network. Additionally, an anonymous OPM staff member told the Musk Watch newsletter that the server involved was “a piece of commercial hardware,” not acquired through standard federal procurement.
Also Read | Sheikh Mujibur Rahman’s Historic House Burned by Protesters in Bangladesh
OPM refuted these claims on X, stating that “reports about a private server being brought into OPM are FALSE,” and linked to the February 5 privacy impact assessment. McClanahan did not respond to requests for comment.
Reports about a private server being brought into OPM are FALSE. OPM has released a privacy impact statement regarding its government-wide email system. Get the facts: https://t.co/ixbvrhSC92
— U.S. Office of Personnel Management (@USOPM) February 5, 2025
Also Read | Trump’s Gaza Plan Mirrors Kushner’s Waterfront Vision
On the same day, Democratic members of the Senate Intelligence Committee, joined by independent Senator Angus King, wrote to White House Chief of Staff Susie Wiles, questioning the vetting process for staff involved in Musk’s Department of Government Efficiency (DOGE) operations, including the OPM email system. They sought clarity on who has been employed under DOGE, under what authority it operates, and how staff handling sensitive information are monitored.
