On August 26, 2025, Charles Borges, Chief Data Officer (CDO) at the Social Security Administration (SSA), submitted a complaint alleging that the Department of Government Efficiency (DOGE) engaged in unauthorized use of SSA data in a cloud-based environment.

The filing describes a project approved at the SSA CIO level that involved duplicating and storing data from the agency’s core identity system. According to the complaint, Borges was not made aware of or included in the decision.

However, the report does not allege that a data breach occurred, and no compromise of SSA systems has been reported by the agency or DOGE.

DOGE’s Role and Internal Dynamics

The Department of Government Efficiency (DOGE), created to accelerate federal IT modernization, has been embedded in SSA to support technical development and cloud-based initiatives. Within this work, DOGE teams reportedly created a full copy of SSA’s NUMIDENT data as part of a project aimed at testing or advancing infrastructure capabilities.

According to the whistleblower filing, the project was approved at the CIO level by SSA Chief Information Officer Aram Moghaddassi. However, SSA CDO Borges, claims he was not informed of the data activity in advance. Borges, whose responsibilities include enterprise data governance, asserts that he had no visibility or involvement in the decision to replicate or relocate the data.

Notably, the SSA’s CDO and CIO operate in distinct leadership chains. Borges serves within the Office of Analytics, Review, and Oversight, reporting to the Deputy Commissioner for that office. The CIO, by contrast, leads SSA’s information technology portfolio under a separate structure.

This organizational separation is not uncommon in large federal agencies, but in this instance, it appears to have contributed to a disconnect between data policy oversight and technical implementation. While the filing does not allege misconduct by any official, it raises questions about how decisions involving sensitive data are coordinated across parallel leadership roles.

DOGE has not publicly commented on the operational specifics, and SSA has maintained that its systems remain secure, with no data breach reported.

The Wrap

Beneath the surface of the complaint filed by SSA’s Chief Data Officer lies a familiar undercurrent in large, complex organizations: control over data, authority over modernization, and the invisible lines that divide internal power structures.

The case doesn’t allege a breach, nor does it question the technical legitimacy of DOGE’s work. But by pointing to a significant project executed with CIO-level approval and outside the CDO’s purview, the filing exposes a deeper tension, one that’s more organizational than operational.

It raises the question: Was this a breakdown in governance, or a challenge to it?

SSA’s structure, where the CDO and CIO operate in distinct leadership chains, may have contributed to the lack of alignment. But this is not just about lines on an org chart. It’s about who gets to define the guardrails around data usage in a modern agency, especially when external teams like DOGE are empowered to move fast, sometimes without involving traditional stakeholders.

Whether this complaint reflects a legitimate procedural concern or a signal of deeper internal friction is now in the hands of oversight bodies. But for CIOs and technology executives watching from across government and industry, the takeaway is clear: Modernization efforts, especially when involving sensitive data, are not immune from internal politics.

Aligning intent, authority, and communication across leadership roles is not a nice-to-have. It’s foundational. And when those alignments break down, the result isn’t always a security incident, it’s a governance one.