The Real Digital Coup

The Real Digital Coup

Americans will have to defend free and fair elections on many fronts in 2026. This post describes one very specific threat: the Trump administration, through Palantir and DOGE, is building the technological infrastructure for automated targeted disenfranchisement. 

Here's how automated targeted disenfranchisment could work:

  1. The Trump administration accesses tax records and other information from government agencies to build profiles of voters in battleground congressional districts.
  2. Palantir software feeds this information into machine learning models trained to identify likely Democratic voters.
  3. The social security numbers of some likely Democratic voters in battleground districts are moved to the Social Security Administration's Death Master File, or are otherwise subjected to targeted administrative errors.
  4. If the SAVE act has passed, the administration pushes notifications to states that the targeted likely voters are “not citizens” (because they are administratively dead, or whatever). Even if the SAVE act has not passed, any of these potential voters who try to register will still be flagged as ineligible by the existing voter verification service run by the Social Security Administration (SSA).
  5. The fraction of targeted voters who try to correct the error may not be able to do so by the election.

Some portion of the infrastructure for each of these steps is already in place. We have no way of knowing whether the administration intends to use the infrastructure in this way, but given what we've seen so far of Trump 2 we have to assume that if they can get away with it they will.

Let's look at how the process would play out step-by-step.

Profiling Voters

On 4/11/2025, Wired reported that Elon Musk’s DOGE and Peter Thiel’s Palantir were collaborating to build a “massive API” for reading IRS taxpayer data. According to an anonymous insider source, DOGE’s goal is to make Palantir’s Foundry software the “read center of all IRS systems.”

Foundry’s purpose is to provide unified access to disparate data sources. Once multiple datasets have been integrated in Foundry they can be easily fed into Palantir’s Gotham product. Gotham applies machine learning to distill actionable intelligence from data. For example, according to Palantir’s website, “Gotham's targeting offering supports soldiers with an Al-powered kill chain, seamlessly and responsibly integrating target identification and target effector pairing.”

The product’s name is no doubt a reference to the system used by Batman in the movie “The Dark Knight” to hack cell phones and use their data for omniscient surveillance of Gotham City. In the case of Palantir’s collaboration with DOGE, the data comes from government agencies rather than cell phones. Since DOGE has been actively siphoning data wherever it can, the IRS is likely just one agency feeding information about U.S. citizens into Foundry.

The initial, ostensible use case for this unification and analysis of government data is the politically safe project of tracking immigrants. But such a system could also be used to manipulate elections by identifying targets for voter suppression.

DOGE Data Sources

Here’s a partial list of government agencies for which we have evidence that DOGE has exfiltrated or tried to exfiltrate data. Some of these agencies already have connections with Palantir, as part of either older contracts or arrangements set up in the last few months.

Agencies with Known Palantir Integration

  • Internal Revenue Serivce, as noted above.
  • Department of Homeland Security: Since 2011 DHS has contracted with Palantir to support Homeland Security Investigations (HSI). Homeland Security Secretary Kristi Noem has stated that DOGE has access to her department’s data.
  • Department of Health and Human Services: Palantir has launched multiple contracts with DHS over the last three years, and a former Palantir employee was appointed HHS CIO in February 2025. DOGE is reported to have gained access to HHS data including healthcare-provider payment systems and a child support payment database with income data.

Other Agencies

  • Social Security Administration: Ten DOGE “IT Specialists” are embedded within the SSA. They have read access to some data, but as of 5/24/2025 they are under a temporary restraining order forbidding them from accessing it. For updates see Case No. 1:25-cv-00596 in the Just Security Litigation Tracker. But one DHS executive told Wired that “They are already cross-referencing immigration with SSA and IRS as well as voter data.”
  • National Labor Relations Board: An NLRB whistleblower reported “a spike in data leaving the agency” after DOGE staffers gained access. According to an official whistleblower disclosure, “the DOGE team asked that their activities not be logged on the system and then appeared to try to cover their tracks behind them, turning off monitoring tools and manually deleting records of their access.”

SSA Data + Other Government Agency Data

So how could a system like Foundry+Gotham use these data sources to identify likely Democratic voters? The government data compromised by DOGE has lots of information about lots of people and organizations, and that means lots of possibilities for inferring hidden variables like party affiliation. Here are a couple of examples.

IRS Donor Information + SSA Name and Address

Some tax exempt nonprofits (501(c)(3) and 527 organizations) are required to list the names and addresses of donors when they file their tax returns. 

501(c)(3) organizations include, for example:

  • The Sierra Club
  • The ACLU Foundation
  • The American Friends Service Committee

501(c)(3)s must report donors of $5000 or more on IRS Form 990 Schedule B.

527 organizations are more overtly political organizations such as political parties or PACs. These organizations have the same IRS donor reporting requirements as 501(c)(3)s, and in addition must report information on donors of more than $200 through IRS form 8872.

The database maintained by the SSA can map names and addresses to individual SSNs. With a platform like Foundry+Gotham, IRS information could be combined with SSA information to build a profile of an individual’s contributions to nonprofits. For many people, this profile would provide a pretty clear signal for identifying political identity.

Even if you haven’t contributed to nonprofits like these, both the IRS and the SSA probably know who your parents are. A system linking IRS and SSA data could potentially flag likely Democratic voters through family affiliations.

NLRB Data + SSA Name and Address

If you file a complaint against your employer with the NLRB, you fill out a form that collects your name and address. Similarly, the first step in forming a union is to get fellow employees to sign union authorization cards that collect name and address.

Both filing a complaint against an employer and signing a union card can provide some signal about your political affiliation – not necessarily definitive in themselves, but potentially revealing when aggregated with other information. The NLRB has the names and addresses of people who have taken these actions, and this information may be sufficient to retrieve their SSNs when combined with SSA data.

Disenfranchising Voters by SSN

So let’s assume that the administration can use this data and Palantir software to identify by social security number at least some subset of likely Democratic voters. For many people conflicting signals may make this identification difficult for Palantir’s machine learning systems, but for some the picture may be pretty clear.

What can the administration do with these identifications? Because the SSA functions as a voter verification service, at the very least it can prevent flagged citizens from registering to vote. If the SAVE act becomes law, it can invalidate existing registrations.

We’ll look at both of these cases in more detail below. But first let’s just note that, in either case, there’s a simple centralized mechanism to invalidate any registration if you have the SSN of the voter you want to throw out.

The SSA Death Master File

The SSA maintains a record of SSNs of dead people called the Death Master File (DMF). Clearly dead people should not be allowed to vote, so to mark a given SSN holder as ineligible to vote, all you need to do is move their SSN into the DMF. Mechanisms put in place by the existing Help America Vote Act (HAVA) and the proposed Safeguard American Voter Eligibility (SAVE) connect this information with voter registration.

The administration has already tested the process of moving living people into the DMF as part of its efforts to intimidate immigrants. The New York Times has reported that the administration has deliberately moved some living legal immigrants into the DMF in order to pressure them to “self-deport." Being listed in the DMF prevents you from getting, for example, bank accounts, credit cards, and government benefits.

This particular abuse of the administrative state has happened entirely in the open. The administration has gone so far as to rename the DMF the “ineligible master file,” confident that citizens won’t object too loudly as long as only immigrants suffer. But now that they’ve done it, they have practical knowledge of who and what they need to control to make it happen more quietly.

If the SAVE Act Becomes Law

The Safeguard American Voter Eligibility (SAVE) Act (H.R.22) includes many provisions that would suppress election turnout, including onerous documentation requirements for registration and the elimination of registration by mail. But more important for the scenario described here, it mandates regular purges of voter rolls by the states, and allows the federal government to push notification of a voter’s ineligibility to the states.

This latter requirement is particularly dangerous. The distribution of control of elections across states is a robust feature of American democracy. Distributed control makes it hard for a central authoritarian power to undermine free and fair elections. But the SAVE act states,

​​A State shall remove an individual who is not a citizen of the United States from the official list of eligible voters for elections for Federal office held in the State at any time upon receipt of documentation or verified information that a registrant is not a United States citizen.

This new federal power to invalidate voters is couched in terms of identifying non-citizens. But we can be confident that Trump-controlled SSA officials would feel comfortable asserting that dead people are no longer citizens and that presence of a person in the Death Master File constitutes “documentation”.

The SAVE Act has passed the House. As of 5/26/2025 it is likely to face a Democratic filibuster in the Senate and Republicans would probably not be able to muster the 60 votes to break the filibuster. However, Senate Republicans have recently demonstrated a willingness to weaken the filibuster in order to overturn California’s electric vehicle mandate.

If the SAVE Act Does Not Become Law

The Help America Vote Act of 2002 mandated that the Social Security Administration establish a voter verification service (Help America Vote Verification, or HAVV) that uses SSA data to confirm whether individuals are eligible to vote. Forty-four states use the service in their voter registration processes. (The six holdouts are North Dakota, Kentucky, Tennessee, South Carolina, New Mexico, and Virginia.) For states that use the service, new voter registrations are checked against HAVV before they are issued. Anyone in the DMF will be automatically rejected.

The potential impact of DMF manipulation on elections via HAVV would be more limited than it would be through SAVE mechanisms: only voters registering for the first time would be suppressed. At the same time, the effect might be harder to detect. First time voters might be more easily discouraged, and less likely to report problems.

Actions You Can Take

Register Early

The SSA does in theory allow people to request the correction of administrative errors, but the process takes time. And DOGE cuts have made it harder for the SSA to process such corrections.

If you need to register to vote, do so as early as possible to allow time to deal with problems. And if it turns out that there is indeed a widespread problem with suspicious administrative errors, the more time for word to get out the better.

Write Your Senators

If you oppose the SAVE Act make sure your senators know it, especially if either of them are moderate Republicans.

If you oppose the weakening of the filibuster make sure your senators know it, especially if either of them are moderate Republicans.

A special note for South Dakota and Maine residents: John Thune was instrumental in preventing a filibuster on the electric vehicle issue, and Susan Collins let him do it. Thune constructed a maneuver that let Republicans avoid the appearance of overriding the Senate parliamentarian’s ruling that Republicans could not prevent a filibuster, and Collins gave her stamp of approval to the maneuver. If you disapprove of these Senators’ weakening of Senate rules, be sure they know it. The filibuster is the last line of defense against the SAVE act.

Write Your State Legislators

The utility of the HAV verification system rests on the assumption that the SSA and the executive branch are trustworthy. If you believe that they are no longer trustworthy and you live in one of the 44 states that use HAVV, write your state legislators to advocate for removing HAVV from voter registration procedures.

Contribute to organizations like the ACLU that are fighting the privacy violations inherent in the DOGE/Palantir project.

What Not to Do

Don’t stop contributing! Since the IRS has records from your entire history, there’s no point to trying to prevent them from profiling you now.