It looks like the Privacy Act might be a way to audit DOGE on a per-person level. Jamie Raskin has suggested mailing them a formal request for your data.

While there does appear to be precedent for this, I can’t find much more information about it. So this is more of a thread in search of info.

Here is some from NPR:

The Privacy Act was once a quite sleepy law in my privacy classes. It’s gotten increasing prominence in part because there’s been so much compliance with the Privacy Act. You know, every agency now has to put out, you know, notices about having new collections of information in databases. And there’s chief privacy officers at every agency. You have to pay attention to it and adhere to its commitments, which are to ensure that you don’t collect information you shouldn’t be collecting for a proper purpose, and that you’re not sharing it unless you meet the conditions of the Privacy Act.