Comments of EPIC to the USDA on System of Records Notice for 12 Databases

COMMENTS OF THE ELECTRONIC PRIVACY INFORMATION CENTER AND 3 ORGANIZATIONS 

to the 

U.S. DEPARTMENT OF AGRICULTURE 

Privacy Act of 1974; System of Records 

Notice of Modified System of Records 

91 Fed. Reg. 18,812 | SBA-2025-0069 

May 13, 2026 

---

The Electronic Privacy Information Center (EPIC) and the undersigned organizations submit these comments in response to the System of Records Notice (“the Notice”) published in the Federal Register by the U.S. Department of Agriculture (USDA) on April 13, 2026.¹ EPIC is a public interest research center in Washington, D.C., established in 1994 to protect privacy, freedom of expression, and democratic values in the information age.²  

We strongly object to the USDA’s proposed routine use described in the Notice. In a scant page, the instant Notice³ proposes to add a routine use to twelve systems of records that would allow the USDA to disclose incredible amounts of information to the Department of the Treasury (Treasury), including the sensitive information of every person who has applied for or received Supplemental Nutrition Assistance Program (SNAP) benefits, received childcare tuition assistance, ran a farm receiving USDA funds, or even just expressed an interest in the Veterinary Medicine Loan Repayment Program.⁴ The USDA asserts, as it and other federal agencies have done hundreds of times over the last year, that creating this automatic information pipeline is necessary to address rampant payment fraud against the government—a claim that is not well substantiated.⁵ In effect, the Notice furthers the federal government’s ongoing efforts⁶ to amass personal information into a reckless and illegal national databank,⁷ creating a singularly rich target for hackers and fraudsters and duplicating the functions of other, far more secure methods of payment verification.   

The USDA’s paltry System of Records Notice violates the Privacy Act. First, the proposed routine use is incompatible both with the original purpose for collecting the information housed in these systems and, for some, the boundaries drawn around disclosure by Title VII.⁸ Such an overbroad routine use cannot satisfy the strict data minimization principles mandated by the Privacy Act. Second, the Notice exhibits significant deficiencies and omissions that obscure the amended character of the affected systems and violate the agency’s mandate to safeguard the records it maintains. In sum, the asserted routine use fails the requirements of the Privacy Act, and USDA must withdraw its Notice.  

1. The Proposed Routine Use Is Incompatible and Violates the Privacy Act’s Data Minimization Mandate. 

The Privacy Act prohibits the disclosure of any record unless such disclosure is done under one of the limited exceptions set forth by the Act.⁹ Routine uses are one such exception.¹⁰ Any disclosure of a record maintained by USDA for a routine use must be for “a purpose which is compatible with the purpose for which [that record] was collected.”¹¹ The USDA now seeks to add a routine use to twelve information systems that would allow it to disclose information held in those systems to Treasury “when disclosure of the information is relevant to review payment and award eligibility through the Do Not Pay Working System for the purposes of identifying, preventing, or recouping improper payments to an applicant for, or recipient of, Federal funds, including funds” that are disbursed as part of a “state-administered, federally funded program.”¹² The proposed routine use is incompatible with the original purpose of record collection and overbroad. For these reasons, it is unacceptable under the Privacy Act and must be rescinded.  

As an initial observation, the agency apparently declines to explain how the same routine use may be compatible with twelve systems that have facially different purposes ranging from benefits eligibility and disbursement¹³ to monitoring loan repayment¹⁴ and enhancing the marketing of agricultural products.¹⁵  

Further, the proposed routine use is flatly incompatible with the original purpose for which many affected records were collected. The Child Care Tuition Assistance Program,¹⁶ for example, collects information to verify USDA employees’ identities and eligibility for child care tuition assistance as part of a program meant to “make child care more affordable for lower income Federal employees.”¹⁷ Similarly, the Child Day Care Assistance Records System collects family income data from Foreign Agricultural Service employees and their child care providers for the limited purpose of verifying child care assistance eligibility.¹⁸ These are far more limited uses than that proposed here. The routine use is further incompatible with the express Title VII protections for SNAP information set up by Congress,¹⁹ which clearly demonstrate the outer limits of compatibility with that program’s purpose (i.e., program administration and eligibility determination).²⁰ 

Here, the routine use is drawn far too broadly.²¹ It would permit disclosure of any record deemed “relevant” to “identifying, preventing, or recouping improper payments” within seemingly any federally funded program, regardless of its connection to the record’s original purpose.²² While this language suggests that the USDA may not disclose all of the information held in its systems to Treasury, at no point does the agency define “relevant information,” explain what factors contribute to a finding of relevancy, or identify who makes the determination that information is relevant. It similarly does not define “improper payments” or cabin the uses of disclosed information to the program related to the record. USDA’s vague assertion of broad disclosure authority thus violates OMB guidelines and defies any attempt to evaluate compatibility.²³ And, given the sensitivity and volume of the information contained in the systems contemplated by the Notice, the likelihood of misuse and abuse of sensitive information is high.  

For these reasons, the asserted routine use is unlawful, and the Notice must be withdrawn.   

2. The Notice Reveals Several Other Deficiencies Under the Privacy Act.  

Finally, the Notice displays several other deficiencies that violate the Privacy Act. As written, the Notice lacks a valid purpose, omits crucial information required by the Privacy Act, and violates the agency’s mandate to safeguard the information contained in its information systems.  

First, although the agency invokes Executive Order 14249, Protecting America’s Bank Account Against Fraud, Waste, and Abuse, and OMB Memorandum M-25-32, the USDA fails to establish that the records held in these systems are either “relevant” or “necessary to accomplish” any valid, legal purpose under those authorities.²⁴ The Privacy Act requires a system of records to be both,²⁵ but the agency has made no attempt to demonstrate either element. Of course, as discussed above, the disclosure contemplated by this Notice is poorly specified and overbroad. In light of these features, it is difficult to imagine any disclosure satisfying this requirement. Further, no executive order may (and the cited order does not purport to) supersede the requirements of the Privacy Act. Finally, the agency’s proposed routine use is duplicative. Even if information held by the agency is disclosed only for the purposes related to improper payments, this purpose is already achieved through means far less hazardous to privacy and data security, including through the secure and Congressionally-established National Accuracy Clearinghouse system.²⁶ The USDA fails to explain why disclosure of records en masse is the proper route to achieving its stated purpose when it has at its disposal several time-tested tools. Thus, the USDA lacks the authority and purpose necessary to add this routine use.  

Second, USDA’s Notice is incomplete. The agency fails to include key information required by the Privacy Act, including the categories of records affected by its Notice²⁷ and of the individuals whose information will be disclosed under the routine use the agency proposes.²⁸ Instead, the Notice merely states that the agency will disclose “information relevant to verifying payment and award eligibility through the Do Not Pay Working System.”²⁹ As discussed above, the Notice makes no effort to define relevancy here.  

This statement does not meet the standards of the Privacy Act. As written, the Notice does not provide the public with a description of the character of the revised system.³⁰ The twelve information systems affected by this Notice contain reams of sensitive personal information about a person’s life, such as their citizenship status, financial and tax information, social security numbers, employment information, benefits eligibility, and beyond. This information has been collected from huge swaths of the public—from individuals seeking or receiving SNAP benefits to graduates enrolled in a veterinary student loan repayment program, and even those simply working for a company that contracts with the USDA. Knowing what information will be disclosed and whether that is your information is crucial to evaluating the privacy, security, and other risks posed by the USDA’s proposal and continued engagement with the government. The omissions make such a balancing impossible and will dissuade the public from seeking out the Congressionally-approved assistance they require and to which they are rightfully entitled. 

Finally, the USDA’s mass disclosure of sensitive information directly contributes to the creation of a massive consolidated information system contemplated and rejected by Congress.³¹ Not only does a national databank violate the Privacy Act’s data minimization mandate,³² it also creates a honeypot that facilitates government overreach and abuse and significantly heightens the possibility of loss of sensitive information through hacking or fraud. The USDA’s Notice thus violates its obligation to “protect against any anticipated threats or hazards to [the] security or integrity” of the records held by the agency.³³ From the Notice, it appears the agency has not considered the significant risk its actions create.  

Each of these instances violate the Privacy Act. Taken together, it is clear that the USDA must withdraw its Notice and refuse to disclose the information held in the affected systems to Treasury.  

3. Conclusion 

No one should have to check their privacy at the door in order to work a job or gain access to essential, Congressionally-established benefits and services like food assistance and education. This Notice forces that choice. For this reason, and those set out above, the USDA should withdraw its Notice and abandon its plans to disclose the information contained in the twelve information systems affected. If you require additional information about the agency’s statutory obligations under the Privacy Act and related law, please contact Abigail Kunkler, EPIC Law Fellow, at [email protected]. 

Respectfully submitted, 

Electronic Privacy Information Center (EPIC) 

Association of Public Data Users 

The Leadership Conference on Civil and Human Rights 

National Consumer Law Center (on behalf of its low-income clients) 

---

[1] 91 Fed. Reg. 18812, 18812 (Apr. 13, 2026), https://www.federalregister.gov/documents/2026/04/13/2026-07093/privacy-act-of-1974-system-of-records.

[2] See About Us, EPIC.org, https://epic.org/about/.

[3] 91 Fed. Reg. at 18812.

[4] The USDA proposes to amend the following information systems: Current or Prospective Producers or Landowners, Applicants, Borrowers, Grantees, Tenants, and other participants in RD Programs (USDA/RD-1); Persons Doing Business with the Food and Nutrition Service (USDA/FNS-10); Applicant/Borrower (USDA/FSA-14); Farm Records File (Automated) (USDA-FSA-2); FAS Child Day Care Assistance Records System (USDA/FAS-5); Financial Systems (USDA/OCFO-10); Information on Persons Identified as Responsible for Serious Deficiencies, proposed for Disqualification, or Disqualified to Participate as Principals or Family Day Care Home Operators in the Child and Adult Care Food Program (CACFP) (USDA/FNS-11); List of Ineligible Producers (FCIC-8); National SNAP Information Database (USDA-FNS-15); USDA Child Care Tuition Assistance Records System (USDA/OHRM-5); USDA Integrated Acquisition System (USDA/DA-01); and the Veterinary Medicine Loan Repayment Program (VMLRP) (USDA/NIFA-1).

[5] Senator Richard Blumenthal, Minority Staff Report, Senate Permanent Subcommittee on Investigations, The $21.7 Billion Blunder: Analyzing the Waste Generated by DOGE (July 31, 2025), https://www.blumenthal.senate.gov/newsroom/press/release/07/31/2025/the-217-billion-blunder-new-psi-report-reveals-billions-in-taxpayer-dollars-squandered-by-doge; Lauren Hodges, Patrick Jarenwattananon & Juana Summers, Former DOGE engineer says he was ‘surprised’ by ‘how efficient’ the government is, NPR (June 5, 2025) https://www.npr.org/2025/06/02/nx-s1-5417994/former-doge-engineer-shares-his-experience-working-for-the-cost-cutting-unit.

[6] EPIC, Fighting Federal Data Abuses, https://epic.org/issues/democracy-free-speech/fighting-federal-data-abuses/.

[7] See Pub. L. 100-503, § 9 (Oct. 18, 1988). Section 9(1) states that “[n]othing in the amendments made by this Act shall be construed to authorize… the establishment or maintenance… of a national data bank that combines, merges, or links information on individuals maintained in systems of records by other Federal agencies.” Id.

[8] 7 U.S.C. § 2020(e)(8).

[9] 5 U.S.C. § 552a(b).

[10] Id. at § 552a(b)(3).

[11] Id. at § 552a(a)(7).

[12] 91 Fed. Reg. at 18812.

[13] National SNAP Information Database (USDA-FNS-15), 90 Fed. Reg. 26521 (June 23, 2025).

[14] Veterinary Medicine Loan Repayment Program (VMLRP) (USDA/NIFA-1), 75 Fed. Reg. 77607 (Dec. 13, 2010).

[15] Farm Records File (Automated) (USDA-FSA-2), 72 Fed. Reg. 70559 (Dec. 12, 2007).

[16] Child Care Tuition Assistance Records System (USDA/OHRM-5), 67 Fed. Reg. 15523, 15523 (Apr. 2, 2002).

[17] National SNAP Information Database (USDA-FNS-15), 90 Fed. Reg. 26521 (June 23, 2025).

[18] Child Day Care Assistance Records System (USDA/FAS-5), 66 Fed. Reg. 49612, 49612 (Sept. 28, 2001).

[19] 7 U.S.C. § 2020(e)(8).

[20] For a detailed discussion of compatibility regarding information collected under SNAP, see EPIC, Comments to the USDA Regarding the System of Records Notice for the National SNAP Information Database, EPIC.org, at 4–6 (Jul. 16, 2025), https://epic.org/documents/comments-of-epic-to-the-usda-on-system-of-records-notice-for-the-snap-information-database/.  

[21] OMB, Federal Agency Responsibilities for Review, Reporting, and Publication under the Privacy Act, OMB Circular. No. A-108 at 11.

[22] 91 Fed. Reg. at 18812.

[23] OMB, Federal Agency Responsibilities for Review, Reporting, and Publication under the Privacy Act, OMB Circular. No. A-108 at 11.

[24] 5 U.S.C. § 552a(e)(1).

[25] Id.

[26] See SNAP National Accuracy Clearinghouse (NAC), USDA (June 18, 2025), https://www.fns.usda.gov/snap/nac.

[27] 5 U.S.C. § 552a(e)(4)(C).

[28] Id. § 552a(e)(4)(B).

[29] 91 Fed. Reg. at 18812.

[30] 5 U.S.C. § 552a(e)(4).

[31] See Pub. L. 100-503, § 9 (Oct. 18, 1988).

[32] 5 U.S.C. § 552a(e)(1).

[33] Id. at § 552a(e)(10).