Recent media reports expose a troubling pattern of Trump-Vance administration officials using unofficial email accounts and disappearing messaging applications like Signal to conduct government business–including sharing highly sensitive information on personal devices.

  • As reported by The Atlantic, the administration’s highest-ranking national security officials used an unsanctioned Signal group chat to discuss sensitive information about a military strike against Yemen’s Houthis–which was made public after The Atlantic’s editor-in-chief Jeffrey Goldberg was accidentally included in the Signal group chat.
  • Subsequent reporting indicated that high ranking administration officials regularly use Signal to discuss sensitive national security information, suggesting that The Atlantic’s report was not an isolated incident.
  • Reports have also indicated that members of the National Security Council conducted government business over unencrypted, personal Gmail accounts.
  • Previous reporting indicated that DOGE-affiliated officials conducted work at the General Services Administration using personal Gmail and other non-government accounts.
  • Prior to inauguration, the Trump-Vance transition team declined services from GSA, and instead utilized private servers, laptops, and cell phones to conduct transition work, raising concerns about the transition team’s information security and record-keeping practices.
  • These practices create major security risks, as demonstrated by a recent breach in which hackers gained access to messages sent by high level government officials on a cloned Signal application. Additional reports indicate that passwords and other personal data of several top administration officials have been discovered online, making them targets for hackers and other bad actors.

Reckless record-keeping practices by government officials may violate federal records laws and undermine the public’s right to a transparent and accountable government.

In addition to the grave cybersecurity risks and national security implications, the use of disappearing message applications and personal devices by government officials may violate federal recordkeeping laws designed to ensure transparency.

The Federal Records Act requires government officials to make and preserve adequate and proper documentation of the decisions and operations of their agency. (44 U.S.C. § 3101, 36 CFR § 1222.22). The maintenance of proper government records is vital to:

  • Protect the rights and legal interests of individuals directly affected by Government activities;
  • Preserve institutional memory so that agency officials and their successors can make informed decisions; and
  • Ensure oversight and accountability by allowing for proper scrutiny of government actions by Congress and other oversight agencies such as the Government Accountability Office, the National Archives and Records Administration (NARA), and Inspectors General.

The Federal Records Act imposes strict requirements on the use of non-government accounts to conduct official business. Executive branch employees create federal records when they use personal electronic messaging accounts or devices to conduct official business, and they are required by law to preserve those messages in official government systems. (See NARA Bulletin 15-02). As NARA emphasized in a recent memo to agency records officers, “[t]he auto-delete functions of third party messaging apps may violate federal record-keeping requirements if they do not allow users to identify and preserve federal records prior to their destruction.” (See NARA AC Memo 23.2025). The penalties for the unlawful or accidental removal, defacing, alteration, or destruction of federal records, or the attempt at doing so, include a fine, imprisonment, or both. (36 C.F.R. § 1230.12, 18 U.S.C. §§ 641, 2071).

Democracy Forward is investigating the use of ephemeral messaging and personal email accounts across the Trump administration. To date, we have:

  • Filed dozens of Freedom of Information Act (FOIA) requests with approximately 20 agencies to shed light on how the Trump-Vance administration is using Signal, Gmail, and other unofficial accounts and personal devices to conduct government business.
  • Requested information from the six agencies involved in the aforementioned Signal group chat exposed by The Atlantic. We are seeking all text and signal messages concerning official business; all signal messages from the group chat mentioned above; all records to identify the names, deletion times, and participants of any Signal group used by these officials for official business; and all guidance provided to these officials regarding their federal records preservation obligations for using Signal.
  • Sent letters urging NARA and the relevant agency heads to take remedial action to recover relevant Signal messages emphasizing their obligations under the Federal Records Act.
  • Sought records reflecting any usage of personal email accounts for government business by 16 Trump-appointed agency heads.
  • Sued to force the Department of Homeland Security, Department of Justice, and Department of State to comply with our FOIA requests for all Signal messages and other records regarding the administration’s decision to initiate removals of individuals under the Alien Enemies Act. This request supports our ongoing efforts to challenge the Trump administration’s expansion of the War Powers Act, and in light of revelations about the widespread use of ephemeral messaging by top officials.
  • Requested that agencies search officials’ personal devices and applications such as Signal whenever we file FOIA requests for agency officials’ communications on any topic.

Democracy Forward will continue to investigate the Trump-Vance administration’s use of personal email accounts, auto-deleting messaging applications, and personal devices to help shed light on these reckless and illegal practices.