White House NDS Used Tracking on 4 Federal Sites, Then Removed It After Questions
Updated
Updated · The Guardian · Jun 28
White House NDS Used Tracking on 4 Federal Sites, Then Removed It After Questions
1 articles · Updated · The Guardian · Jun 28
Summary
Four National Design Studio-run federal websites used hidden tracking tools that logged visitor activity on services tied to passports, drug pricing and children’s savings, according to a Guardian investigation.
PostHog was installed across all four sites and enabled on two, while a separate in-house script on ndstudio.gov sent user data to a nonpublic destination; the code was removed after the White House received questions on 4 June.
No privacy impact assessments or system-of-records notices covering that tracking were publicly filed, despite requirements under the Privacy Act of 1974 and the E-Government Act of 2002, and EPIC called the setup a likely legal violation.
The same White House office also built or controlled versions of vote.gov, passports.gov and Login.gov-linked services, routing sensitive interactions through infrastructure registered to the executive office of the president rather than the usual agencies.
Created by Trump in August 2025 and staffed by veterans of Elon Musk’s Doge effort, the NDS operates with little public spending disclosure or inspector-general oversight, raising broader questions about funding, accountability and election-data access.
A White House team used hidden software to track citizens online. Where did their personal data actually go?
Why is a new executive office rebuilding federal websites, bypassing the agencies legally in charge of them?
With its records sealed for years, how can this new White House design studio be held accountable?
Undisclosed Tracking on Federal Websites: How the National Design Studio Compromised Privacy and Accountability in 2026
Overview
In June 2026, The Guardian revealed that the White House’s National Design Studio (NDS) had secretly installed commercial tracking software, including PostHog and AutoMonitor, on several sensitive federal websites. These tools recorded nearly every user interaction and evaded privacy protections by routing data through federal domains. NDS also created parallel portals for key services like passport applications and voter registration, bypassing established agencies and raising serious concerns about data security and oversight. The undisclosed tracking and lack of transparency highlighted major gaps in accountability, sparking fears about privacy violations and the erosion of public trust in government digital services.