766 F.Supp.3d 114
D.D.C.2025Background
- The University of California Student Association (UCSA) sought an emergency temporary restraining order (TRO) against the U.S. Department of Education (ED) to prevent disclosure of confidential student data to staff affiliated with the Department of Government Efficiency (DOGE), a new entity created by executive order.
- UCSA’s concern arose after DOGE team members—federal employees, some on detail from other agencies—were given access to ED's systems for auditing waste, fraud, and abuse, which potentially included sensitive student information protected under the Privacy Act and Internal Revenue Code.
- UCSA claimed this access violated statutory privacy protections and sought both injunctive relief to prohibit further disclosures and an order to retrieve any previously shared data.
- The ED argued that all DOGE-affiliated staff accessing the data were subject to applicable confidentiality laws and had not—in any proven way—misused or unlawfully disseminated protected data.
- The court considered whether UCSA met the strict requirements for irreparable harm needed for a TRO, but found UCSA offered only speculative harms rather than non-remediable, actual injuries.
- Statutory remedies allowing for damages in the event of unauthorized disclosures further weighed against finding irreparable injury.
Issues
| Issue | Plaintiff's Argument | Defendant's Argument | Held |
|---|---|---|---|
| Whether UCSA is entitled to emergency injunctive relief to prevent disclosure of member data to DOGE staff | Access by DOGE staff violates statutory privacy protections and causes irreparable harm | DOGE staff are federal employees bound by confidentiality laws; alleged harms are speculative and remediable by damages | Denied TRO; insufficient showing of irreparable harm |
| Whether mere access to sensitive data by non-ED staff constitutes irreparable injury | Once data is accessed, risk of exposure and misuse is irreparable | No evidence of misuse or unauthorized dissemination; access alone is not actual, non-remediable injury | No irreparable harm; speculative risks insufficient |
| Whether potential future misuse of data justifies emergency relief | Risks of identity theft and improper sharing are imminent and can't be compensated later | No evidence these speculative harms are likely; government presumed to act lawfully | No injunctive relief based on conjectural future injury |
| Whether available statutory remedies negate need for emergency relief | Injuries from disclosure can't be remedied by damages | Statutory damages provide an adequate remedy for unauthorized disclosures under both the Privacy Act and the Internal Revenue Code | Availability of compensatory relief negates irreparable harm |
Key Cases Cited
- Chaplaincy of Full Gospel Churches v. England, 454 F.3d 290 (D.C. Cir. 2006) (irreparable harm is required for preliminary injunctive relief; harm must be actual, certain, and beyond remediation)
- Ashland Oil, Inc. v. FTC, 548 F.2d 977 (D.C. Cir. 1976) (no irreparable harm where disclosure is not public and is subject to legal restrictions)
- Davis v. Pension Benefit Guar. Corp., 571 F.3d 1288 (D.C. Cir. 2009) (movant must show all four TRO factors for injunctive relief)
- Wilson v. Libby, 535 F.3d 697 (D.C. Cir. 2008) (Privacy Act regulates federal agency disclosure of individual information)
