________
THE INVISIBLE STUDIO
How the Trump Administration Built a Shadow Tech Agency Inside the White House,
Armed It With DOGE Veterans, Handed It Access to 27,000 Federal Websites,
and Asked No One's Permission
* * *
An Investigative Report
May 2026
The Executive Order No One Read
On August 21, 2025, President Donald Trump signed Executive Order 14338, formally titled Improving Our Nation Through Better Design. It was published in the Federal Register on August 26, 2025, in Volume 90, Number 163, pages 41759-41760. It created a new White House agency called the National Design Studio (NDS), established the position of Chief Design Officer of the United States, and quietly set in motion one of the most sweeping and least scrutinized reorganizations of how Americans interact with their own government. Most Americans have never heard of it. That is not an accident. When a billionaire Airbnb co-founder designs how Americans file their taxes, renew your passports, and collect their Social Security, the government has not been modernized. It has been acquired.
The order was not debated in Congress. It was not subject to public comment. No hearings were held. No independent oversight body was consulted. A single signature in the Oval Office created a new White House agency with authority over 27,000 federal websites and subdomains, touching systems that handle Social Security records, tax filings, passport renewals, green card applications, student loan repayments, Medicare enrollment, and small business loans. The combined monthly traffic to those sites exceeds 160 million visits. The personal data flowing through them represents the most comprehensive portrait of the American population in existence.
This is the story of who built it, who is running it, who funds it, and what they intend to do with it.
The Principals
Joe Gebbia, Chief Design Officer
Joseph Gebbia Jr., born August 21, 1981, in Atlanta, Georgia, is the co-founder and former Chief Product Officer of Airbnb. He holds dual degrees in Graphic Design and Industrial Design from the Rhode Island School of Design. He built his fortune on a platform that monetizes the precise location, behavioral patterns, financial records, and personal preferences of its users across 190 countries. He is a signatory to the Giving Pledge. He is also, as of September 2025, the first Chief Design Officer of the United States.
According to reporting by Wired, Gebbia was originally set to join the Department of Government Efficiency (DOGE) under Elon Musk. He instead negotiated his own office. He pitched the National Design Studio concept directly to Trump during a meeting at the Oval Office, after Interior Secretary Doug Burgum asked him to redesign Recreation.gov. The pitch worked. What began as a camping website refresh became a mandate to redesign the entire federal government's digital presence.
Gebbia has publicly described the NDS's goal as creating an "Apple Store-like experience" for government services. Apple was specifically cited as a design reference point. The framing is telling: Apple's model is built on maximum data capture, behavioral tracking, and ecosystem lock-in. Translating that model to the federal government, with its unique and coercive relationship to citizen data, raises questions that Gebbia has not answered publicly.
Edward Coristine, Head of Engineering
Edward Coristine, born December 2005, known online as "Big Balls", is a Northeastern University dropout who joined Elon Musk's DOGE operation at age 19 with no prior government experience. He is now listed as Head of Engineering at the National Design Studio.
Coristine's background warrants scrutiny. Bloomberg News reported that he was fired from a cybersecurity internship at Path Network in 2022 for allegedly leaking internal company information to a competitor. His personal content delivery network, DiamondCDN, has been linked by investigators to facilitating the work of the cybercriminal group EGodly. A former FBI agent who reviewed his background stated publicly that he would not have recommended Coristine for government work.
During his DOGE tenure, Coristine was granted access to systems at the Social Security Administration, the Small Business Administration, the General Services Administration, the Treasury Department, the Commerce Department, and the Cybersecurity and Infrastructure Security Agency (CISA). He attended high-level meetings involving military operations. He was 19 years old. He had not undergone standard national security vetting.
In a recorded conversation that surfaced in April 2026, Coristine described how federal datasets he had access to were used to help a conservative YouTuber named Nick Shirley conduct a fraud investigation in California. Shirley told Coristine on video: "I went to California based off that dataset you had helped me extract." The use of federal government data to assist a private political media operation is not a minor disclosure. It is a potential violation of the Privacy Act of 1974.
Coristine has also been involved, through the NDS, in the development of freedom.gov, a State Department-registered portal designed to give users in Europe access to content restricted under local law, including terrorist propaganda and hate speech. He announced its pending launch on X with the message "FREEDOM IS COMING."
Nate Brown, Chief Creative Officer
Nate Brown serves as Chief Creative Officer of the National Design Studio. His prior credential, as disclosed by Coristine in a March 2026 interview, is that he worked with Ye, formerly Kanye West, on the 2021 album Donda. No further public biography has been released by the NDS or the White House.
Elon Musk, Amy Gleason, and the DOGE Connection
The NDS did not emerge from a vacuum. It is the direct institutional successor to the culture and personnel of the Department of Government Efficiency. Elon Musk, senior advisor to President Trump and DOGE's de facto leader, is a named defendant in multiple federal lawsuits over unauthorized data access. Amy Gleason, DOGE's acting administrator, is also a defendant in the Social Security Administration case. Leland Dudek, the SSA's acting commissioner, and Michael Russo, the SSA's chief information officer, are additional defendants in that litigation. Charles Ezell, former director of the Office of Personnel Management, is named in the EFF-led OPM lawsuit. The same ecosystem of personnel, access, and institutional methodology that generated those lawsuits has now reconstituted itself inside the National Design Studio.
The Lawsuits
As of May 2026, at least a dozen federal lawsuits have been filed challenging DOGE's access to personal data. The legal foundation for most of them is the Privacy Act of 1974, which prohibits disclosure of federal records without individual written consent. Plaintiffs also cite the Administrative Procedure Act, the Computer Fraud and Abuse Act, the Federal Information Security Management Act, the Internal Revenue Code, the Tax Reform Act of 1976, and the separation of powers doctrine.
Key cases include:
Alliance for Retired Americans v. Bessent, No. 1:25-cv-00313 (D.D.C., filed February 3, 2025) sought to block DOGE access to Treasury Department databases containing bank account numbers and Social Security numbers.
AFL-CIO v. Department of Labor, No. 1:25-cv-00339 (D.D.C., filed February 5, 2025) sought to block DOGE access to Department of Labor databases.
New York v. Trump, No. 1:25-cv-01144 (S.D.N.Y., filed February 8, 2025), brought by 19 state attorneys general including California Attorney General Rob Bonta, alleged that DOGE's access to Treasury databases containing bank account and Social Security numbers was unlawful and sought an immediate halt.
EFF / Lex Lumina v. OPM (filed February 11, 2025), brought by the Electronic Frontier Foundation on behalf of 103 current and former federal workers, alleged that OPM gave DOGE operatives, many of them under 25 and former employees of Musk's private companies, administrative access to personnel records without national security vetting. Defendants named: Elon Musk, DOGE, OPM, and OPM Director Charles Ezell.
AFSCME v. Social Security Administration, No. 1:23-cv-00596 (D. Md., filed February 21, 2025, amended March 7, 2025), brought by AFSCME, the AFL-CIO, the American Federation of Teachers, and the Alliance for Retired Americans, alleged that DOGE operatives accessed private Social Security records including bank account numbers, health records, mental health records, wage histories, immigration status, and family court records without legal authority. In April 2025, U.S. District Judge Ellen Lipton Hollander granted a preliminary injunction blocking SSA and its agents from granting DOGE access to those systems.
In January 2026, the Department of Justice itself acknowledged misconduct by Trump administration and DOGE employees in unlawfully accessing and misusing Social Security data, according to filings in the D. Maryland court. Even as the Fourth Circuit later vacated the lower court's preliminary injunction on standing grounds in April 2026, the circuit's own Judge Toby Heytens described the whistleblower revelations about DOGE data misuse as "even more alarming" while denying relief.
The pattern across all these cases is consistent: private tech operatives, unvetted, unconfirmed, and unaccountable to Congress, entered federal data systems containing the personal information of hundreds of millions of Americans. Courts have alternately blocked and permitted that access. The data has already moved. The architecture has been altered. Edward Coristine, one of those operatives, now runs engineering at the National Design Studio.
The Money
The NDS has not disclosed a standalone budget. This is not an oversight. It is structural. Because the NDS was created by executive order and housed within the White House Office, its funding is folded into broader Executive Office of the President appropriations, which do not require the same line-item disclosure as agency budgets submitted to Congress. The American public has no mechanism to determine, from public sources, exactly how much is being spent to redesign the government's digital infrastructure under this initiative.
What is known: the federal government spent $75.1 billion on civilian IT in fiscal year 2025 and $67.9 billion in fiscal year 2026. The proposed FY2027 budget returns to $75.7 billion. The NDS's mandate to overhaul 27,000 government websites is folded into that broader IT modernization envelope, with no publicly disclosed NDS-specific line. In parallel, the Technology Modernization Fund, the traditional vehicle for agency IT upgrades, was zeroed out by House appropriators for the third consecutive year in September 2025.
The NDS has an active and disclosed vendor relationship with Salesforce, which published a co-promotion piece in Nextgov/FCW in December 2025 describing how its FedRAMP High-authorized Personalization product could support the NDS's goals of tracking user behavior across federal websites, increasing conversion rates for government applications, and delivering personalized content to individual Americans based on their interaction history with government systems. No contract value was disclosed. No competitive bidding process has been publicly documented.
Gebbia has said the NDS will ultimately staff approximately 30 people, 15 engineers and 15 designers. The NDS's stated mandate is a three-year term, set to expire in August 2028. The infrastructure those 30 people build will not expire with them.
The Goals, Stated and Unstated
The NDS's stated goals, as set out in Executive Order 14338 and on its public website americabydesign.gov, are the following:
Stated goals: Redesign federal websites and physical government spaces to improve usability and aesthetics. Standardize design across 27,000 federal domains. Modernize the U.S. Web Design System. Ensure compliance with the 21st Century Integrated Digital Experience Act. Produce initial results by July 4, 2026, coinciding with the U.S. semiquincentennial. Deliver an experience comparable to Apple retail for interactions like passport renewal, tax filing, Social Security management, TSA processing, green card applications, national park reservations, and student loan repayment.
Those goals, taken at face value, are not unreasonable. Federal digital services are genuinely poor. The status quo harms vulnerable people who cannot complete basic government tasks online. Improvement is legitimate and necessary.
What the stated goals do not address: Who owns the data architecture that results from this redesign. What data is collected, retained, or shared as a result of a unified behavioral tracking system across all federal websites. What happens to the Salesforce personalization layer when a new administration takes office. Whether the private sector firms and individuals involved in building this infrastructure will have ongoing access to it. What legal constraints govern the NDS's data handling. Why Edward Coristine, a man fired from a cybersecurity internship for leaking data and linked to a cybercriminal network, is now Head of Engineering for this initiative.
The NDS website, ndstudio.gov, publishes case studies of its work. Among them: the rebuilding of retire.opm.gov, the federal employee retirement processing site, which the NDS says it transformed from a six-month wait process to near-instant processing. That is, without question, a genuine improvement for federal workers. It is also a system that now routes sensitive retirement and financial records through architecture designed by the same team that, in its prior incarnation, was found by a federal judge to have accessed those records without legal authority.
* * *
The Accountability Vacuum
The United States has no comprehensive federal data privacy law. The Privacy Act of 1974 was written before the internet existed. The patchwork of sector-specific statutes, the Health Insurance Portability and Accountability Act, the Family Educational Rights and Privacy Act, the Tax Reform Act, and others, creates gaps large enough to drive a redesigned federal website through. The NDS was built in one of those gaps.
The NDS reports to the White House Chief of Staff, not to Congress, not to an inspector general, not to a privacy officer with enforcement authority. The Chief Design Officer position was created by executive order and can be eliminated by executive order. The agency has a three-year sunset, but that sunset, as the executive order explicitly states, does not affect any authority or provision established under the order. The design standards, vendor contracts, data architecture, and behavioral tracking infrastructure the NDS builds will outlast the NDS itself.
No Senate confirmation was required for any NDS principal. No congressional hearing has been held on the agency's activities. No public accounting of its spending has been released. The agency has 28,000 followers on X. Most Americans have never heard its name.
What Must Happen
The following are not partisan positions. They are structural accountability requirements that would apply to any administration building this kind of infrastructure:
Congressional authorization and oversight. An agency with authority over the federal government's entire digital interface should not exist by executive order alone. Congress must hold hearings, establish legal parameters for the NDS's data handling authority, and subject its principals to Senate confirmation.
A standalone, publicly disclosed budget. Every dollar spent by the NDS on staff, vendors, and contracts must be disclosed in a public, searchable, line-item format. The current arrangement, folding NDS costs into broad EOP appropriations, is incompatible with democratic accountability.
Independent privacy oversight. The NDS must be subject to mandatory review by the Privacy and Civil Liberties Oversight Board, the Government Accountability Office, and agency inspectors general. Vendor contracts involving behavioral data collection, including the Salesforce personalization engagement, must be published in full.
Personnel vetting requirements. No individual with a documented history of unauthorized data disclosure, links to criminal networks, or prior violations of federal access policies should hold a position with access to federal data systems. Edward Coristine should not be Head of Engineering at the National Design Studio. That this requires stating is itself a measure of how far accountability norms have eroded.
A federal data privacy law. The Privacy Act of 1974 is not adequate for the digital infrastructure being built in 2026. Congress must pass comprehensive federal privacy legislation that governs how the government itself collects, retains, shares, and protects citizen data across unified digital platforms.
Separation of commercial and government interests. Any individual serving in the NDS or advising it must be required to divest or place in blind trust any financial interest in companies that stand to benefit from federal contracts, data access, or the adoption of design standards they are helping to establish. The conflict of interest between Gebbia's Airbnb background and the NDS's mandate to redesign government platforms on a private sector model has not been addressed.
* * *
Conclusion
The National Design Studio is not a website refresh project. It is the construction of the interface between 330 million Americans and the government that governs them, built by unvetted private sector operatives, funded through opaque appropriations, supervised by no independent body, and staffed in part by a 20-year-old whose prior government career included being found by a federal judge to have accessed systems without legal authority.
The stated goal, making government digital services usable and beautiful, is legitimate. The method, handing it to a White House agency accountable to no one but the Chief of Staff, staffed by DOGE veterans named in active federal litigation, and funded without public disclosure, is not.
The question is not whether government websites should be improved. The question is whether the American people have consented to having the architecture of their relationship with their government redesigned in secret, by people with undisclosed financial interests, using data access that federal courts have repeatedly found to be unlawful.
They have not been asked. They should be.
* * *
Key Documents and References
Executive Order 14338, "Improving Our Nation Through Better Design," signed August 21, 2025. Published Federal Register Vol. 90, No. 163, August 26, 2025, pp. 41759-41760.
AFSCME v. Social Security Administration, No. 1:23-cv-00596, D. Md., filed February 21, 2025.
EFF / Lex Lumina v. OPM, filed February 11, 2025, S.D.N.Y.
New York v. Trump, No. 1:25-cv-01144, S.D.N.Y., filed February 8, 2025.
Alliance for Retired Americans v. Bessent, No. 1:25-cv-00313, D.D.C., filed February 3, 2025.
AFL-CIO v. Department of Labor, No. 1:25-cv-00339, D.D.C., filed February 5, 2025.
ndstudio.gov, americabydesign.gov (National Design Studio official sites).
Congressional Research Service, LSB11370, "Privacy Act Lawsuits and the Department of Government Efficiency," updated September 2025.
________
America's "first chief design officer":
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.