Login-dot-gov is 'fraudulent,' says House Republican gunning to defund 18F

Republicans on the House Oversight and Accountability Committee aren’t over recent controversies surrounding the General Services Administration’s single sign-on service, Login.gov. 

At least one Republican on the committee is arguing that the recent missteps chronicled in a spring inspector general report  should cost GSA funding for 18F, its tech consultancy agency that helped initially develop Login.gov. And a bipartisan investigation into the service — led by Reps. Pete Sessions, R-Texas and Kweisi Mfume, D-Md., who serve as chair and ranking member of Oversight’s subcommittee on government operations, respectively — is ongoing.

The full committee’s chair, James Comer, R-Ky., alleged during a hearing with GSA Administrator Robin Carnahan Tuesday that the agency “is facing a crisis of confidence” after citing recent controversies concerning Login.gov.

Sessions offered an amendment to the Financial Services and General Government appropriations bill to defund 18F, which was agreed to on a voice vote last week without debate from Democrats or a request for a recorded vote, although the bill wasn’t ultimately passed because of Republican disagreement.

The House has instead passed a stopgap measure to fund the government at current levels into the new year.

Login.gov was thrust into the spotlight in 2022 when the IRS signaled it would use the service for digital credentialing, after facing criticism over its use of vendor-provided facial recognition for people to access online IRS accounts. 

Since then, the GSA service has been embroiled in its own share of controversy. The IRS has since backtracked on its move to widely use Login.gov for now, citing the same security concerns at the center of an inspector general report released this spring, which found that GSA officials had misrepresented the level of security standard the service met to other agencies. Top agency officials cited an 18F culture averse to oversight in the report.

“It would be considered, if it were not [the] government, a complete fraud, a fraudulent operation that operated outside the scope of its own laws and its own responsibilities,” Sessions said of Login.gov Tuesday. 

Last month, GSA announced that it would be adding facial recognition capabilities to Login.gov next year, a key step in the agency’s work to get the service into compliance with the security standards. 

Sessions, however, said that the problem is bigger than Login.gov. On the House floor, Sessions alleged that “trouble has followed 18F around” since it started, citing inspector general reports dating to 2016 and 2017, in addition to the recent Login.gov controversies. 18F has existed since 2014, and both it and Login.gov are part of GSA’s Technology Transformation Services.

During the hearing, Sessions also raised the fact that Carnahan herself founded and led a state and local government practice in 18F from 2016 to 2020, before taking up the larger role of GSA administrator in 2021. 

“I want to know about 18F, about the way they operated, about the way they misled and lied to the government about what their performance would be, what they could be counted on,” he said.

Carnahan maintained that 18F is “doing great work for the American people,” pointing to the tech unit’s role in shared services for government agencies. “My job is to make government work better for the American people and save money doing it.”

Although no Democrats grilled Carnahan on Login.gov during the hearing, the investigation remains an ongoing bipartisan effort, according to an Oversight Committee majority spokesperson.

Sessions and Mfume asked for briefings, documents and information from GSA about Login.gov in June.

Comer also noted that the identity proofing “services Login.gov provides, or claims to provide, are very much relevant in our fight against identity theft, a key component in the massive amounts of fraud we saw in COVID relief programs.”

The White House drafted an executive order earlier this year that would have pushed more agencies to use the service, Nextgov/FCW has reported, although no such order has been issued.

“If the Biden administration is intent on pushing Login.gov onto federal agencies, we all need to have confidence in its ability to protect the interests of the American taxpayer,” said Comer.