The White House has announced that every government-issued phone will soon be required to install an app promoting President Donald Trump, according to Government Executive. The app, which launched publicly in March, allows users to send prewritten messages praising Trump, including phrases like “Greatest President Ever!”
Security and Privacy Concerns
Cybersecurity experts have raised serious concerns about the app’s data collection practices and security risks. The app uses third-party software called Elfsight to send push notifications, requiring a unique digital fingerprint that can track users across sessions.
This information is then shared with companies like OneSignal, a push notification service provider. Experts say such data sharing without proper disclosure is particularly concerning for devices connected to sensitive government networks.
Additionally, the app’s privacy manifest is blank, indicating no data is collected—a claim experts describe as misleading. Researchers also noted that the app’s public presence was managed through an amateur WordPress developer, which may introduce further security vulnerabilities.
Cybersecurity researcher Adam Enger told NOTUS that “advanced state attackers are 10 miles ahead of me already. They’re watching the app for every single update, they’re comparing versions, they’re looking for one slip-up.”
Rollout and Federal Implications
The rollout is expected to begin at the FAA next week. Former government IT expert Sonny Hashmi warned, “any app that is installed on government-issued devices can potentially create backdoor access to government networks behind the firewall.” Given that government phones often connect to sensitive internal networks, the stakes are high.
Sen. Dick Durbin, ranking member of the Senate Judiciary Committee, criticized the White House, saying the app “appears to pose a cybersecurity threat to its users.” Durbin also highlighted recent funding cuts to the Cybersecurity and Infrastructure Security Agency (CISA), noting that reduced resources make government-issued apps like this even riskier.
White House Response
The White House pushed back against criticism, claiming that “all information on the app is safe and secure,” and that reliance on third-party services is “standard” for applications. However, critics argue that standard commercial practices are not suitable for devices used by federal employees with access to sensitive government systems.
Cybersecurity expert Andrew Hoog offered a more measured perspective, stating, “We see plenty of applications that have significant, egregious issues. This app could have better hygiene, but it doesn’t come close to any of those sorts of things.” Experts emphasize that frameworks like FedRAMP and GovCloud exist to mitigate these types of risks on government devices.
