Federal digital identity is migrating toward the White House

Start here if you read nothing else. This is the clearest, best-sourced throughline on the map — and most of it you can verify yourself, in public records, in a few minutes.

The pattern, in one breath: a new White House office called the National Design Studio (NDS), created by executive order in August 2025, has quietly become the registrant or builder behind a cluster of federal identity systems — the things that decide how you prove who you are to the government. Several now trace to the President’s own executive office rather than the departments that traditionally run them, and no public privacy assessments have been filed for any of it.

Here is what the records actually show. Each line links to the full claim, its sources, and its counter-evidence.

What the records show

• A passport sign-in portal owned by the White House, not the State Department. passports.gov is registered to the Executive Office of the President in the federal .gov registry — not the State Department that actually issues passports. It runs a live login portal with no State seal. → passports-eop-owned
• The government’s universal login being extended to passports and licenses — by an NDS detailee. Greg Hogan was detailed from NDS to run login.gov (the shared federal sign-in) and is reportedly expanding it to cover passports and driver’s licenses. → hogan-login-gov-expansion
• A preview rebuild of the national voter portal — while DOJ told a court it “doesn’t exist.” NDS stood up a preview replacement of the Election Assistance Commission’s vote.gov, even as the Department of Justice reportedly told a court, weeks later, that the voter-registration infrastructure does not exist. → nds-vote-gov-vs-doj
• The office’s own domain registered the day before it legally existed. ndstudio.gov was registered 2025-08-20; the executive order creating NDS was signed 2025-08-21. → nds-registered-before-eo14338
• No privacy paperwork for any of it. Federal privacy registries return nothing for NDS programs — no Privacy Impact Assessments, no System of Records Notices — which the Privacy Act generally requires. → nds-zero-pias-sorns
• Third-party analytics, including session recording, on federal sites. The PostHog analytics SDK — and, on one site, its session recorder — appears in the code of several federal .gov sites. → posthog-across-federal-sites

How to read this honestly

These are separate, individually-sourced facts. The map’s job is to set them next to each other, not to tell you what they add up to. A few guardrails it holds to:

• Confirmed ≠ concluded. Each item above is marked confirmed because its evidence is checkable — not because a motive has been proven. Pre-registering a domain a day early, for example, is ordinary practice: notable, not improper.
• Watch the seams. The vote.gov item is a preview, not a launched takeover, and the DOJ-court pairing still needs its exact docket to be airtight. PostHog’s common thread is a shared vendor, not a single owner — trumpaccounts.gov is Treasury’s, not the White House’s.
• It moves fast. These domains and certificates change within days. Reverify against the live record before you cite anything.

See for yourself

Most of this is public:

• Domain ownership — CISA dotgov-data
• Certificates and subdomains — crt.sh
• Or file a FOIA request for the underlying records — the generator drafts a properly-scoped letter you review and submit yourself. More on the Interventions page.