by Jake Pearson

ProPublica is a nonprofit newsroom that investigates abuses of power. Sign up to receive our biggest stories as soon as they’re published.

A federal employee who is helping the Trump administration carry out the drastic downsizing of the Consumer Financial Protection Bureau owns stock in companies that could benefit from the agency’s dismantling, a ProPublica investigation has found.

Gavin Kliger, a 25-year-old Department of Government Efficiency aide, disclosed the investments earlier this year in his public financial report, which lists as much as $365,000 worth of shares in four companies that the CFPB can regulate. According to court records and government emails, he later helped oversee the layoffs of more than 1,400 employees at the bureau.

Ethics experts say this constitutes a conflict of interest and that Kliger’s actions are a potential violation of federal ethics laws.

Executive branch employees have long been subject to laws and rules that forbid them from working on matters that “will affect your own personal financial interest.” CFPB employees are also required to divest from dozens of additional, specific companies that engage in financial services and thus either are or could be subject to agency supervision, rulemaking, examination or enforcement.

The CFPB oversees companies that offer a variety of financial services, including mortgage lending, auto financing, credit cards and payment apps.

Two of the companies in which Kliger is invested — Apple and Tesla — are on the CFPB’s list of prohibited holdings. Two others — Bitcoin and Solana — aren’t on the list but are nevertheless barred under agency guidance on investing in cryptocurrency firms.

Court records show that Kliger was among a small handful of top CFPB and administration officials discussing the implementation of the layoffs in emails. Separately, a federal employee who works on the layoff team said that Kliger “managed” the firings of about 90% of the bureau’s staff earlier this month, according to a sworn declaration filed by lawyers opposing the administration.

The employee, using the pseudonym Alex Doe for fear of retaliation, said they learned of Kliger’s role from colleagues and described Kliger keeping the CFPB employees “up for 36 hours straight to ensure that the notices would go out,” the declaration states. “Gavin was screaming at people he did not believe were working fast enough” and “calling them incompetent.”

Among those fired were the bureau’s ethics team, according to an agency lawyer, who wrote in an April 25 court filing that “I am not aware of anyone remaining at the CFPB who has the requisite expertise to fulfill the CFPB’s federal ethics requirements.”

Ethics experts said that getting rid of government regulators who oversee companies and set industrywide rules could impact the share price of the businesses subject to that regulation, since doing away with oversight can free companies from compliance costs and the exposure that stems from enforcement actions.

“Destroying the CFPB is likely to have, I believe, a direct and predictable effect on his financial stock,” Kathleen Clark, an expert on government ethics at the Washington University in St. Louis, said of Kliger.

Unionized bureau employees have sued the agency’s acting director, Russell Vought, to stop the administration’s efforts to wind down its operations and reduce its staff. The subsequent months of litigation have been head-spinning.

At the end of March, a district court judge issued a sweeping stay on the administration’s actions. Then on April 11, an appeals court in Washington, D.C., partially lifted that stay. In its order, the panel wrote that bureau leaders must conduct a “particularized assessment” before firing workers.

Days later, most of the agency’s staff was notified that they were being fired.

The bureau’s chief legal officer, Mark Paoletta, and two other lawyers conducted the court-ordered review, the government said in legal papers. In a recent filing, Paoletta wrote that the administration is attempting to achieve a “streamlined and right-sized Bureau.” Instead of 248 enforcement division employees and 487 in the supervision division, he wrote, he planned to keep 50 workers in each.

But on Monday evening, amid vigorous dispute over the legality of the firings and the definition of “particularized assessment,” the appeals court backtracked, upholding the trial court’s initial stay on the mass layoffs as the case plays out. The CFPB then notified the more than 1,400 employees who’d been laid off that their firings were being rescinded. The lawsuit is ongoing, with oral arguments before the appeals court scheduled for next month.

Kliger didn’t respond to voicemails or emails seeking comment for this story. The CFPB didn’t respond to a request for comment.

In a statement, the White House said that “these allegations are another attempt to diminish DOGE’s critical mission.”

Kliger “did not even manage” the layoffs, the statement said, “making this entire narrative an outright lie.”

Asked to clarify Kliger’s role in the administration's cuts, a spokesperson said, “You have 90 days from the start date to divest which is May 8th — it is only April 28th.” It’s unclear what rule the White House was referencing; the spokesperson did not respond to follow-up questions. But ethics experts said there are two scenarios that could apply: Sometimes, high-level government officials pledge to divest their holdings by a certain date to avoid conflicts of interest. And at the CFPB in particular, regulations give employees 90 days to divest prohibited holdings.

In either case, though, the employee is required to recuse themselves from any actions that could affect their investments.

Delaney Marsco, a government ethics expert at the Campaign Legal Center, said Kliger’s holdings and his involvement in winding down the agency erode the public’s faith that government officials are serving its best interests.

“When you have these facts, it raises the question, which is just as bad as when you have the actual violation because it makes the public question,” she said.

Kliger owns between $15,000 and $50,000 of stock in Apple, which the CFPB regulates. The company agreed to pay a $25 million civil penalty last October following a bureau investigation into Apple Card, a credit card in the company’s software. The bureau said that Apple did not have a proper transaction dispute system when it launched and also that it misled some customers about its financing. The company ​​agreed to the consent order, records show, “without admitting or denying any of the findings of fact or conclusions of law.” In a statement at the time, Apple said that “while we strongly disagree with the CFPB’s characterization of Apple’s conduct, we have aligned with them on an agreement.”

Kliger also owns between $100,000 and $250,000 of Tesla stock. The company, founded by DOGE boss Elon Musk, falls under the bureau’s purview because it offers financing, a key area of scrutiny for the CFPB.

Kliger also owns cryptocurrencies: between $1,000 and $15,000 of Solana and between $15,000 and $50,000 of Bitcoin.

Any federal worker who “holds any amount of a cryptocurrency or stablecoin may not participate in a particular matter if the employee knows that particular matter could have a direct and predictable effect on the value of their cryptocurrency or stablecoins,” according to a legal memo issued in July of 2022, under then-President Joe Biden, by the independent federal agency tasked with advising executive branch employees on how to avoid conflicts of interests.

An internal notice to CFPB employees the following month instructed anyone with such a holding to “immediately recuse yourself from working on any Bureau particular matter,” report the ownership and divest within 90 days, records reviewed by ProPublica show.

Since the beginning of President Donald Trump’s second presidency, the administration has sought to significantly reduce the size, scope and nature of America’s consumer watchdog, which was created in the wake of the 2008 financial crisis.

ProPublica reported last month that dozens of investigations the agency had launched were stalled amid stop-work orders.

In a recent court filing that supplements a newly released policy memo, Paoletta wrote that, in recent years, “the Bureau has also engaged in intrusive and wasteful fishing expeditions against depository institutions and, increasingly, non-depository institutions” and that it had “pushed into new areas beyond its jurisdiction such as peer-to-peer lending, rent-to-own, and discrimination as unfair practice.”

On April 18, Acting Director Russell Vought and Elon Musk’s DOGE bros tried to fire nearly 1,500 CFPB workers. Today, the U.S. Court of Appeals for D.C. just invalidated those efforts. This is the second time since February that Vought …

Courts Invalidate Vought and DOGE’s Mass Firings of CFPB Workers Read More »

The post Courts Invalidate Vought and DOGE’s Mass Firings of CFPB Workers appeared first on CFPB Union.

A many years ago, the IF Archive existed, and it was an FTP site. It lived at ftp.gmd.de. That was a long time ago. (1992, but who's counting.)

Slightly less long ago, the World Wide Web existed, and I said "I bet there could be a web mirror of the FTP site." So I (along with my co-conspirator Paul) built that as a holiday break project. It was just a static mirror of the files, with HTML index pages. I announced it on the rec.arts.int-fiction newsgroup.

A few days later, someone posted "How Do You Find Anything?"

Fair question. The favored answer was "Download the Master-Index text file and search through that." Nobody even mentioned the idea of a web search engine.

It wasn't a very complicated archive at that point, though. If you were looking for a game, you went to games/zcode or games/tads or whatever and all the games were listed. Hierarchical folders; you probably knew where you were going.

More files and more folders were added over the years, but people still mostly knew their way around. Then Google turned up and that helped a lot. And then in 2007, Mike Roberts launched IFDB, which was an extremely searchable database of IF games -- with links to the IF Archive. So that solved the problem completely!

Mostly. Ish.

IFDB is very comprehensive for games, but it doesn't try to cover interpreters, zines, articles, or the rest of the eclectic material which the Archive has collected over the decades. Google is still okay for this purpose (with the "search web" option and site:ifarchive.org). But the idea of a locally hosted search tool kept coming up.

Last weekend I finally said, "Eh, how hard could this be?" Answer: not hard at all! I had a first draft working in about two days. Don't I feel silly now?

Behold: the IF Archive search page.

This is still a feature in progress. Should there be a mini-search bar on each page of the site? Should I be sorting results by date? More than ten results per result page? Suggestions welcome.

---

Here's the code for that search tool. I wound up using a Python search library called Whoosh. Whoosh is pretty old; it hasn't been much updated since 2016. But it works just fine. (There's a more recent fork called Whoosh-Reloaded but I have not dug into that.)

The nice thing about Whoosh is that it's not a web search engine per se. It's a library for full-text search of whatever data you've got. You feed in "documents", which are really just key-value collections. Whoosh builds an on-disk database of that data, and then it can search it very efficiently. I set up a script to feed in that Master-Index file I mentioned earlier, and Gretchen's your aunt.

(In fact we keep an XML version of Master-Index. So the problem of parsing that into key-value data is already handled.) (Click on Master-Index.xml if you like, but it's 15 MB of XML and browsers aren't great at that.)

I had to build a web-service wrapper for Whoosh. Well, hey, I built tinyapp for a different IFTF service; I'll just use that. It's a Flask-alike. (Yeah, I could have used Flask, but tinyapp is a habit now.)

---

Someone suggested Pagefind as an alternative. This is a client-side search script: a JS widget that loads its index data from the web server. Then there's a static server-side component that generates this index data. Unlike Whoosh, it works by scraping your static HTML.

This is an interesting tradeoff. You save the CPU cost of server-side search, but you pay the bandwidth cost of handing out the search index to each user. (Don't worry, it's segmented, not served in a giant lump.)

However, this model doesn't fit the Archive case very well. The Archive generates HTML files from Master-Index, so scraping the HTML back in to regenerate the index metadata is just clunky. (And requires a lot of tuning of the HTML.) Also, I want search items to refer to parts of an index page -- there are lots of items per index page. Whoosh doesn't see anything weird about that; the item's URL can have a #fragment, Whoosh doesn't care. But Pagefind is pretty solidly set on the idea that one page is one index item.

Anyhow, server load doesn't seem to be a problem yet. (Maybe this post will change that!) IFDB search is undoubtedly more useful for most people.

So, for many reasons, Whoosh it was.

(However, I'm considering Pagefind as a search tool for this blog! The DuckDuckGo search you see in the sidebar works okay -- but DDG is ad-supported, and ad-supported services gonna getcha sooner or later.)

---

While I'm on about the Archive, let me mention the development model.

It's a mess. A deep, historic mess. I originally wrote the Archive's index generator in 1999... in C, bless that child's heart. I converted that nightmare to Python in 2017, looks like, while I was moving the site over to IFTF hosting. But it was just a Python script that ran on some files. I tested it locally by running it on some test files.

Over time, more projects got folded into the Archive setup. There's the upload script, the admin tool, the Unbox service. Now search. Each one has its own git repository. And oh yeah, while I'm in there, shouldn't the front page and stylesheet be under version control too?

It's all pretty well organized on the server. (Except Unbox, which is well-organized on a second server.) However, to get everything installed, I just... shove the files into place. When I update a script or something, I shove it in where it goes. There's no automation at all. Every repo has a private NOTES or TODO file where I scribbled down what I did last time.

This is not good devops zen.

A couple of years ago, Dan Fabulich suggested Docker. I am fairly Docker-resistant, but he set up the admin tool repo with a Docker config to test that component (just that one) in a test container. It seemed workable.

I am now slowly constructing a testframe repository which will assemble all the Archive components in a test container. It includes the other repos as submodules. (I know, sigh, submodules.) You'll be able to browse a set of test files, search the files, upload files, etc -- all in a pocket universe, so to speak.

This isn't even slightly ready for road testing yet. The original index generator is the only part that works. I'm still feeling my way through the right way to construct it in Docker. (I've barely even scratched Docker-Compose.) I'm having to tweak many parts of the system to work in a test environment.

To be clear, I'm not working on Dockerizing the actual IF Archive. I am very conservative about making changes in production! The testframe is meant for testing and development, and also as documentation-by-model for how the Archive is configured. Once it's stable... I'll probably put it on the shelf and let the Archive keep running. I love things that just keep running on their own. Big life goal there.

But someday, there will be automation to build the production Archive setup too. As my partner said: this is how archivists deal with mortality.

The Australian Radio Network has three main brands: KIIS, GOLD and CADA. Across nine stations, there’s one non-white presenter — and she’s a bot.

Thy has been CADA Sydney’s weekday host for six months now. It turns out Thy is an AI voice clone created by ARN and ElevenLabs. [MediaWeek]

Here’s a sample of Thy on CADA. Whoever dropped in the voiceover didn’t really care if you could even hear the voice in the mix. [James Cridland; James Cridland, MP3]

Thy was apparently modeled on the voice of an ARN finance department employee. ARN won’t disclose if the employee was paid for the use of her voice, nor who’s writing the scripts for Thy.

The Carpet posted about Thy as a rumour on 13 April. Stephanie from The Carpet was surprised there was no announcement or biography of CADA’s new 11am–3pm DJ and no social media. [Carpet]

The AFR confirmed Thy was an AI fake shortly after. [AFR, archive]

ARN told shareholders it was “active in creating an inclusive workplace, as recognised in the Diversity Council of Australia’s Inclusive Employer Index.” That index probably doesn’t count faking the diversity with a bot. [ARN, PDF]

ElevenLabs scrambled to post that ARN is “not replacing people” — though it literally is. [ElevenLabs]

It’s not even clear Thy is saving ARN money. [The Carpet]

Last October, Radio Kraków in Poland tried some AI-powered fake-diversity on their OFF radio station just after firing all of OFF’s presenters. That went down about as well as this.

• Video version

This post describes a sophisticated social engineering campaign using Zoom’s remote control feature and provides technical solutions to protect organizations against this attack vector.

Cursor is an AI-enhanced code editor. You click and an LLM auto-completes your code! It’s the platform of choice for “vibe coding,” where you get the AI to write your whole app for you. This has obvious and hilarious failure modes.

On Monday, Cursor started forcibly logging out users if they were logged in from multiple machines. Users contacted support, who said this was now expected behaviour: [Reddit, archive]

Cursor is designed to work with one device per subscription as a core security feature. To use Cursor on both your work and home machines, you’ll need a separate subscription for each device.

The users were outraged at being sandbagged like this. A Reddit thread was quickly removed by the moderators — who are employees of Cursor. [Reddit, archive, archive]

Cursor co-founder Michael Truell explained how this was all a mistake and Cursor had no such policy: [Reddit]

Unfortunately, this is an incorrect response from a front-line AI support bot.

Cursor support was an LLM! The bot answered with something shaped like a support response! It hallucinated a policy that didn’t exist!

Cursor’s outraged customers will forget all this by next week. It’s an app for people who somehow got a developer job but have no idea what they’re doing. They pay $8 million each month so a bot will code for them. [Bloomberg, archive]

Cursor exists to bag venture funding while the bagging is good — $175 million so far, with more on the way. None of this ever had to work. [Bloomberg, archive]

• Video version