Sovereign Tech Stack Mapping

I examine your tech stack for vulnerabilities,
data leaks, and surveillance risks.
Together we make a safer internet.

For Campaigns & Organizing Efforts

Campaign technology assessment Evaluating data handling

For Social Services

Ensure client dignity, protect vulnerable populations, honor community trust

Begin Sovereignty Mapping Pro Bono for Qualifying Orgs

The Data Harvesting Problem

Your business tools:
the CRM, email, cloud storage, communication platforms, aren't just utilities;
They're surveillance endpoints, Data extraction points & Vendor lock-in mechanisms.

What I Find in Tech Stacks

  • Customer data flowing to third-party trackers
  • Unused SaaS subscriptions bleeding revenue
  • Critical vulnerabilities in "trusted" platforms
  • Compliance gaps that could trigger fines

The Sovereignty Audit Difference

  • No fear-mongering, only evidence
  • Vendor-agnostic recommendations
  • Clear migration paths to sovereign alternatives
  • Implementation roadmaps, not just reports

My Methodology: Tech Mapping Rigor for Your Business

Manual, Not Automated

I don't just run scanners. I think like an attacker, finding logic flaws that automated tools miss.

Proof, Not Speculation

When I find vulnerabilities, I demonstrate impact safely. Like my government site account takeover discovery.

Business Context

I explain risks in terms of business impact: lost revenue, reputation damage, legal liability.

Recent Finding Example

FINDING: Authentication Tokens in Browser History
                LOCATION: Government benefits portal
                IMPACT: Complete account takeover
                PROOF: Captured token from history →
                Accessed account → Changed password
                CVSS: 9.1 (Critical)

This is the level of rigor I bring to every assessment.

Where Does Your Data Go?

Every digital interaction in your business creates data flows. Customer information, visitor behavior, internal communications,
much of it flows to platforms you don't control, serving interests that may not align with yours.

The Problem: Invisible Data Leakage

  • Customer data flowing to third-party trackers
  • Vendor dependencies creating lock-in and risk
  • Tools that surveil rather than serve your mission
  • Compliance gaps from international data transfers

The Solution: Clarity and Control

  • Data Flow Examination I trace where information actually travels
  • Vendor Relationship Mapping I chart your external dependencies
  • Control Assessment I evaluate your actual data sovereignty
  • Independence Roadmap I chart a path to reclaim control

Integrity-First Mapping Examples

Campaign Protection

CLIENT: Statewide Political Campaign

ISSUE: Volunteer verification process

MAPPING DISCOVERY: Sensitive documents shared via unencrypted channels, downloadable by multiple staff members

CONTROL ASSESSMENT: Volunteer PII 95% exposed,
no retention policies, no access logs

SOLUTION: Encrypted portal + role-based access + automatic document expiration

RESULT: Volunteer trust protected, campaign integrity secured, legal liability eliminated

Advocacy Organization Sovereignty

CLIENT: Racial Justice Advocacy Group

ISSUE: Donor/activist data protection

MAPPING DISCOVERY: Activist contact lists on US surveillance platforms, donor data in 3rd-party CRMs

CONTROL ASSESSMENT: Activist data 80% vendor- controlled, opposition research risk: HIGH

SOLUTION: Sovereign CRM migration, encrypted communications, data minimization implementation

RESULT: Activist safety ensured, donor confidence increased, opposition vulnerability closed

I specialize in protecting mission-driven organizations where data sovereignty isn't just about compliance, but about protecting people and democracy.

Sovereignty Mapping Services

Three levels of clarity and control, each including detailed mapping and actionable guidance.

Data Flow Examination

For understanding one critical data pathway

$1,200 $2,500

Ideal for examining:

  • Volunteer onboarding data flows
  • Client intake system pathways
  • Donor payment processing flows
  • Campaign communication channels

Deliverables include:

  • Data flow diagram for chosen pathway
  • Vendor dependency identification
  • 8-12 page Sovereignty Brief
  • Two implementation guidance calls
  • One month of email support

Common use cases:

Campaign volunteer systems: $1,800

Social service client intake: $1,800

Donor management review: $2,500

Digital Sovereignty Mapping

Complete mapping of your digital ecosystem

$4,800 $9,600

Comprehensive mapping includes:

  • Full digital ecosystem visualization
  • Integrity-First or Dignity-First assessment
  • Vendor control assessment matrix
  • Sovereignty scoring (0-100 scale)
  • Compliance alignment review

Deliverables include:

  • Complete Sovereignty Atlas (20-30 pages)
  • Digital Independence Roadmap (6-12 month plan)
  • Three team sovereignty workshops
  • Three months of implementation support
  • Executive sovereignty briefing

Organization sizing:

Small teams (1-10): $4,800

Growing organizations (11-50): $7,200

Complex operations (50+): $9,600+

Ongoing Sovereignty Stewardship

Continuous sovereignty guidance as you grow

$650 $2,400/month

Continuous stewardship includes:

  • Quarterly sovereignty check-ins
  • New vendor/tool sovereignty assessments
  • Proactive data flow monitoring guidance
  • Team sovereignty training sessions
  • Vendor negotiation support

Stewardship levels:

  • Advisory: $650/month (quarterly guidance)
  • Partnership: $1,200/month (bi-monthly sessions)
  • Strategic: $2,400/month (monthly collaboration)

Recommended for:

After completing Digital Sovereignty Mapping

6-month minimum commitment

10% discount with annual payment

Why Mission-Driven Organizations Need Sovereignty

The Stakes Are Different

For mission-driven organizations,
data sovereignty isn't about compliance, it's about:

  • Protecting vulnerable people from digital harm
  • Preserving campaign integrity against opposition exploitation
  • Honoring community trust that fuels your mission
  • Ensuring tools serve people, not surveil them

Real Impact, Real Protection

  • Preventing volunteer/donor data from being Iaponized
  • Ensuring client dignity in social service systems
  • Meeting grantor data protection requirements
  • Building community trust through transparent data practices
  • Creating sustainable, ethical technology foundations

Begin with a Mission Alignment Call

A 45-minute conversation to explore how sovereignty mapping can protect your people and your mission.

Schedule Complimentary Mission Alignment Call

Pro Bono for Mission-Driven Organizations

Each quarter, I provide two complete Digital Sovereignty Mappings to organizations serving marginalized communities or protecting democracy.

Priority Given To:

  • Organizations serving marginalized communities
  • Voting rights and democracy protection groups
  • Domestic violence shelters & crisis services
  • Racial justice advocacy organizations
  • Under-resourced community organizing efforts

Pro Bono Includes

  • Complete digital ecosystem mapping
  • Specialized Integrity-First or Dignity-First assessment
  • Sovereignty migration options assessment
  • Team sovereignty training workshop
  • 6-month implementation support
Apply for Pro Bono Sovereignty Mapping

Begin Protecting Your Mission

All engagements begin with a Complimentary Mission Alignment Call.

Signal Messenger

End-to-end encrypted. No metadata retention.

signal qr code

Signal QR Code

Download Signal

1. Install Signal 2. Add contact 3. Send encrypted message

Email

For mission-sensitive information:

Use Signal for initial contact. I prioritize protection for mission-driven work.

Mission-Specific Templates

Founded by a Veteran & Community Organizer,
turned Sovereignty Protector.

I understand mission-driven work because I've done it.
Your protection is my purpose.