About
Attorney, former Secretary of Information Technology for the State of Maryland, and author of the Fiduciary Commons legislative framework.
Fiduciary Commons is a constitutional argument, and a set of specific proposed statutes, for governing the relationship between government and citizens with respect to personal data. The name reflects the two foundational commitments of the work: the fiduciary commitment to the constitutional and legal framework at its core, and the commons commitment to the theory that personal information constitutes a commons of facts that no government or private actor can own in any legally cognizable sense.
The site serves three purposes. It is a document library for the framework: the draft legislation, the constitutional essays, and the supporting materials are all available here for download or by request. It is a reference hub for the subject areas the framework addresses, with both original work and curated external resources annotated to show how they bear on the argument. And it is a point of discussion: the blog carries ongoing analysis of developments in these fields, and the contact page is a genuine invitation to engage.
If you encounter something on this site that you believe is wrong, analytically flawed, or missing a dimension your expertise would supply, please say so. That is the point.
I came to this work not through an academic institution but through years of watching government digital systems accumulate the exact architecture that the founding generation recognized as tyranny: perpetual records, universal scope, discretionary access, and delegable authority. James Otis identified those characteristics in 1761 as the hallmarks of general warrants. The Fourth Amendment was ratified to prohibit them. Modern integrated government databases possess all four, and existing law has no adequate response.
From 2017 to 2023, I served as Maryland's Secretary of Information Technology and Chief Information Officer, a member of the Governor's Cabinet, overseeing the state's IT infrastructure, data privacy policy, and cybersecurity posture across all executive branch agencies. That role required constant decisions about what data to collect, how to store it, who could access it, and what systems to purchase from vendors with their own views about what architecture should look like. The conclusion I came away with is the one the Fiduciary Commons is built on: government technology procurement systematically purchases surveillance architecture without recognizing it as such, because the procurement process asks whether a system is functional and statutorily compliant, not whether it is constitutionally defensible. Those are different questions, and the gap between them is where the problem lives.
My legal training told me the gap was a constitutional problem. My experience as a CIO told me the remedy had to be architectural, not administrative. The framework this site presents is an attempt to supply both: a constitutional argument establishing that enforceable fiduciary obligations already govern the government-citizen data relationship, and three draft statutes that translate those obligations into legislation a state can introduce.
This is a working project, not a finished one. I am publishing it in this form because the work needs critique from people who know more than I do about its constituent fields, and because the problems it addresses are not waiting for the work to be finished before getting worse.
I am an attorney with a career spanning federal regulatory enforcement, municipal government, private practice, and state cabinet service. I began as a regulatory attorney at the Federal Trade Commission, served as City Attorney for Annapolis, Maryland, and subsequently as Policy and Legal Advisor to the Anne Arundel County Executive, before joining the Governor's Cabinet as Maryland's Chief Information Officer. I served as President of NASCIO, the National Association of State Chief Information Officers, in 2021 and 2022. I hold a J.D. from Franklin Pierce Law Center, completed post-graduate studies at Georgetown University Law Center, and am a Certified Information Privacy Professional through the IAPP. I am currently Vice President for National IT Strategy at Government Sourcing Solutions and serve on the ABA Model Procurement Act Revision Commission.