Just pinging this request again since Tarjei had requested more details on this from users in the recent AMA. Didn't want to start another Idea for essentially the same request. Thanks for asking to hear more about this, Tarjei, if you're reading this.
There is a trend in new software to be privacy-first. I don't view Tana as being privacy-first. Sure, my data is encrypted in flight and at rest, but a data breach or a bad actor on the Tana team can still view 100% of my personal data because Tana owns the keys to my data. _Not your keys, not your data. _
I understand that it's the same with Gmail, which is a really bad argument because there is a growing contingent of folks that are actively de-Googling by using Brave, DuckDuckGo, platforms like Proton Mail for email, Signal for texts, encrypting our iCloud data, etc. Myself included, and most of my community.
I would like to store simple things like passwords and credit card data at the node-level in Tana, sure, but I also really want to keep a #journal entry in Tana, which I refuse to do until I own the keys to my data. I'd like to keep sensitive health information from being easily visible on Tana's servers. I'd like to keep sensitive client information in Tana, which I cannot (both ethically and by contract) do unless I own the keys to the data (I do a lot of work with banks, in the IPO space, etc. — all kinds of sensitive information that I could never store in Tana at current).
I want the ability to secure an entire workspace, secure specific nodes, secure specific tags, and/or secure specific fields. I understand that if I lose my keys I lose all the data — this is not as hard as folks make it sound — it's a feature, not a bug. Many of us learned all this (some of us the hard way) years ago with our crypto wallets. We have Yubikeys and Ledgers. We're comfortable with encryption and more and more are starting to require it in our everyday use apps.
We want our data shielded from ANY AND ALL companies, regardless of their best intentions. The primary reason Logseq rose in popularity was it was local-first, privacy-focused, and open-source. I'm in Silicon Valley and I can't in good faith recommend Tana to most of my personal community because many of them care far more about these things than they do the quality of the application, it's design principles, how powerful it is, etc. They are actively seeking institutions that prioritize privacy, local data, and now also: sensible limits for AI's reach.
This doesn't need to be the default for every workspace, it just needs to be an option. It can come with a dozen warnings, but please give us the ability to shield our data from Tana's servers, employees, data breaches, etc. and yes, until the quantum computers come. Realistically, at that point we'll have far greater problems than our personal data in Tana to resolve...
Thanks for reading!
You don't have permission to do this.
You're going a bit too fast! Take a break and try again in a moment.
Something went wrong! Please reload the page and try again.
Just pinging this request again since Tarjei had requested more details on this from users in the recent AMA. Didn't want to start another Idea for essentially the same request. Thanks for asking to hear more about this, Tarjei, if you're reading this.
Also, pulling in this related Idea: https://ideas.tana.inc/posts/64-let-tana-store-all-information-locally-without-syncing-to-cloud
There is a trend in new software to be privacy-first. I don't view Tana as being privacy-first. Sure, my data is encrypted in flight and at rest, but a data breach or a bad actor on the Tana team can still view 100% of my personal data because Tana owns the keys to my data. _Not your keys, not your data. _
I understand that it's the same with Gmail, which is a really bad argument because there is a growing contingent of folks that are actively de-Googling by using Brave, DuckDuckGo, platforms like Proton Mail for email, Signal for texts, encrypting our iCloud data, etc. Myself included, and most of my community.
I would like to store simple things like passwords and credit card data at the node-level in Tana, sure, but I also really want to keep a #journal entry in Tana, which I refuse to do until I own the keys to my data. I'd like to keep sensitive health information from being easily visible on Tana's servers. I'd like to keep sensitive client information in Tana, which I cannot (both ethically and by contract) do unless I own the keys to the data (I do a lot of work with banks, in the IPO space, etc. — all kinds of sensitive information that I could never store in Tana at current).
I want the ability to secure an entire workspace, secure specific nodes, secure specific tags, and/or secure specific fields. I understand that if I lose my keys I lose all the data — this is not as hard as folks make it sound — it's a feature, not a bug. Many of us learned all this (some of us the hard way) years ago with our crypto wallets. We have Yubikeys and Ledgers. We're comfortable with encryption and more and more are starting to require it in our everyday use apps.
We want our data shielded from ANY AND ALL companies, regardless of their best intentions. The primary reason Logseq rose in popularity was it was local-first, privacy-focused, and open-source. I'm in Silicon Valley and I can't in good faith recommend Tana to most of my personal community because many of them care far more about these things than they do the quality of the application, it's design principles, how powerful it is, etc. They are actively seeking institutions that prioritize privacy, local data, and now also: sensible limits for AI's reach.
This doesn't need to be the default for every workspace, it just needs to be an option. It can come with a dozen warnings, but please give us the ability to shield our data from Tana's servers, employees, data breaches, etc. and yes, until the quantum computers come. Realistically, at that point we'll have far greater problems than our personal data in Tana to resolve...
Thanks for reading!