Allow Sensible Limitations for AI's Reach + Make any future "Global" AI Features OPTIONAL
Explain the problem as you see it
I heard a lot of talk from Tarjei about upcoming AI features and how deeply they'd be integrated, being able to do more than chat with our data. My first reaction was absolutely not of excitement but rather concern.
Mostly, I am concerned with the lack of caution or hearing anything about the privacy implications for giving a LLM access to my entire graph of Tana data, without limits. This feels very naive to me. This technology is very young, the landscape changing every day, and meaningful limitations, regulations, or restrictions are completely lacking in the industry. Blind ambition is leading seemingly every company in a race off a cliff.
I say this having used AI to tweak a sentence in the last paragraph. I say this having a ChatGPT window open at all times throughout the day. I say this using AI with Raycast daily. I say this using AI to automate much of my work day. I am a strong advocate for using AI for so many things.
And yet, still, I do not ever want AI reaching into the entirety of my personal data (aka, my Tana graph).
There is so much that I want to keep in Tana, but would refuse to as I assume right now that I would not be able to limit it's scope (based on what I heard in the AMA). It is a very similar situation as with encryption for me. To truly treat Tana like a second brain, I need assurances that AI will never reach my most intimate thoughts, have access to sensitive client information, be able to read a passwords database, see a picture of a friend of mine, etc.
Privacy is the most important metric I use when assessing a tool for personal use (and for work, though in specific, highly-sensitive, scenarios). A key to making Tana private, beyond allowing us to encrypt our workspaces, nodes, tags, and fields, is limiting the scope of AI's reach in our graphs.
Why is this a problem for you?
The reason I and much of my community do not use many of the other applications on the market right now that have all raced towards "chat with all of your data" solutions is because of the privacy concerns. I do not want to end up having to do a hard 180° turn on Tana and abandon it if it suddenly turns on an AI feature that relentlessly scrubs all of my information in some attempt to be helpful.
It is already problematic that true encryption (where I hold the keys) is not yet prioritized, and enabling a "full-graph" AI layer without/before any real barricades/encryption/limitations are available would be cause for having to stop using Tana completely for me. Caution around AI and a privacy-first approach is far more important than any perceived productivity boost or whatever else would be gained. 
Giving AI access to our personal data is also terrifying and alienating to huge swaths of the population, not just nerdy tech populations who value privacy.
Suggest a solution
The current "local" AI implementation — using AI at the node, tag, or field levels — is perfect. I love it. I've never seen anything like it. I control exactly when/where/how I invoke AI. Keep this please!
Please continue to expand on its usefulness, ease, etc. It is natural and safe because it is confined to specific containers where it can be used. No other tool offers this with as much power as Tana does. They instead opt for the all-in approach, which is a massive turn-off for privacy focused communities. 
If plans for a "global," full-graph, AI continue to manifest, always give all users the ability to turn this off completely (but simultaneously allow the above "local," per-node style AI to be kept on).
Finally, enable user-holds-the-key style encryption for entire workspace, per-node, per-tag, and per-fields and by-default disable any future "global" AI from ever being able to reach into those nodes or workspaces.
Thanks for considering/reading. I really hope Tana gets this (and encryption) right in 2024! Please prioritize privacy. 
