What if your AI didn't know everything about you all at once?
The AI leak we keep worrying about isn't bad data. It's bad scoping. Here's the shape that fixes it.
Default-deny as a compliance posture, not a security one
Default-deny gets framed as a security control. The more useful framing is that it's a compliance posture: every 'yes' becomes a justified positive choice, and every action ties back to a specific allowed-rule the auditor can read.
AI in the news: week of March 29, 2026
Q1 closed loud. The Sora public API got sunset, the White House dropped an AI framework, MCP crossed 97M installs, a Mythos leak surfaced Anthropic's next model, and Oracle led the largest layoff round in its history. Q2 starts with momentum, not from rest.
Apple governance and the long tail
Most people will never read an AI governance framework. They'll get their AI through the device in their pocket. Apple's posture sets the floor for billions of users, and that floor matters more than the governance discourse acknowledges.
Confidence as a routing signal, not just a number
Most teams attach a confidence score to model output and stop there. The mature pattern uses it as a routing signal, high to fast-path, mid to human-in-loop, low to rejected-with-reason. The thresholds are product-specific, the audit story is per-path, and calibration is a discipline.
AI procurement for nonprofits and small teams
Sub-100-person organizations have different AI procurement constraints than enterprises, tighter budgets, less vendor leverage, less in-house governance, often more sensitive data. Here's the procurement frame that actually fits the shape of those orgs.
AI in the news: week of March 22, 2026
GTC 2026 anchors the week. Vera Rubin, a $1T order book through 2027, and a partnership map from Uber to Disney to Eli Lilly. Mistral ships Small 4 and announces Forge for training-on-your-own-data. AI hits 25% of March layoffs. The EU's child-safety amendment lands.
Self-hosted everything: my 2026 stack
What I actually run, in March 2026, four boxes, a NAS, a small set of services, and the open-weights models that do the daily work. Practical and concrete; this is the stack as it sits, not the stack as I'd pitch it.
Migrating a YAML monster to a DaC shape, step by step
You've inherited a 1,500-line values.yaml. The fix isn't refactoring it in place, it's the six-step migration to a DaC shape: catalog, cluster, identify, push down, version, ship. Here's the walkthrough, concrete enough to mirror.
Why personal AI assistants need an ownership story
Every vendor is shipping a personal AI now. Almost none of them can answer the basic ownership questions, who owns the model, the memory, the patterns. Without that story, personal AI is a marketing label on a vendor relationship.
AI in the news: week of March 15, 2026
Atlassian and Block stack the largest AI-cited cuts of the cycle, the Challenger numbers put AI at 25% of US March layoffs, Anthropic sues over a Pentagon supply-chain-risk designation while Google quietly takes the contract, and NVIDIA opens GTC with $1T in Blackwell-plus-Rubin orders booked.
An auditor walks into an AI shop
The 2026 audit conversation about AI usage has gotten sharp. The questions are sophisticated, the evidence asks are specific, and most shops can't produce what's being asked for. Here's what the conversation actually sounds like and where the gap sits.