A few years ago, if you asked someone what information they had shared with a software company, the answer probably would have been fairly short. Maybe they had entered a license key after buying a desktop application. Perhaps they had registered an email address to receive updates or download a newer version. Beyond that, most of the information stayed exactly where it belonged: on their own computer. Today, that answer looks very different.
The average person has accounts with dozens, if not hundreds, of online services. Every one of those accounts contains some combination of personally identifiable information. Your name. Your email address. Your password. Your billing information. Your purchase history. Your IP address. Your approximate location. Your devices. Your browser. Your contacts. Your documents. Your notes. Your photographs. Your calendar. In some cases, companies may also store medical information, financial records, or other highly sensitive data that most people would never intentionally hand to a stranger.
The remarkable part is how normal this has become.
Most of us no longer stop to ask why a note-taking application needs an account. We don't question why a local document editor wants to synchronize everything to the cloud by default. We rarely think twice about uploading years of personal photographs to a service we've never met the people behind. Somewhere along the way, trusting software companies with increasingly large portions of our digital lives stopped feeling unusual and started feeling like the cost of participating in modern technology. The more I think about it, the more I believe we've framed this entire conversation incorrectly. When people discuss privacy and security, the conversation usually revolves around trust. Do you trust this company? Do you trust that company? Which cloud provider has the strongest security? Which service has the best privacy policy? Which company is least likely to misuse your information? Those are reasonable questions, but I don't think they're the most important ones.
The better question is this:
Why are we being asked to trust so many companies in the first place?
There is an old principle in cybersecurity that says the best defense is often eliminating unnecessary risk altogether rather than trying to manage it perfectly. The same principle applies here. If a company never possesses your personal information, it cannot accidentally leak it. It cannot lose it in a breach. It cannot misuse it. It cannot sell it. It cannot expose it through a poorly configured database. It cannot hand it over because it simply doesn't have it.
That idea sounds almost too simple, yet it fundamentally changes how we think about software.
One of the reasons I care so much about local-first applications isn't because I believe every technology company has bad intentions. Quite the opposite. I think the overwhelming majority of companies genuinely want to protect their customers. They invest millions of dollars into security teams, infrastructure, penetration testing, compliance programs, and incident response. Engineers work incredibly hard to secure these systems. And yet breaches continue to happen. Not because every company is incompetent. Not because every company is careless. Because no system connected to the internet is perfect.
History has shown us this repeatedly. Some of the largest and most sophisticated organizations in the world have experienced significant data breaches over the past two decades. Financial institutions, healthcare providers, retailers, telecommunications companies, government agencies, and technology giants have all had moments where sensitive customer information became accessible to people who should never have seen it. Even organizations with world-class security teams continue discovering vulnerabilities because defending an internet-facing service twenty-four hours a day is an extraordinarily difficult problem. The reality is that attackers only need one successful mistake. Defenders have to be successful every single day. That imbalance is one of the reasons cybersecurity remains such a difficult field. What makes modern software particularly interesting is that we've steadily increased the amount of information sitting behind those defenses. Think about what a typical online account contains today. At a minimum, most services know your email address and password hash. Many also know your name, phone number, billing address, payment information, purchase history, login history, IP addresses, browser details, approximate location, and the devices you've used to access the service.
Then there is the information generated simply by using the application. How often you log in. Which features you use. Which documents you open. How long you spend using the software. What you search for. Who you collaborate with. When you are active. None of those individual pieces of information seem particularly concerning by themselves. Collectively, they become incredibly valuable.
Security professionals sometimes talk about something called the "blast radius" of a compromise. The idea is fairly straightforward. When something goes wrong, how much damage can that single failure cause? Imagine someone steals a notebook sitting on your desk. They now possess one notebook. Now imagine someone compromises the cloud service storing millions of people's notebooks. The blast radius is completely different. The same principle applies to password managers, cloud storage providers, note-taking applications, email platforms, document editors, and countless other services that centralize enormous amounts of personal information. The more valuable information concentrated in one location, the more attractive that location becomes to attackers.
This is where local-first software provides a benefit that often goes unnoticed. People usually think about local applications in terms of convenience. They work without an internet connection. They launch faster. Files remain available while traveling. Those are certainly advantages, but I don't think they're the most important ones. The real advantage is that local software dramatically reduces how much information ever leaves your computer. If your notes remain on your own device, there is no database containing millions of other people's notes waiting to be compromised. If your password manager stores an encrypted vault locally rather than relying on centralized infrastructure, you've eliminated an entire category of remote attacks. If your documents never leave your computer, there is no cloud storage provider responsible for protecting them on your behalf. You haven't made security perfect. You've simply removed an enormous amount of unnecessary trust from the equation. That distinction matters because trust itself is a security dependency.
Every company storing your information becomes another organization you must rely on to make good decisions. You trust that they hired competent engineers. You trust that they encrypted sensitive information correctly. You trust that they patched known vulnerabilities. You trust that they monitor suspicious activity. You trust that they respond quickly when new threats emerge. You trust that future leadership values privacy as much as current leadership. You trust that they won't fundamentally change how your information is handled five years from now. Most people never consciously make those decisions. They inherit them. The moment an application requires an account, another trust relationship quietly forms. Sometimes those relationships are entirely justified. If you're collaborating on documents with coworkers around the world, cloud infrastructure provides tremendous value. If you're backing up family photos so they survive a house fire, remote storage makes perfect sense. If you're streaming movies to multiple devices, centralized services are difficult to avoid. The point isn't that cloud services should disappear. The point is that they should exist because they provide meaningful value, not because every application has decided that collecting user accounts is simply how software works now. There is another consequence that receives far less attention. When companies collect data, they also assume responsibility for protecting it. That responsibility is enormous.
A leaked credit card may require cancelling accounts and waiting for replacements. A stolen email address may seem harmless until it becomes the foundation for phishing attacks. A compromised phone number can become the starting point for SIM-swapping attacks. Personally identifiable information can be combined with publicly available records to commit identity theft or social engineering. Medical information can expose deeply personal aspects of someone's life. Financial records can reveal spending habits, investments, or income. Even seemingly insignificant metadata often becomes valuable when combined with other sources. Attackers rarely need every piece of information. They simply need enough. That is one of the reasons security professionals often emphasize minimizing data collection. Every additional piece of information creates another asset that must be protected. Every new database becomes another potential target. Every retained record increases the consequences of a future breach.
Ironically, the safest way to protect data is often to avoid collecting it altogether. You cannot leak what you never stored. You cannot accidentally expose information that never existed on your servers. You cannot become responsible for protecting millions of personal records if those records remain where they originated. On the other hand, it is important to be honest about what local-first software does and does not solve.
Keeping information on your own computer does not magically make it secure. Malware can still steal files. An unencrypted laptop can still be stolen. Weak passwords remain weak passwords. Good backups are still necessary. Operating systems still need security updates. Local software is not a replacement for responsible security practices. What it does provide is something much more subtle. It removes an entire class of risks that only exists because information has been centralized somewhere else. You no longer have to worry about another company's database being breached because your information isn't sitting in that database. You no longer have to wonder whether your documents are being analyzed for product development, advertising, or future AI training because those documents never leave your machine. You no longer depend on another company's authentication servers simply to access your own work. Most importantly, you dramatically reduce the number of organizations that must be trusted with pieces of your digital identity.
I sometimes wonder how different the technology landscape would look if every company were forced to answer a single question before collecting customer information.
"Do we actually need this?"
Not "Could this data be useful?"
Not "Would marketing like access to this?"
Not "Might this increase engagement?"
Simply, "Is this information genuinely necessary for the product to function?"
I suspect far fewer companies would be storing the amount of information they currently do. That question ultimately captures why I believe local-first software deserves far more attention than it receives. Good security isn't about assuming every company will eventually fail. Good security is about recognizing that every additional dependency introduces another opportunity for failure, and then asking whether that dependency is truly necessary. Sometimes it is. Many times, it isn't.
The safest place for many kinds of personal information has always been the same place it started: on the computer owned by the person who created it. Because the most secure data isn't necessarily the data protected by the largest company or the most expensive security team. More often than not, it's the data that never had to be trusted to anyone else in the first place.