[JumpCrisscross]

> Why couldn't the same process could be used to handoff the data to a 3rd-party AI provider?

You have more safeguards if it’s running on your own metal. It’s reasonable to want to understand that better, perhaps with your own red team, before opening up customer data to actual potential hostiles.

[simjnd]

Yeah I overestimated the amount of stripping / anonymization that was being done on device and didn't realize how much plumbing was required server-side too to have good enough privacy guarantees