If the UI module does encryption and decryption, and if the said encryption is good enough, why would you care if the transport layer steals your encrypted data?
The transport layer is running on the same computer at the same trust level as the encryption layer, which means it can intercept the unencrypted data. Even if the developer's 100% honest it's easy for them to accidentally create a remote code execution vulnerability that allows an attacker to do this.