The Privacy-by-Architecture Play: How Brutalist Report Eliminated Its Own Privacy Problem by Running AI on the Device

The Play

A post about local AI hit the top of Hacker News this weekend.

The most-quoted line: "You don't build trust with your users by writing a 2,000 word privacy policy. You build trust by not needing one to begin with."

That is a product strategy hiding inside a developer opinion piece.

What Brutalist Report did

The Brutalist Report iOS app generates article summaries as a core feature.

Instead of calling a cloud AI API, it uses Apple's local model APIs. The summary runs on the user's device. No server transmission. No data logging. No vendor infrastructure. No API key that can leak. No rate limit that can slow the feature down. No vendor that can change its pricing or shut down.

The feature works because the task — summarizing text — does not require broad world knowledge. It requires inference over data the user already owns.

That is the category local AI wins: transformation of user-owned data.

The growth lever

Most products treat privacy as a compliance problem.

They write the policy, add the disclosures, and move on.

Brutalist Report's approach makes privacy a product feature instead of a legal obligation.

That is a different conversation to have with a potential user.

"We have a comprehensive privacy policy" competes with every other app that also has a comprehensive privacy policy.

"Your data never leaves your device" is a verifiable architectural fact that most of your competitors cannot say.

How to run it

The migration path exists today.

Apple's Foundation Models framework, Core ML for custom models, and the Windows AI APIs give you the tools to move summarization, classification, smart reply, and extraction tasks off the cloud and onto the device.

Once that work is done, the distribution play is immediate:

• Update your App Store description to lead with the on-device framing
• Add a one-line trust badge near the feature: "Processed on-device. Never sent to a server."
• Pitch to privacy-focused newsletters, reviewers, and communities where no-cloud is a feature, not a limitation
• Simplify or remove the AI section of your privacy policy — and call that out explicitly

The last point matters more than it sounds.

Saying "we simplified our privacy policy because we moved AI on-device" is a news hook. It tells a story. It is the kind of thing that gets shared in the same communities where "Local AI needs to be the norm" just got 300+ upvotes on Hacker News.

Why this matters now

The on-device AI infrastructure is maturing fast.

Apple, Microsoft, and Google are all investing in local model capabilities at the OS level. The hardware headroom is already there — most users have neural processors sitting idle.

The products that figure out how to turn "no cloud AI" into a trust signal in the next twelve months will have a differentiation that is hard to copy. Cloud-first competitors cannot make the same claim without rebuilding their architecture.

That window is open now.

Sources:

https://unix.foo/posts/local-ai-needs-to-be-norm/

https://news.ycombinator.com/item?id=48085821