Why personal AI must be local-first

An argument for keeping your most intimate data on hardware you own.

The intimacy hierarchy

Not all data is created equal. Your Spotify listening history is not the same as your therapy session transcript. Your Netflix recommendations are not the same as the message you sent your partner at 2am.

There is a hierarchy of data intimacy, and it looks something like this:

Level 1: Preferences. You like jazz and dark roast coffee. This is the least sensitive. Every tech company has this. It powers ads and recommendations. Losing control of it is annoying, not devastating.

Level 2: Behaviour patterns. You go to the gym at 6am, browse LinkedIn at lunch, and watch YouTube until midnight. More personal. Reveals habits, routines, vulnerabilities. But still somewhat abstract.

Level 3: Relationships. Who you talk to, how often, what you discuss. The warmth of your friendships. The tension in your work relationships. The people you are drifting from. This is deeply intimate. It maps your social world.

Level 4: Conversations. What you actually said. The jokes, the confessions, the half-formed ideas, the arguments, the apologies. This is your inner life made text.

Level 5: Self-reflection. Your journal entries. Your coaching observations. The patterns in how you communicate. What you are working on in yourself. This is the most intimate data that exists in digital form.

Most "personal AI" products operate at levels 1-2 and store everything in the cloud. That is fine for preferences and behaviour. But levels 3-5 – relationships, conversations, self-reflection – have no business on someone else's servers.

The policy problem

Cloud AI companies protect your data with privacy policies. A privacy policy is a legal document that says: "We choose not to misuse your data." It is a promise. Promises can be broken.

Promises are broken by:

Breaches. Every major tech company has been breached. Equifax. Yahoo. LinkedIn. Facebook. The question is not if, but when.

Acquisitions. The company that promised to protect your data gets acquired. The new owner has different priorities. Your data is now an asset on their balance sheet.

Terms changes. The privacy policy changes. They notify you by email. You do not read it. Nobody reads it.

Subpoenas. A government requests your data. The company complies because they must. Your conversations are now evidence.

Employee access. Someone at the company can read your data. They probably will not. But they can.

The architecture solution

Local-first means your data lives on hardware you own. Not "encrypted in our cloud" – on your Mac Mini, in your house, on your network.

The AI models run on your hardware via Ollama. The databases (Qdrant, Oxigraph, Redis) run as Docker containers on your machine. There is no cloud server receiving your personal data. There is nothing to breach, acquire, subpoena, or access. (Ostler does fetch public data from the internet – Wikidata, web search results – but personal data only flows inward, never outward.)

This is not a policy decision. It is an architectural one. We cannot access your data, not because we choose not to, but because there is nowhere for it to go.

Pull the ethernet cable. Ostler keeps working. That is the test. For the full technical details, see the security architecture.

The performance objection

The standard objection to local AI is performance. Cloud models are bigger, faster, more capable. This was true in 2023. It is less true in 2026.

A Mac Mini M4 runs Qwen 3.5 (9 billion parameters) at 30 tokens per second. That is fast enough for conversational AI, document analysis, fact extraction, and knowledge graph queries. It is not GPT-4. But it is good enough for the task – and the task is personal knowledge, not general intelligence.

You do not need a frontier model to answer "when did I last see James?" You need a model that has access to your data. Local gives you that access without the trust problem.

The cost objection

A Mac Mini costs $599. Perplexity charges $50 per month. Ostler is $24.99 per month – half the price, and your AI queries are unlimited because the compute runs on your hardware, not in their cloud.

No token limits. No usage caps. No "you have exceeded your monthly quota." Your Mac does the work. You pay for the intelligence layer, not the compute.

The convenience objection

Cloud is easier. Sign up, connect your accounts, done. Local requires installing Docker, pulling models, running import scripts.

This is true. We are working to reduce the friction. The installer takes about 30 minutes. But some friction is worth it for data that will be with you for the rest of your life. You would not store your paper journal in someone else's house because it was more convenient. Your digital journal deserves the same respect.

The future

Local AI will get better. Models will get smaller and faster. Apple Silicon will get more powerful. The gap between cloud and local performance will shrink. The gap between cloud and local privacy will not.

Privacy is a one-way door. Once your data is on someone else's servers, you cannot un-share it. Local-first means you never have to make that choice.