While truly private AI can only be achieved locally, I can’t afford the hardware for the models I want to run and neither can most people.
When it comes to generic prompts like what you’d normally use to find related pages with a search engine, I see little privacy drawback in using a service like duck.ai. After all, you’re still sending a “prompt” to DDG in any case. In fact, DDG’s privacy agreements with its model providers are stricter than the one with Microsoft, so you could argue that duck.ai is actually more private than the search engine itself, which is recommended here.
For more sensitive prompts, however, I’d prefer a solution that is both provided and hosted by a reputable, privacy‑focused organization. I’m wary of startups that claim to use confidential computing. Only these offerings meet that standard in my view: Proton Lumo and maybe Brave Leo.
Lumo runs on Proton’s own infrastructure, but its model lineup isn’t as powerful as what you can obtain elsewhere. Leo, on the other hand, offers stronger models, yet most/all of them reside on Amazon Bedrock. Because Bedrock is a B2B service, there’s limited discussion about its trustworthiness online. Moreover, I feel mislead by Brave’s claim of self-hosting its models given that it uses Bedrock (which I could only find by scouring obscure GitHub issues).
Both companies have shortcomings, of course. But from what I’ve observed, Proton tends to prioritize the wrong products and employs dark patterns in its marketing, while Brave has faced incidents such as “accidentally” Honey‑fying links and collecting BAT donations for creators without their knowledge. To be clear, I think Brave’s actions are worse.
So what do you think about Bedrock and Leo? Is Lumo the best/only option available right now, even if Proton isn’t being as transparent and clear about the backend as they should?
If you already use the Brave browser or Brave Search, I’d recommend using Leo. I also have the Lumo app installed on my Android phone. I trust them both personally.
something local, give it a try maybe it’s good enough for your use case and you don’t need the biggest model ever
trust claims of companies while you won’t ever know exactly if they are stating the truth while having their thing in the cloud
Not sure there is a middle-ground where there is a trust-worthy enough company that got some kind of “AI-audit” that would be stable, viable and relevant in 2 weeks.
Maybe compartmentalization could be good enough for your use case?
Only ask, share and use the cloud AI from a company knowing that it would probably be sold/available to anybody: consider every input into the chat as permanent and non-private.
Billion dollar companies have a monopoly on that tech as of today, not sure there is a magic solution besides some kind of DeepSeek-kind of model.
I could reluctantly learn to trust Brave, but the larger concern is that I’d also have to place my confidence in Amazon, since Brave isn’t actually hosting the models on its own hardware. How do you view that aspect?
I don’t need massive, trillion parameter models, but even small models require a decent GPU to run efficiently.
When it comes to trust, I’d like to be able to trust Brave for access to its more advanced models, yet that inevitably means trusting Amazon as well, which I haven’t seen highlighted in discussions about Leo. PG’s old LLM provider page claimed that Brave self‑hosts its models, which I think is either a misleading statement or an outright falsehood from Brave. My initial suspicions arose because I wasn’t sure how Brave was self-hosting proprietary Claude models.
I’m inclined toward trusting Proton because they offer smaller, open-source models and own much more server infrastructure than Brave. It seems plausible that everything runs on servers they exclusively control. Proton also arguably has more at stake than Brave in this scenario. Still, I wish Proton were more transparent about what “servers Proton controls” actually entails, since the situation could resemble Brave’s setup.
I was hoping someone could shed more light on Amazon Bedrock, but perhaps the safest approach is to compartmentalize like you said.
