The Atlas PM Agent landing page originally claimed 'your data stays on your machine.' In reality, uploaded documents are stored plaintext in Turso and sent to OpenRouter for synthesis — the second clause was a hedge but the overall claim was misleading.
THE DECISION
Fixed the landing copy first, then staged the real privacy work (auth → envelope encryption → optional local-model provider) as separate, deliverable phases.
Per-user encryption-at-rest protects against DB compromise but does NOT make 'nothing leaves the device' true — the server still has to decrypt to send to the model
Two distinct problems (DB-theft risk vs. egress) deserve two distinct fixes, not one over-promising sentence
Shipping the honest copy was a 5-minute change; shipping true E2EE would block the product entirely (no server-side AI is possible without seeing the content)
The only way to make a real 'data stays here' claim is local inference (e.g. Ollama as an alternate provider) — a feature, not a marketing line
Honest positioning that won't get torn apart by a single audit
Clear staged plan: copy → auth → envelope encryption → local-model toggle
Engineering work that actually maps to user-facing claims
The simpler, stronger marketing line
Some perceived privacy advantage over chat-based competitors
Privacy copy now matches reality. The staged plan turns a vague claim into four shippable phases — landing copy (done), auth + per-user scoping, envelope encryption of documents.content with a per-user data key, and a local-model provider toggle that would actually justify a 'nothing leaves the device' claim under that mode.
Marketing copy is a product surface. Encryption is not a privacy claim by itself — it solves DB theft, not egress. If a claim depends on a feature you haven't built, fix the claim before you ship it, then build the feature behind a toggle that earns the claim back.