Security isn't a feature.
It's the architecture.
PreCase was designed from day one so that your data physically cannot leave your device. Here's exactly how.
Core Principle
If we can't access your data, we can't lose it.
Most apps promise privacy through policy. PreCase enforces it through architecture. There is no server that receives your messages, no database that stores your evidence, no API that transmits your data. The app runs locally, processes locally, and stores locally. That's it.
Architecture
How it works under the hood.
Local-only processing
All AI analysis runs on your Mac using local models. PreCase never sends your messages to OpenAI, Google, or any external service. The AI models are bundled with the app or run via Ollama on your machine.
Direct database access
PreCase reads from the macOS Messages database on your device. Messages are never copied to an intermediate server. The app requests Full Disk Access to read the database — a standard macOS permission you control.
Sandboxed application
PreCase runs as a sandboxed macOS application. It can only access the files and databases you explicitly grant permission to. It cannot read arbitrary files, install background processes, or modify system settings.
No network transmission
The app makes no outbound network requests for data processing. The only network activity is checking for app updates — and even that is optional. Your evidence never touches a network.
Data Flow
Where your data goes — and where it doesn't.
Messages database
Read from the macOS Messages database on your Mac. Never copied externally.
AI analysis
All pattern detection and organization runs on-device via local models.
Evidence storage
Organized evidence is saved to a folder on your Mac that you control.
Evidence export
Exports are generated locally. You choose how to deliver them to your attorney.
Cloud upload
No data is uploaded to any server. There is no cloud component for user data.
Third-party AI
Your messages are never sent to OpenAI, Google, Anthropic, or any external AI provider.
Export Integrity
Tamper-evident by default.
SHA-256 hashing
Every exported evidence package includes a SHA-256 hash. If a single character is modified after export, the hash won't match — providing a clear indicator of tampering.
Complete timestamps
Every message in an export retains its original timestamp from the Messages database. The export itself is timestamped at generation time.
Verifiable chain
Your attorney can independently verify the hash of any evidence package. The verification process requires no special software — just a terminal command.
Threat Model
What we defend against.
PreCase is built for people in adversarial situations. The threat model assumes that the opposing party, or anyone else, should never be able to access, intercept, or tamper with your evidence through PreCase.
Data interception
Eliminated. No data leaves the device, so there is nothing to intercept in transit.
Server breach
Not applicable. There is no server storing your data. A breach of our infrastructure cannot expose your evidence because we never have it.
Evidence tampering
Detectable. SHA-256 hashes on every export mean any modification to the evidence package is immediately verifiable.
Unauthorized access
Mitigated by macOS security. Evidence is stored in a local folder protected by your Mac's user account, FileVault encryption, and standard file permissions.
Transparency
Questions we think you should ask.
Why not end-to-end encrypt the exports?
Evidence packages need to be readable by your attorney. Encryption would add complexity without improving security for the primary use case — delivering organized evidence to a trusted party. The SHA-256 hash provides integrity verification without preventing legitimate access.
What if someone has physical access to my Mac?
PreCase relies on macOS security for physical access protection. Enable FileVault disk encryption, use a strong login password, and lock your screen when away. PreCase cannot protect against an attacker with physical access to an unlocked machine — no application can.
Will PreCase ever add cloud features?
If we ever add any network-connected feature, it will be opt-in, clearly documented, and never involve uploading your message content or evidence. The local-first architecture is a permanent design decision, not a temporary constraint.
How can I verify these claims?
Monitor PreCase's network activity using macOS Activity Monitor or a tool like Little Snitch. You'll see zero outbound connections for data processing. When the source is available for review, we'll link it here.