Mac dictation privacy audit: which apps actually keep your audio local (2026)

Which Mac dictation apps actually run locally?

Five of the major Mac dictation apps run speech recognition entirely on-device by default — JustVoice, Superwhisper, MacWhisper, VoiceInk, and Aiko — while Wispr Flow, Willow Voice, and Otter.ai send your audio to a remote server every time you dictate. Apple Dictation is split: short on-device for newer Macs, cloud for longer phrases and many languages. Whether that matters depends entirely on what you're dictating and to whom.

This post is the audit we wish existed when we started JustVoice. There is a lot of "private by design" marketing in this category and not enough honest accounting of where audio actually goes.

Methodology

This is a desk audit, not a forensic packet capture of every app on every Mac. We read each vendor's privacy policy and product documentation as of April 2026, cross-referenced their support articles, and confirmed network behavior on the apps we actively use with Little Snitch. Cloud apps may change their architecture; local apps may add cloud features. Treat the table below as a 2026 snapshot, not a permanent verdict, and verify before you bet a regulated workflow on it.

A few definitions we'll use throughout:

Local: audio is converted to text on your Mac without leaving the device. No network call required for the core transcription.
Cloud: audio is sent to the vendor's servers (or a third-party speech provider) for transcription and returned as text.
Hybrid: app supports both modes, with one as the default.
BYOK: "bring your own key." You provide your own API key for OpenAI, Anthropic, Deepgram, etc., and your audio or text passes through that provider's API rather than the app vendor's infrastructure.

The audit table

App	Audio leaves device?	Where it processes	Privacy policy	Free tier?
JustVoice	No (default)	On-device Whisper; cloud STT only if user enables Pro Cloud STT (BYOK Deepgram)	justvoice.ai/privacy	Yes, 5K words/mo
Wispr Flow	Yes	Wispr's cloud servers	wisprflow.ai/privacy	Time-limited trial
Whisper Flow	Usually a misspelling of "Wispr Flow" — see above	—	—	—
Superwhisper	No (default)	On-device Whisper; optional cloud modes if user enables them	superwhisper.com/privacy	Limited free
MacWhisper	No	On-device Whisper for files	goodsnooze.gumroad.com	Yes, free tier
VoiceInk	No	On-device Whisper, open source	github.com/Beingpax/VoiceInk	Yes, fully free
Aiko	No	On-device Whisper for files	sindresorhus.com/aiko	Yes, fully free
Apple Dictation	Mixed	On-device on M-series Macs for short phrases; cloud for many languages and long-form	apple.com/legal/privacy	Free with macOS
Otter.ai	Yes	Otter cloud	otter.ai/privacy	Yes, limited mins
Willow Voice	Yes	Willow cloud	willowvoice.com	Limited free

A clarifying note on the "Whisper Flow" row. We see this query often and it's almost always a misspelling of Wispr Flow. There is no major Mac dictation app called "Whisper Flow." If you searched for it expecting a local Whisper-based competitor to Wispr Flow, the apps you probably want are JustVoice, Superwhisper, or VoiceInk.

Why local matters

The privacy-relevant question isn't "do you trust the vendor" — it's "what happens if their cloud is breached, subpoenaed, or sold." Local processing collapses that risk surface to your own laptop's disk encryption and OS-level permissions. Cloud processing extends it to the vendor's S3 buckets, their employees' laptops, their subcontractors, and the legal jurisdictions they operate under.

Four workflows where this stops being abstract:

HIPAA-adjacent dictation. If you're a clinician, therapist, or work in patient-facing health tech, anything you dictate that contains Protected Health Information is regulated. Most consumer dictation apps are not HIPAA-compliant — they don't sign Business Associate Agreements, they don't promise audit logs, they don't guarantee data deletion on a clock you control. A local app sidesteps the question entirely because the audio never leaves your encrypted Mac. Attorney-client privilege. Dictating notes about a privileged matter into a cloud app arguably waives privilege in some jurisdictions, depending on terms of service and which third parties the audio is shared with. Privilege is not absolute. The conservative move for litigators is local-only. IP-sensitive code. If you dictate prompts to Cursor or Claude Code that reference unreleased product names, internal API endpoints, security vulnerabilities, or proprietary algorithms, those words are now in someone else's transcription log. Vendor data retention varies; some retain for 30 days, some for years for "service improvement," some don't say. Journalism and source protection. Dictating notes about confidential sources into a cloud transcription service is the kind of thing that gets discussed in court orders. Local processing keeps the audio under shield-law protections that may apply to your laptop but probably don't apply to a third-party SaaS vendor's logs.

For a primer on threat modeling these scenarios, the EFF's Surveillance Self-Defense guide is the standard reference.

The cloud apps' counter-argument

Cloud dictation apps aren't unsafe — they're just a different trade-off, and pretending otherwise is dishonest marketing. A few real advantages of cloud processing that the local-first crowd shouldn't wave away:

Better accuracy on niche models. Some cloud providers run proprietary models (Deepgram Nova, AssemblyAI) that genuinely beat off-the-shelf Whisper on specific accents, domains, or noisy audio.
Lower local resource use. A 4-year-old MacBook Air with 8 GB of RAM can comfortably stream audio to a cloud service while running Chrome with 80 tabs. Running medium Whisper locally on the same machine is a stretch.
Streaming UX. Cloud streaming providers can show you words as you speak, with sub-200ms latency. Local Whisper is batch-oriented by design and has to wait for an utterance to complete before transcribing.
Cross-device consistency. Cloud apps work the same whether you're on a Mac, a Windows laptop, or an iPad. Local apps are usually platform-specific.

If your dictation isn't sensitive — drafting a marketing email, writing a tweet, brainstorming a blog post — a cloud app is a perfectly defensible choice. The mistake is assuming all dictation falls into that bucket.

What "BYOK" actually means

"Bring your own key" is meaningfully better than vendor-managed cloud, but it is not the same thing as local processing. With BYOK, your audio (or text) passes through a third-party API — typically OpenAI, Anthropic, or Deepgram — under your account, governed by that provider's terms, not the dictation app vendor's.

Two real benefits: you control the spend, and the dictation app vendor never sees your data. Two limits: the third-party provider does briefly see your data, and you've now extended your trust boundary to two companies instead of one.

For AI cleanup (where Whisper output is rewritten by a language model to fix grammar, capitalization, and code formatting), BYOK is the strongest realistic privacy story short of running a local model. JustVoice's AI cleanup is BYOK by design — your API key, your audit trail, your data deletion policy with the API provider. We never see the prompt or the response.

For raw speech-to-text, BYOK is a smaller win because the same vendor (OpenAI) trained the Whisper weights you'd run locally anyway. You may as well skip the round-trip and run the model on your Mac.

How to verify yourself: Little Snitch and Network Monitor

Don't trust any vendor's privacy claims — including ours — without verifying once. It takes ten minutes and you only need to do it once per app.

The recipe:

Install Little Snitch (paid, ~$59) or use macOS's built-in Network app (Activity Monitor → Network tab gives a less granular view).
Quit every app on your Mac except the one you're auditing and Little Snitch.
Open the dictation app and start a fresh dictation session.
Watch the Little Snitch live feed for outbound connections during and immediately after the dictation.
A truly local app should show zero outbound traffic during the dictation itself. Background telemetry (crash reports, license checks) at app launch is normal and unrelated to your audio.

A purely local Whisper transcription should look like nothing happened, network-wise. A cloud app will light up Little Snitch with a connection to the vendor's API endpoint or to a third-party speech provider. There's no in-between — your audio either left or it didn't.

Verdict: which apps to trust if privacy is non-negotiable

For local-by-default Mac dictation in 2026, the trustworthy options are JustVoice, Superwhisper, MacWhisper, VoiceInk, and Aiko. They differ on UX, price, and what they do around transcription, but the core "audio stays on your Mac" guarantee holds across all five.

Quick recommendations:

Live system-wide dictation, free tier, code mode: JustVoice. (Yes, we're biased — but the free tier and the code-aware mode are genuinely differentiated.)
Live system-wide dictation, lots of customizable AI modes: Superwhisper.
Open source, no subscription, fully scriptable: VoiceInk.
File transcription with diarization: MacWhisper.
Free file transcription from a trusted indie dev: Aiko.

If you're currently on a cloud app and want to migrate without giving up the AI cleanup polish, JustVoice's BYOK cloud cleanup gets you most of the way there with the audit trail under your control.

For deeper reading on what "local processing on Apple Silicon" actually buys you, Apple's Platform Security Guide and the Apple Privacy white paper are the canonical references for what the OS does and doesn't expose to third-party apps.

Cross-references on this site:

JustVoice vs Wispr Flow — the head-to-head on the most common cloud comparison.
JustVoice vs Superwhisper — the head-to-head on the most common local comparison.
JustVoice for medical professionals — HIPAA-adjacent considerations in detail.
JustVoice for legal work — privilege and confidentiality considerations.