Zero Telemetry: What Oaken Notes Actually Sends Over the Network

I spent years building privacy tools. I’ve seen exactly how much data a “normal” app leaks just by existing. Most developers don’t even mean to do it. They just drop in a few SDKs for crash reporting, analytics, and A/B testing, and suddenly your laptop is chatting with half a dozen tracking domains before you’ve even typed a word.

When I started building Oaken Notes, I wanted to see if I could do the opposite. I wanted to build an AI app that treats the network as a liability, not an asset.

I’m writing this post as a transparency report. I want to walk you through every single network vector in the app. I’ll tell you what stays local, what goes over the wire, and why I made those choices.

AI Processing: Zero network calls

This is the big one. Most “AI” apps are just fancy wrappers for OpenAI’s API. When you record a meeting in those apps, your voice is sent to a server, transcribed on a server, summarized on a server, and stored on a server.

Oaken Notes doesn’t do that.

Transcription happens entirely on your Mac. We use Apple’s SpeechAnalyzer and SpeechTranscriber frameworks (the same tech powering Apple Intelligence) to handle the heavy lifting. If those aren’t available for some reason, we fall back to WhisperKit, which runs OpenAI’s Whisper models locally via CoreML.

Summarization and note enhancement use the SystemLanguageModel provided by Apple’s FoundationModels. It’s an on-device LLM.

I’ve never seen your meetings. I’ve never heard your voice. I don’t have an API key for a third-party AI provider because the app doesn’t have a reason to talk to one.

Analytics: Literally none

I genuinely don’t know how many people use Oaken Notes on any given day. I chose that.

Most apps use Sentry for crashes, Mixpanel for feature tracking, or Firebase for… everything. Our dependency list doesn’t include any of those. No Amplitude, no Segment, no Datadog.

I don’t track which buttons you click. I don’t track how long your meetings are. I don’t track your “retention.” If the app is useful to you, you’ll keep using it. If it isn’t, you won’t. I’d rather hear that from you directly than have a tracker tell me.

What DOES use the network

I’m not going to pretend the app is 100% offline. That would be a lie. There are four specific things that use the network, and they’re all about making the app work as a professional tool.

1. Sparkle (Auto-Updates)

Since Oaken Notes is distributed directly at oakennotes.com, I use Sparkle to handle updates. It’s the industry standard for macOS apps. Every now and then, the app checks our update server to see if there’s a new version. It doesn’t send your data. It just asks, “Is there a version newer than 1.0.4?”

2. Paddle (Licensing)

When you buy a Pro license, Paddle (our payment processor) needs to verify it. The first time you activate Pro, the app talks to Paddle to make sure the license key is valid. This isn’t analytics. It’s just a digital receipt check so I can pay my rent.

Note: Sparkle and Paddle only apply if you download Oaken Notes directly from oakennotes.com. If you get it from the Mac App Store, neither is included. Apple handles updates and payments instead.

3. WhisperKit Model Downloads

The first time you use the Whisper fallback (or if you choose a specific model size), the app needs to download the model files. These are large files, anywhere from 150MB to 1.8GB. They’re downloaded once and cached locally. After that download, the network isn’t used for transcription again.

4. iCloud Sync (Optional, Pro)

If you’re a Pro user and you choose to enable sync, your data goes through Apple’s CloudKit. I chose CloudKit because it uses end-to-end encryption managed by Apple. I don’t have access to your iCloud container. This is entirely opt-in. If you don’t turn it on, your data never leaves your disk.

What we skipped

There are plenty of things I could have added that would make my life easier, but I decided against them:

• Crash Reporting: I don’t use Sentry or Crashlytics. I rely on Apple’s built-in crash reporter. If the app crashes, macOS handles it. You can choose to send that report to Apple, and they’ll eventually aggregate it for me in Xcode.
• Usage Analytics: I have no idea if people prefer the sidebar or the menu bar. I have to actually talk to users to find out.
• A/B Testing: There is no infrastructure for it. Everyone gets the same app.

How to verify this yourself

I’m a former security engineer. I don’t expect you to take my word for it. In fact, I’d prefer if you didn’t.

Oaken Notes is sandboxed (it has the App Sandbox entitlement). While it has the com.apple.security.network.client entitlement (required for Sparkle, Paddle, and the one-time WhisperKit model download), you can watch it like a hawk.

Fire up Little Snitch, Lulu, or just run tcpdump in your terminal. Start a recording. Let the AI process the transcript. You’ll see exactly zero outbound connections during that entire process.

The only spikes you should see are the update check or the one-time license verification.

The Invitation

If you’re a networking nerd or a security researcher, please proxy the app. Throw it in Charles or Proxyman. If you find anything that contradicts what I’ve written here, tell me.

I’m building this app for the version of me that worked at a VPN company. That guy was paranoid, and he was right to be.

Oaken Notes launches April 30. It’s private, native, and I’ve tried very hard to make it thoughtful.

• Tom