Most businesses adopted AI the same way they adopted email — without thinking about where the data actually goes.

When you type a client contract into ChatGPT, that text travels from your office to a data center on another continent. It gets processed on servers owned by a company you’ve never met, in a jurisdiction you didn’t choose, under terms of service you probably didn’t read. For the duration of that request, your client’s confidential information exists on hardware you don’t control. And once it’s there, you have no way to verify what happens to it next.

This isn’t a hypothetical risk. It’s the default architecture of every major cloud AI provider.

The standard response from vendors is reassurance: “We don’t train on your data.” “Your inputs are encrypted in transit.” “We’re SOC 2 compliant.” These statements may be technically accurate. They’re also beside the point. The issue isn’t whether the provider is malicious. The issue is that the data transfer happens at all. Once your business information leaves your network, you’ve introduced a dependency on a third party’s security practices, a third party’s legal jurisdiction, and a third party’s business decisions — all of which can change without your permission or knowledge.

And those decisions change more often than people realise.

The terms you agreed to yesterday aren’t the terms you’ll have tomorrow

Cloud AI providers update their terms of service, privacy policies, and data handling practices regularly. Sometimes they notify you. Sometimes the notification is a line buried in a changelog you never read. The model you’re using today might be replaced by a different model next quarter — one with different training data, different retention policies, different performance characteristics. You don’t get a vote. You don’t get advance warning. You get an email, if you’re lucky, and a deadline to accept or leave.

This is normal for consumer software. It’s a problem for business infrastructure.

When your accounting software changes its pricing, you negotiate or switch. When your AI provider changes how it handles the data you’ve been feeding it for eighteen months — client names, financial figures, legal strategies, medical records — switching isn’t as simple. The workflow dependencies are already built. Your team has already integrated the tool into their daily process. Leaving means retraining people, rebuilding prompts, and accepting a productivity gap. The provider knows this. That’s the model.

The compliance gap nobody talks about

Data protection regulations across Europe and beyond don’t just require that data be “secure.” They require that data processing be lawful, that cross-border transfers have adequate safeguards, and that the data controller — you — can demonstrate compliance at any point.

That last part is the one that catches businesses off guard. Demonstrating compliance means being able to answer specific questions: Where was this data processed? On which server? Under which jurisdiction? Who had access? For how long was it retained? With cloud AI, the honest answer to most of these questions is “I don’t know — ask the provider.” That’s not a compliance posture. That’s a liability.

For businesses in regulated industries — accountants handling tax records, lawyers managing case files, healthcare providers processing patient information, financial advisors working with portfolio data — the risk isn’t theoretical. An audit, a client complaint, a data breach at the provider’s end, and suddenly you’re explaining to a regulator why you sent sensitive client data to a server farm you can’t even locate on a map.

Most companies don’t ignore this because they don’t care. They ignore it because the conversation around AI has been dominated by capability — what can it do? — rather than architecture — where does it do it? The capability conversation is exciting. The architecture conversation is uncomfortable. So people skip it.

The alternative isn’t going without AI

Until recently, if you wanted AI, you accepted the cloud. That was the deal. Powerful models required massive infrastructure that no small or medium-sized business could afford to run internally. The cloud wasn’t just convenient — it was the only option.

That’s no longer true.

The same advances that made cloud AI powerful — better model architectures, more efficient training, smarter compression techniques — also made it possible to run capable models on modest hardware. A machine that fits on your desk, draws less power than a gaming console, and costs less than a year of enterprise cloud AI subscriptions can now run language models that handle document drafting, analysis, summarisation, and multilingual communication at a level that would have required a data center five years ago.

Local AI — models running on hardware inside your office, on your network, under your physical control — eliminates the data transfer entirely. No cross-border jurisdiction questions. No third-party retention policies. No terms of service that change while you sleep. The question isn’t “is this cloud provider trustworthy?” It’s “is my office locked?” That’s a question you already know how to answer.

Your data stays in the building. Your compliance is demonstrable. Your AI doesn’t depend on someone else’s business decisions.

The AI is just as capable. The difference is where it runs. And where it runs changes everything about who’s responsible for it.