If you've started searching for a "private AI chatbot," you've probably noticed that almost every app claims to protect your data. But once you dig past the marketing language, the differences between these apps become a lot clearer — and a lot more important.
This article breaks down three apps that all promise privacy in different ways: LMSA (an Android app for local and cloud AI chat), Duck.ai (DuckDuckGo's AI chat feature), and Lumo (Proton's AI assistant). We'll look at how each one handles encryption, data retention, and access to premium AI models, so you can decide which one actually deserves your trust.
Why "Private AI Chat" Means Different Things to Different Apps
Before comparing these three apps directly, it helps to understand the three layers where your privacy can be protected — or compromised — when you chat with an AI:
- On your device — Is your chat history encrypted and stored locally, or sent to a company's servers?
- In transit — Is your message encrypted while it travels from your phone to the AI model?
- At the model provider — Does the company running the AI model (like OpenAI, Anthropic, or Mistral) keep a copy of your conversation, or does it use Zero Data Retention (ZDR)?
Most AI chat apps only address one or two of these layers. As we'll see, LMSA is built around addressing all three.
What Is LMSA?
LMSA (short for "Local Model Smart Assistant," sometimes called LM Studio Assistant) is a free Android app that lets you chat with AI models in two ways: by connecting to AI models running on your own computer through tools like LM Studio or Ollama, or by connecting directly to cloud AI models through OpenRouter.
What makes LMSA stand out from a privacy perspective is that it doesn't act as a middleman. LMSA connects directly to your own servers, and all chat histories, API keys, and configurations are stored securely on your local Android device, with no external databases or analytics logging your chats. In other words, LMSA itself never sees, stores, or has the ability to leak your conversations — because they never pass through LMSA's servers in the first place.
For privacy-focused users, this is the foundation that everything else builds on.
What Is Duck.ai?
Duck.ai is DuckDuckGo's AI chat product, built into its browser and available as a standalone feature. DuckDuckGo has built its reputation on private search, and it has carried some of that philosophy into Duck.ai.
According to DuckDuckGo's own documentation, some models offer different levels of privacy protection, including Zero Data Retention and Zero Provider Visibility, which are described on a per-chat basis in the privacy dialogue for that session. DuckDuckGo also states that all metadata containing personal information, such as your IP address, is stripped before prompts are sent to underlying model providers like Anthropic, Azure OpenAI, OpenAI, and Together.ai.
That sounds reassuring, and to DuckDuckGo's credit, every model on Duck.ai operates under a Zero Data Retention policy. The catch is that for most of those models, ZDR still comes with an exception: the provider may retain data for up to 30 days for abuse-prevention or legal reasons. LMSA, by contrast, doesn't route through any intermediary that retains your data for these purposes at all — when ZDR is enforced through OpenRouter, the provider simply does not retain your prompts, full stop.
What Is Lumo by Proton?
Lumo is Proton's AI assistant, built by the same Swiss company behind Proton Mail and Proton VPN. Proton has positioned Lumo as a privacy-respecting alternative to mainstream chatbots, and on the surface, it has a lot going for it.
Lumo's default setting is to not search online, to delete all chats upon closing, and to avoid storing conversations on the server side. Conversations aren't recorded server-side, and any chat history you do choose to save is encrypted so that even Proton can't read it. Lumo also has a "ghost mode," where sessions disappear completely once the window is closed.
This is genuinely strong privacy engineering. However, Lumo has two significant trade-offs that matter if you want access to today's most capable AI models:
First, the model selection is limited to Proton's own open-source lineup. Lumo currently runs on models like Nemo, OpenHands 32B, OLMO 2 32B, GPT-OSS 120B, Qwen, Ernie 4.5 VL 28B, Apertus, and Kimi K2 — all running exclusively on servers Proton controls. These are solid open-source models, but they're not the same as having access to frontier-class models like GPT-5, Claude, or Gemini.
Second, premium features cost extra. Lumo Plus costs $12.99 per month (or $119.98 per year) and includes unlimited chats, document uploads, history search, access to all models, and priority response times. The free tier is limited in the number of chats and features available.
It's also worth noting, as one independent reviewer pointed out, that Lumo isn't technically fully end-to-end encrypted during processing, since your query has to be processed by the AI model at some point — and the server-side components aren't entirely open source either.
Head-to-Head: LMSA vs. Duck.ai vs. Lumo
Now let's compare these three apps across the privacy factors that matter most.
1. On-Device Encryption
This is one of the clearest differentiators for LMSA. LMSA's local chat database is fully encrypted on-device, ensuring privacy for your conversations. Your chat history isn't just "stored locally" — it's encrypted locally, so even if someone gained access to your phone's storage, your conversations wouldn't be readable without the encryption key.
Duck.ai's approach is different: in the DuckDuckGo browser on Mac, Windows, iOS, and Android, your chats and settings are stored locally on your device, outside of browser web storage, so they won't appear in browser developer tools — but retention outside the DuckDuckGo browser depends on the specific browser or app you're using.
Lumo's approach relies on zero-access encryption for saved chat history, which is strong — but as noted above, this protection applies to what's stored, not necessarily to every stage of processing.
Winner: LMSA, for combining local-only storage with on-device encryption as a built-in default, not an opt-in feature.
2. Encryption in Transit
When your message leaves your device and travels to an AI model, is that connection encrypted?
LMSA connects to OpenRouter (and other cloud providers) over encrypted HTTPS connections, meaning your prompts are protected from interception as they travel across the internet — the same standard used for online banking and secure logins. Combined with the fact that LMSA itself isn't sitting in the middle logging this traffic, this gives you a direct, encrypted line between your device and the model provider.
Duck.ai also encrypts traffic in transit, and for voice chat specifically, DuckDuckGo notes that audio streams are encrypted in transit through WebRTC and a relay server, with zero data retention after the session ends. The difference is that Duck.ai's text chats are routed through DuckDuckGo's own infrastructure as an intermediary — which is good for stripping metadata like your IP address, but it also means DuckDuckGo's systems are part of the chain.
Winner: Tie between LMSA and Duck.ai, with LMSA having an edge because there's no intermediary company sitting between you and the model provider at all.
3. Zero Data Retention (ZDR) with Premium Models
This is where the comparison gets really interesting — and where LMSA's design philosophy pays off the most.
LMSA's OpenRouter integration gives you access to ZDR settings that you control directly. OpenRouter has a Zero Data Retention policy you can enforce globally, per model group, or per individual request — and providers that don't retain your data are also unable to train on it. By default, OpenRouter doesn't log your prompts or completions at all; it only stores metadata like timestamps and token counts for billing, and your actual conversation content isn't retained unless you specifically opt in to prompt logging.
This means that when you use LMSA with OpenRouter, you can choose to route your conversations only to endpoints that guarantee zero retention — including frontier, premium-tier models. When ZDR is enabled, your request will only be routed to endpoints that have a Zero Data Retention policy.
Now compare that to Lumo: while Proton doesn't retain your data on its own servers, your model choice is restricted to Proton's in-house open-source models. These models run exclusively on Proton-controlled servers. That's a meaningful privacy guarantee, but it comes at the cost of model selection — you can't access many of the premium, frontier-class models that power more advanced reasoning, coding, and creative tasks.
With LMSA, you get the best of both: ZDR-level privacy guarantees through OpenRouter, without giving up access to premium AI models. You're not locked into one company's model catalog — you get to choose from a wide range of providers while still enforcing zero retention on the requests that matter to you.
For Duck.ai, the catch is the same one we covered earlier: even though every model operates under ZDR, most still carry a 30-day retention exception for abuse-prevention or legal purposes. With LMSA and OpenRouter, when ZDR is enforced on an eligible endpoint, there's no such carve-out — your prompts simply aren't retained.
Winner: LMSA, for offering ZDR access to premium models without the 30-day abuse/legal retention exception that applies to most Duck.ai models, and without Lumo's restriction to a single open-source model catalog.
4. No Tracking, No Ads, No Middleman Logging
LMSA features no external databases or analytics logging your chats, and its optional web search is powered by Brave Search, which doesn't track your search queries, save your search history, or build personal profiles. It's designed with privacy in mind, offering a tracking-free experience for users who want to leverage large language models on mobile.
Duck.ai also avoids ad-based tracking and doesn't use your conversations for ad targeting — that's core to DuckDuckGo's brand. But because Duck.ai operates as a hosted service that proxies your requests, there's inherently more company infrastructure between you and the AI model than there is with LMSA's direct-connection model.
Lumo similarly avoids tracking and ads, with Proton explicitly stating it keeps no logs of what you ask or what Lumo replies, and your chats can't be seen, shared, or used to profile you. The trade-off, again, comes back to model access and subscription cost.
Winner: LMSA, for the simplest possible privacy model — no company-operated chat infrastructure standing between you and your AI of choice.
5. Cost and Access to Premium Models
Here's where the practical difference really shows up for everyday users.
LMSA offers premium features with no subscriptions required. You bring your own OpenRouter account, which gives you pay-as-you-go access to over 100 models — including GPT and Claude — with no middleman logging your requests, and you can layer ZDR enforcement on top of that access.
Lumo, by contrast, gates its full feature set behind a subscription. Lumo Plus costs $12.99 per month or $119.98 per year for unlimited chats, document uploads, history search, access to all of Proton's models, and priority response times. Even at the Plus tier, you're still limited to Proton's own model lineup rather than the broader market of frontier AI models.
Duck.ai is free to use, which is a major point in its favor, but as discussed, most of its models still carry a 30-day retention exception for abuse-prevention or legal reasons.
Winner: LMSA, for combining no required subscription with flexible, ZDR-enforced access to premium models across many providers.
Quick Comparison Table
| Privacy Factor | LMSA | Duck.ai | Lumo |
|---|---|---|---|
| On-device encrypted storage | Yes, by default | Local storage, varies by browser | Zero-access encryption for saved chats |
| Encryption in transit | Yes (HTTPS via OpenRouter) | Yes (WebRTC relay for voice) | Yes |
| No middleman chat logging | Yes — no external databases or analytics | Proxies requests through DuckDuckGo | No server-side conversation logs |
| ZDR on premium models | Yes, no retention via OpenRouter | All models, but most with 30-day abuse/legal exception | N/A — limited to Proton's own models |
| Access to frontier/premium models | Yes, 100+ models via OpenRouter | Yes, multiple providers | Limited to Proton's open-source lineup |
| Subscription required for premium | No | No | Yes, $12.99/month for full access |
| Open source | No | No | No |
Why LMSA Is the Better Choice for Private AI Chats
When you put all of this together, LMSA's approach addresses privacy at every layer we outlined at the start of this article — and it does so without forcing you to compromise on AI model quality.
- On-device encryption keeps your conversation history protected, even if your phone is lost, stolen, or accessed by someone else.
- Encryption in transit ensures your prompts can't be intercepted as they travel to OpenRouter and onward to the model provider.
- Configurable Zero Data Retention through OpenRouter means you can enforce ZDR on the specific models and providers you use — including premium, frontier-tier models — without the 30-day abuse/legal retention exception that applies to most Duck.ai models, and without being restricted to one company's open-source catalog (as with Lumo).
- No subscription requirement means you're not paying $12.99 a month just to unlock access to better models.
- No middleman infrastructure means there's no company sitting between you and the AI model logging your traffic, building a profile, or storing your chats on a server you don't control.
Duck.ai and Lumo both represent genuine steps toward more private AI — and if you're a casual user who wants something simple and free, Duck.ai is a reasonable option, while Lumo is appealing if you're already inside the Proton ecosystem and don't mind paying for full access. But for anyone who wants both maximum privacy and access to the AI models that actually perform best, LMSA's combination of on-device encryption, encrypted transit, and OpenRouter's configurable ZDR policies make it the most complete private AI chat solution available on Android today.
Final Thoughts
Privacy in AI chat isn't just about whether a company promises not to "sell your data." It's about architecture — where your data lives, how it travels, and whether the people running the AI model can see it at all. LMSA was built around minimizing every one of those exposure points, while still giving you the freedom to use the best AI models on the market through OpenRouter's ZDR-enabled routing.
If private AI conversations matter to you, LMSA is worth downloading and trying for yourself — your chats stay encrypted on your device, travel securely, and never pass through a third-party server logging your every word.
This article is for informational purposes. Privacy policies and features for third-party services change over time — always review the current privacy policy of any app or model provider you use.