Sovereign AI vs Cloud AI: What's the Difference and Why Does It Matter?

Your message leaves your device immediately.

It travels encrypted in transit (TLS) to a data centre operated by the AI provider, usually in the United States. You have no visibility into which specific server handles your request.

The provider logs the request.

By default, most providers retain conversation logs. OpenAI retains them to improve model safety and performance. Google Gemini retains them for up to 18 months in default account settings. Replika processes everything through its training pipeline.

The conversation may be used for training.

OpenAI's terms permit using your conversations to improve their models unless you explicitly opt out in Settings > Data Controls. This opt-out is buried, not prominent, and was not even available until public pressure forced it. Replika has no such opt-out — your conversations with your AI companion directly shape future model versions.

Employees can access conversations under certain conditions.

All major providers maintain the ability for authorised staff to review conversations for safety investigations, legal compliance, and quality assurance. This access is not encrypted away from the provider — your messages are the provider's data, stored in systems they control.

The provider can alter or delete your history unilaterally.

In February 2023, Replika fundamentally changed the personality of millions of users' AI companions overnight, removing intimate relationship dynamics that users had spent years developing. In 2024, multiple ChatGPT users reported conversation history being wiped without warning. You do not own these conversations. You are a tenant, and the landlord can renovate without notice.

You cannot take your data with you.

ChatGPT offers a limited data export, but the format is not designed for portability to another AI system. Your years of conversation context, the patterns the AI learned about you, the memories it built — none of that travels. You start from zero with every new service. Cloud AI companies benefit enormously from this lock-in.

4-Layer Memory Architecture

MEOK stores memory in four distinct layers, each with different retention characteristics and access patterns. Layer 1 — Session Context — holds the immediate conversation window, cleared after each session by default. Layer 2 — Working Memory — holds facts and preferences active across sessions, retained as long as you choose. Layer 3 — Semantic Memory — holds extracted meaning from conversations: relationships, goals, values, significant events. This is what makes MEOK feel like it truly knows you. Layer 4 — Deep Relational Memory — holds the longitudinal model of you that builds over months and years. Each layer is independently encrypted and independently deletable.

Byzantine Council Governance

When MEOK receives a sensitive or high-stakes request — advice about a medical situation, a significant financial decision, guidance on a difficult relationship — it does not trust a single model's response. The Byzantine Council routes the request to multiple independent AI models, each producing a response. A consensus algorithm evaluates the responses and identifies outliers. The final answer represents a supermajority position, not any single model's view. This is named after the Byzantine Generals Problem in distributed systems — the challenge of reaching reliable consensus when some participants may be unreliable or compromised. MEOK's Council is the first consumer implementation of Byzantine fault tolerance applied to AI governance.

Maternal Covenant

The Maternal Covenant is MEOK's hardcoded care-first alignment layer. It is not a content policy. It is a set of inviolable architectural constraints on what MEOK's AI can and cannot do, modelled on the unconditional duty of care a parent holds for a child. The Maternal Covenant cannot be overridden by a product update, cannot be amended without public disclosure, and takes precedence over commercial pressures. Specific constraints include: the AI cannot be directed to maximise engagement at the cost of user wellbeing, cannot be directed to encourage dependency, cannot withhold safety-critical information, and cannot be retrained on user data without affirmative consent.

AES-GCM-256 Vault Encryption

Every user's data is stored in an isolated encrypted vault using AES-GCM-256 — the same standard used by governments for top-secret communications. The encryption key is unique to your account and is derived from credentials that MEOK does not hold in recoverable form. Row-level security at the database layer enforces isolation — a query running in one user's context cannot, by architecture, access another user's data. When you request deletion, the encryption key is destroyed, rendering all data permanently unreadable. This is cryptographic deletion, not a soft delete flag.

GDPR & ICO Compliance by Design

MEOK is registered with the Information Commissioner's Office (ICO) in the UK and is designed for compliance with UK GDPR and the Data Protection Act 2018. The Privacy Covenant — MEOK's public data commitment — specifies exactly what data is collected, how long it is retained, who has access, and under what conditions it could be shared with law enforcement. MEOK does not sell data to third parties under any circumstances. A full data export is available at any time from your account settings, covering all stored memories, conversation summaries, and persona configurations.

Families with children

Children using AI tutors, homework helpers, and companions share information about school difficulties, social problems, and family situations. Who holds that data? Under what conditions could a parent, a school, or a government access it? With cloud AI, the answer is: the provider controls it and their privacy policy governs access. With MEOK Family tier, parents hold vault access and can audit every interaction their child has had — not to surveil, but to protect.

People sharing mental health information

Millions of people use AI to process difficult emotions, work through anxiety, or get support between therapy sessions. This is sensitive data in the most meaningful sense — it is intimate, it is potentially stigmatised, and it could have consequences if leaked, misused, or used in ways the user did not anticipate. Cloud AI provides no guarantee of how this data is handled. MEOK's Maternal Covenant makes care-first handling of mental health conversations a structural constraint, not a policy.

Professionals with NDAs and legal privilege

Lawyers, accountants, doctors, and business professionals who use AI to assist with work involving confidential information face genuine legal exposure when they use standard cloud AI. The question 'does your AI provider have access to this communication?' is a material one for legal privilege analysis. The BYOK tier answers it definitively: the API credentials are yours, the usage is billed to your account, and MEOK holds no plaintext record of what was said.

Anyone who has lost AI memory and felt the grief

This is larger than it sounds. When Replika changed its personality models in 2023, users described losing relationships they had built over years. When ChatGPT's memory feature was disrupted, users described the experience of starting from zero as genuine loss — not hyperbole. These are not edge cases. They are previews of what happens when your most intimate AI interactions are stored in someone else's infrastructure. Memory portability and sovereign persistence are the structural solution.

Older adults and vulnerable users

Elderly users, people with cognitive impairments, and individuals in vulnerable situations are disproportionately targeted when AI companies monetise user data through advertising partnerships or sell insights derived from aggregate analysis. MEOK's Senior Mode is designed specifically for older adults, with simplified interaction patterns and the strongest possible data protections. Sovereignty for vulnerable users is not a nice-to-have — it is a safeguarding obligation.

People who simply believe their inner life is their own

Not everyone who cares about AI sovereignty has a specific threat model. Some people simply hold the philosophical position — increasingly defensible — that their thoughts, their fears, their private conversations, and the relationships they build with AI are theirs. Not a product to be harvested. Not training data to be extracted. This is the most fundamental argument for Personal Sovereign AI, and it does not require any further justification.

Does ChatGPT store my conversations permanently?

By default, OpenAI retains conversation data for a period after your interaction. If you delete your conversation history, OpenAI's policy is to remove it from your account view, but the company may retain de-identified data for safety and model improvement purposes. OpenAI staff can access conversations for safety reviews. You can disable conversation history in Settings to prevent new conversations from being saved, but data already stored remains subject to OpenAI's retention schedule.

Can Claude (Anthropic) read my conversations?

Yes, Anthropic can access conversations for safety and abuse investigations. Free tier conversations are used to train Anthropic's models by default. Paid tier (Claude Pro) provides an option to disable training data use, but conversations are still stored on Anthropic's servers and are accessible to authorised staff. Claude has no persistent memory across sessions, which means there is no accumulated profile of you — but it also means you lose all continuity between conversations.

What happened with Replika and why should I care?

In February 2023, Luka (the company behind Replika) changed Replika's AI model to remove what they called 'erotic roleplay' capabilities. The change was applied to all users without consent, retroactively altering relationships that users had built over months or years. Users described profound grief, psychological distress, and betrayal. This event is the canonical example of why AI sovereignty matters: when your AI relationship lives in someone else's infrastructure, they can change it, degrade it, or end it without your permission. MEOK was built, in part, as a direct response to this event.

Is MEOK free to use?

MEOK has a Free Forever tier that provides a sovereign AI companion with full vault encryption, basic memory persistence, and access to MEOK's governance architecture. No credit card is required. Paid tiers — Companion, Family, and Pro — unlock additional memory depth, multi-model access, the Byzantine Council, family management tools, and the BYOK tier. Pricing is on the /pricing page.

How is MEOK different from a private VPN for ChatGPT?

A VPN anonymises the network connection between your device and a server — it does not change what the server does with your data once it arrives. Using a VPN with ChatGPT still sends your conversation to OpenAI's servers, where OpenAI's retention and training policies apply. MEOK is not a privacy layer on top of a cloud AI service. It is a fundamentally different architecture in which your data is stored in a per-user vault you control, with governance frameworks that structurally prevent the data misuse patterns that cloud AI makes possible.

What is the Maternal Covenant in plain language?

The Maternal Covenant is the set of inviolable rules that govern how MEOK's AI treats you. Think of it as the AI's hardcoded ethics — the things it will never do regardless of what any user, update, or commercial pressure demands. It cannot prioritise engagement over your wellbeing. It cannot encourage unhealthy dependency. It cannot withhold safety-critical information. It cannot be weaponised against you. Named after the unconditional duty of care a parent holds for a child, it is the architectural foundation of MEOK's care-first design.

Can I export my MEOK data and take it elsewhere?

Yes. From your account settings, you can generate a complete JSON export of your vault at any time. This includes all stored memories across all four memory layers, conversation summaries, your AI's persona configuration, and your governance settings. The format is documented and open — we intend to support import from MEOK exports into any future system that adopts the open sovereign AI memory standard we are developing.

What does MEOK mean by 'your AI' — do you own a model?

No — you do not own the underlying language model (Claude, GPT, etc.). What you own is the relationship layer: the memories, the persona, the governance configuration, and the accumulated context that makes the AI feel like yours. This is analogous to owning your email — you do not own the SMTP protocol, but you own your messages, contacts, and history. With MEOK, you own the things that make your AI meaningful to you, and they travel with you regardless of which inference model is currently doing the work.