"Is voice dictation private? What to check"
"Is voice dictation private?" does not have a yes-or-no answer, because dictation is not one thing. It is a category of tools that handle your audio in wildly different ways. One app can keep everything on your machine; another can store recordings forever and train on them. The label "dictation app" tells you almost nothing.
So instead of a verdict, here is a checklist. Run any tool through these six points and you will know where it stands. The answers should be findable in the product's privacy policy and settings; if they are not, that absence is itself a finding.
1. On-device or cloud
Start here, because it frames everything else.
- On-device means the speech model runs on your own Mac and the audio never leaves it. Apple Dictation on modern Macs and local Whisper apps like MacWhisper work this way. Privacy is structural — there is no server in the picture to worry about.
- Cloud means the audio is sent over the network to a server to be transcribed. This is faster and often more accurate, but the audio does leave your machine, so privacy now depends on how the service behaves.
Neither is automatically wrong. But cloud tools require you to check the remaining five points carefully, while a true on-device tool answers most of them by design. The full trade-off is in cloud vs on-device transcription.
2. Storage: is your audio kept
If a tool is cloud-based, the most important question is what happens to the recording after it has been transcribed.
- Discarded immediately is the best answer. The audio existed only long enough to become text, then it was gone.
- Stored is a real concern. Some services keep audio for "quality," debugging, or reasons left unstated. Stored audio is audio that can be breached, subpoenaed, or repurposed later.
Look for explicit wording. "We do not store your audio" is a clear claim. Silence on the topic, or a vague "we may retain data to improve our services," should be read as a maybe — and a maybe means yes for your purposes.
3. Training: does your voice feed a model
Separate from storage is the question of whether your audio is used to train or improve a speech model.
If it is, recordings of your actual voice become part of a training dataset. Even with good intentions, that is a different and more permanent thing than transient processing. The answer you want is explicit: the tool does not use your audio for training. Again, look for plain wording, and treat vagueness as a no-answer.
4. Accounts: what is tied to your identity
Does the tool require an account to use?
An account links every transcription to an identity — usually an email, sometimes more. That turns a stream of individual dictations into a profile that can be associated with a specific person. An account also means a stored credential, a record at the company, and one more thing that can leak in a breach.
A tool that needs no account simply cannot build that profile, because there is no identity to attach anything to. If a dictation app asks you to sign up, it is worth asking what the account is actually for. We go deeper in dictation without an account.
5. Permissions: are they justified
A dictation tool legitimately needs certain macOS permissions, and you should expect to grant them. The test is whether each one has a clear, stated reason that matches what the app does.
A voice-to-text app reasonably needs:
- Microphone, to hear you. Obviously required.
- Accessibility, to insert recognized text into other apps at your cursor.
Each of those maps directly to a visible function. What should make you pause is a permission with no obvious purpose — full disk access, contacts, location — on a tool that only turns speech into text. Permissions should be explainable in one sentence each. If they are not, ask why.
6. The privacy policy: can you actually read it
Finally, open the privacy policy itself. You are not looking for legal perfection; you are looking for clarity. A good policy answers the questions above in language you can understand. A policy that is long, evasive, or reserves broad rights to use "your data" however it likes is telling you something even if every individual sentence is technically fine.
A short, specific, readable policy is a genuine signal. It usually means the company does not have much to hide behind complexity.
Running Lispr through the checklist
It is only fair to apply the same checklist to Lispr.
- On-device or cloud? Cloud. Audio is sent to be transcribed by a Whisper speech model via a Cloudflare edge proxy to Groq. This is the point where Lispr is not the most private possible choice — an on-device tool keeps audio on the machine, and Lispr does not. We say that plainly rather than spinning it.
- Storage? The audio is discarded after transcription. Nothing is stored on a server.
- Training? Your audio is not used to train any model.
- Accounts? There is no account and no sign-up. Nothing is tied to an identity.
- Permissions? Two, each for its stated use: Microphone to hear you, and Accessibility to place text at your cursor.
- Privacy policy? Short and specific, written to be read. It is at /legal/privacy/.
So Lispr scores well on storage, training, accounts, and permissions, and is honestly mixed on point one, because it is a cloud tool. If "audio must never leave my Mac" is your standard, that point is decisive and an on-device tool is the better answer. If you are comfortable with encrypted, discarded, untrained, account-free cloud transcription, Lispr fits.
Closing
Voice dictation can be very private or not private at all, and the only way to know is to check. Six questions get you there: on-device or cloud, storage, training, accounts, permissions, and the policy itself. Run any tool through them, including this one. A trustworthy tool will have clear answers, and will tell you straight where it does not lead.
Try Lispr
Voice to text in any Mac app — hold a key, talk, let go. Free, no account, ~4 MB.
Download for macOS