Private Isn't the Same as Yours: Privacy vs Data Ownership

A note app can be private and still not be yours. Privacy answers one question: who can read what you wrote. Ownership answers a different one: whether the notes stay yours when the relationship ends. You can hold a perfectly private app, encrypted and ad-free, and still own nothing — because ownership is set by where the data lives, not by a promise.

That distinction is older and more rigorous than the marketing suggests. The canonical local-first software paper, written by Martin Kleppmann and his Ink & Switch co-authors for the Onward! 2019 conference, lists "Security and privacy by default" and "You retain ultimate ownership and control" as two separate ideals out of seven.¹ They are related. They are not the same property. Most note apps sell you the sixth and let you assume you also got the seventh.

What most people believe: a private app is a safe app

The common assumption is reasonable: if a note app encrypts your data, runs no ads, and tracks nothing, your notes are safe — and safe must mean yours. Privacy and ownership get treated as one feature with two names. A padlock on the marketing page is read as a deed of ownership. It is an honest mistake, and it is the wrong reading.

Privacy is about access. It governs who can see your notes: you, and ideally no one else. Encryption, zero-knowledge architecture, "we don't sell your data" — these are all access controls, and good ones. They answer the surveillance question. They say nothing about what happens to the notes themselves: whether you can leave with them, read them elsewhere, or open them in ten years without the app that made them.

The pivot: an app can be private and still trap you

The flaw in "private equals safe" is that privacy and ownership fail independently. The Ink & Switch authors record a concrete case: "In October 2017, several Google Docs users were locked out of their documents because an automated system incorrectly flagged these documents as abusive."¹ Those documents were private. They were also, in the moment that mattered, not the user's to reach.

That is the shape of the problem. A document can be encrypted in transit, shielded from advertisers, invisible to other users — and one automated flag, one account suspension, one company shutting down can put it out of reach. Privacy protected it from the wrong people. It did nothing to keep it reachable by the right one.

The local-first authors are precise about what ownership means here, and it is worth quoting in full: "To disambiguate 'ownership' in this context: we don't mean it in the legal sense of intellectual property... user agency, autonomy, and control over data."¹ Ownership is not the lock on the door. It is whether the door is yours to open.

What ownership actually is: a property of the format, not the policy

Ownership is structural. It is decided by where your notes live and what format they are stored in — not by what the privacy policy promises. A file in an open, plain-text format, on a device you control, is yours whether or not the company that made the editor still exists. A record in a proprietary database is theirs to gate.

This is why the local-first authors argue, in the same paper, that the trade-off is false: "It is possible to create software that has all the advantages of cloud apps, while also allowing you to retain full ownership of the data, documents and files you create."¹ You are not forced to pick between convenience and control. The two were only ever bundled by the architecture, not by necessity.

Steph Ango, the CEO of Obsidian — an app that stores its notes as plain Markdown files on your own machine — puts the durable version of the idea plainly: "Apps are ephemeral, but your files have a chance to last."² An app is a tenancy. A file in an open format is a deed. The first depends on a company staying alive and staying generous; the second depends on nothing but the file.

Writer Keith Axline, in the 2019 essay that named this gap, framed privacy as the means and ownership as the end: "We can't own our data if we're giving it away for free and without consent. Privacy tools are really just data protection tools so that you maintain ownership."³ Privacy is the guard at the gate. Ownership is the title to what is inside.

The honest caveat: the law gives you control, not ownership

Be honest about the limit. "Data ownership" is not a settled legal property right, at least not under European law. The European Union's own analysis, published by the Publications Office in 2024, states that "the actual meaning of data ownership is however not defined in any EU level legislation, nor is it clear what the scope of such an ownership right would be."⁴

The same report goes further, calling data ownership "an inherently problematic concept from a legal perspective: it is not defined or regulated at the EU level, nor is there a common understanding in legal literature."⁴ What the law actually grants is narrower and more specific. The GDPR, in Recital 7, says that "natural persons should have control of their own personal data."⁵ Control — not ownership.

Even the GDPR's portability right is a right against a controller, not a deed to a thing. Article 20 lets you "receive the personal data concerning him or her, which he or she has provided to a controller, in a structured, commonly used and machine-readable format" and transmit it elsewhere.⁶ That is a powerful right. It is also a request you make of someone who holds your data — which is the opposite of holding it yourself.

So the honest conclusion is not that the law will hand you ownership of your notes. It will not. The conclusion is the reverse: because the legal route to ownership is undefined and contested, the only reliable ownership left is the structural kind. You get it by holding the file, in an open format, on your own device — where no controller has to grant you anything.

What to do tomorrow

The fix is not a better privacy policy. It is a different question, asked before you trust any note app with a decade of your thinking. Three concrete moves:

• Ask the ownership question, not just the privacy one. Not "can anyone see my notes?" but "if this company vanished tonight, would I still have my notes in a form I could read?"
• Check the format, not the promise. Notes stored as plain text or Markdown on your own device survive the app. Notes locked in a proprietary cloud database depend on the company's goodwill and existence.
• Treat the export button as a test, not a parachute. A real export — clean, complete, in an open format — is evidence the data was already yours. A messy or partial one tells you what the architecture really thinks.

A note app can do both at once when it is built for it. When notes live as plain text or Markdown on a device you control, with no account standing between you and the file, privacy and ownership stop being competing promises and become properties of the architecture — not lines in a policy.

For the deeper case on why files outlast the apps that made them, see why your notes should outlive your app. For the practical escape route when you are already locked in, see notes are trapped.

Frequently Asked Questions

What's the difference between data privacy and data ownership?

Privacy is access control — who can see your data. Ownership is control over what happens to it and whether it stays yours when the relationship ends. An app can be fully private (encrypted, no tracking) and you can still not own your notes if they live in a closed format on someone else's server. The canonical local-first framework lists the two as separate ideals.¹

Is my data private or do I own it?

It can be both, one, or neither — they are independent. A private app encrypts your notes and hides them from advertisers. An app you own keeps your notes in an open format on hardware you control. Privacy without ownership is common: encrypted, ad-free, and still impossible to leave with. Check the format and the location, not just the privacy promise.

Does data privacy mean I own my data?

No. Privacy law grants control, not ownership. The GDPR's Recital 7 states that "natural persons should have control of their own personal data,"⁵ and the EU's own analysis says data ownership "is not defined or regulated at the EU level."⁴ You can have strong privacy protections over data you do not, in any structural or legal sense, own.

What does it mean to own your notes?

In practice, ownership means agency you do not have to ask for: you hold the actual file, in an open format like plain Markdown, on a device you control. No company can revoke access, change the terms, or disappear with it. The local-first authors define this as "user agency, autonomy, and control over data"¹ rather than a legal property claim.

Can a note app be private but not let me export?

Yes — and that is precisely privacy without ownership. An app can encrypt everything and still keep your notes in a closed format that only it can read. Data portability is a right you exercise against a provider (GDPR Article 20),⁶ not a guarantee of clean escape. The reliable test is whether your notes already exist as files you hold.

Is data ownership a legal right?

Not as a property right, at least under EU law. The Publications Office of the European Union calls it "an inherently problematic concept from a legal perspective... not defined or regulated at the EU level."⁴ The law grants control and portability, not ownership. This is the argument for structural ownership: holding the open file yourself is the only kind that depends on no court and no controller.

Privacy keeps the wrong people out; ownership lets you walk away. A note app that does the first and not the second has only locked the door of a house you are renting. This builds on Keith Axline's distinction between privacy as the means and ownership as the end.

If you want notes that are both private and structurally yours, mnmnote.com keeps them as plain Markdown on your own device.