While end-to-end encryption is desirable and has many advantages, Capacities is not following this principle. Here is why.

Before we start it is important to understand that at the moment your data is encrypted in transit and at rest on our servers. You can read more about it here.

But yes, with end-to-end encryption, your data is more protected. Before it's sent to a server, it gets encrypted, and only you hold the key to decrypt it. This protects you from data misuse and other privacy concerns. You are in full control of your data.

Unfortunately, E2EE comes with some fundamental drawbacks for application design that severely limit the service we can provide. Here are some examples:

• Simple, user-friendly and powerful APIs would not be possible: Knowledge management and productivity lives from exchanging information between services, so you don't have to transfer it manually, and you can access it from everywhere. A simple and powerful API or server-based MCPs rely on our ability to read and process your data. With E2EE, these kinds of powerful integrations would not be possible.
• AI assistance would be significantly harder to build: The AI features in Capacities rely on powerful models that run in the cloud. Routing AI requests through the client instead of our servers is technically conceivable, but it would be substantially more complex to build reliably and securely.
• Capacities could not support current integrations: All integrations we offer today — including WhatsApp, Email, calendar, and Readwise — do not support end-to-end encryption on the integration side. Strict E2EE would not allow us to offer these integrations.

There are a lot of reasons for end-to-end encryption as well. Technology decisions are always trade-offs. If full E2EE is a hard requirement for you, we recommend using a tool that prioritizes that. We are very transparent on how we store and process your data. You can read more about it here.

Nevertheless, we have ideas on enabling partial end-to-end encryption while still providing a good service. We could allow you to encrypt the content section of specific objects. It would then be excluded from search and other features, but you could store sensitive information there. Feel free to share your ideas on our feedback board.