The keyboard you type on twelve times a day — grocery lists, bank logins, medical questions, arguments with your spouse — is almost certainly sending data somewhere. Not to some vague "cloud." To a company whose business model depends on knowing what you type.
A Hacker News thread this week spotlighted FUTO Swipe, a new swipe-typing model released by FUTO, the nonprofit software organization that also builds a privacy-respecting Android keyboard. The model is open-source and designed to run entirely on-device. No server ping. No telemetry. The thread drew significant attention not because swipe typing is new, but because the contrast is stark: every major free keyboard app — Gboard, SwiftKey, Grammarly Keyboard — processes keystrokes through cloud infrastructure.
What's actually changing
The keyboard privacy problem isn't new. Security researchers have flagged it for years. What's shifting is capability: on-device AI is now good enough that the "we need your data to improve suggestions" justification is weakening. FUTO's release is evidence that a small nonprofit can train a competitive swipe model without mass data collection.
That matters for households because keyboards are a passive data source. You don't decide to share your symptoms when you search for a rash — you just type. You don't opt into sharing your financial stress when you draft a budget message to your partner — you just type. The consent model for keyboard data is effectively nonexistent for most users.
The practical risk isn't primarily "a hacker steals your keystrokes in real time." It's quieter: behavioral profiles built from typing patterns, query histories sold to data brokers, or — in a legal dispute or custody case — data requests served to a company that holds years of your family's private communication drafts.
Recent reporting on data broker markets suggests that keyboard and clipboard data is among the least-scrutinized categories of personal data, partly because users don't perceive typing as "sharing."
What we'd actually do
Switch the keyboards on family phones to FUTO Keyboard or another on-device alternative. FUTO Keyboard is free, open-source, and available on Android. It runs entirely on-device. For iPhone users, the calculus is different — iOS limits third-party keyboards in ways that reduce (but don't eliminate) the risk, and the default Apple keyboard does not transmit keystrokes to Apple servers during normal use. Still worth verifying your iOS keyboard settings under Settings > General > Keyboard > Keyboards. This takes ten minutes per phone.
Disable "full access" for any keyboard app that requests it. When you install a third-party keyboard on iOS or Android, it often requests "full access" — the permission that enables cloud sync, AI suggestions, and, depending on the app's policies, data transmission. Go through every phone in your household and check which keyboards have this permission. Revoke it for anything you don't understand or trust. On Android: Settings > Apps > [Keyboard App] > Permissions. On iOS: Settings > General > Keyboard > Keyboards > [App Name].
Apply extra scrutiny to keyboards on devices used for financial or medical communication. The family phone used to text the pediatrician, the laptop where someone types bank passwords, the tablet a teenager uses — these warrant higher scrutiny than a secondary device used only for games. You don't have to harden everything equally. Prioritize the devices carrying sensitive workflows.
Have a five-minute conversation with your household about "typing as sharing." Most people in your home don't know their keyboard app might be logging what they type. That's not paranoia — it's just a gap in how we think about phones. You don't need to frighten anyone. Just establish a shared mental model: the keyboard is software, software has permissions, and permissions can be reviewed.
The bigger picture
FUTO's release is one data point in a longer pattern: the open-source and privacy software community is closing the capability gap with commercial alternatives. Voice recognition, translation, image analysis — these are increasingly runnable on a consumer device without phoning home.
For families thinking about resilience, this matters beyond privacy. Dependence on cloud-based tools creates fragility: service shutdowns, policy changes, account bans, price increases. On-device software is more durable. A keyboard that works without a data connection, without an account, without a subscription, is simply more reliable.
Preparedness isn't only about water storage and power outages. It includes building household systems that don't require continuous trust in invisible third parties to function.
