FrameCounsel runs five AI models entirely on Apple Silicon with zero network connectivity. No cloud servers. No third-party data processors. No API calls. No telemetry. Attorney-client privilege is preserved by architecture, not by policy.
Most security claims are policy-based — they promise not to misuse your data. FrameCounsel is architecture-based. There is no mechanism to transmit your data, so no promise is needed.
All AI models ship bundled inside the application binary. Zero network calls during analysis. You can disable WiFi entirely and every feature works identically. There is no server to connect to.
MLX Whisper, YOLO, DeepSORT, ArcFace, and SAM3 run directly on your Apple Silicon Neural Engine and GPU. No cloud GPU instances, no API calls, no data transmission of any kind.
All case data, analysis results, transcripts, and annotations are stored in the application's sandboxed container on your Mac. Nothing is synced, uploaded, or replicated to any external service.
No analytics. No crash reporting. No usage tracking. No heartbeat pings. FrameCounsel makes zero outbound network connections. There is nothing to intercept because nothing is transmitted.
When evidence touches a third-party server, privilege may be waived. FrameCounsel ensures your forensic work product never exists outside hardware you physically control.
When you use cloud-based analysis tools, the vendor becomes a data processor under most privacy frameworks. Their employees, their subcontractors, and their infrastructure all have theoretical access to your evidence. FrameCounsel has no vendor infrastructure. You are the only processor.
There are no server logs, no cloud storage buckets, no API request records, and no database entries on any third-party system. When opposing counsel issues a subpoena to your software vendor, there is nothing to produce — because nothing was ever transmitted.
Your annotations, search queries, analytical focus areas, and case notes reveal defense strategy. These are protected work product. On-device processing means this work product never exists anywhere except hardware you physically control.
No third party can produce records of what you analyzed, when you analyzed it, or what conclusions you drew. Your forensic workflow is exclusively between you and your client — exactly as privilege demands.
Every cloud-based forensic tool creates discoverable records on third-party servers: upload logs, API request metadata, processing timestamps, storage records. Opposing counsel can subpoena these records from the vendor. A data breach at the vendor exposes every client's evidence simultaneously. FrameCounsel creates no records on any third-party system. There is nothing to subpoena and nothing to breach.
From the moment evidence enters FrameCounsel to the moment you present it in court, every step is cryptographically documented and independently verifiable.
The moment evidence enters FrameCounsel, a SHA-256 cryptographic hash is computed and stored. This hash serves as an immutable fingerprint proving the file has not been altered since ingestion. Any bit-level change to the original file would produce a completely different hash.
Every analysis action — every transcription run, every object detection pass, every annotation — is logged in an append-only audit trail. Entries cannot be modified or deleted. The trail provides a complete, tamper-evident record of everything done to the evidence.
Each audit trail entry carries a precise timestamp. When you ran transcription, when you flagged a frame, when you exported a clip — every action is recorded with temporal precision for courtroom testimony about your analysis process.
Export a complete chain of custody report documenting every step from original file import through final analysis. Includes hash verification, audit trail, and integrity status — formatted for submission as a courtroom exhibit.
FrameCounsel leverages macOS and Apple Silicon security features that protect your evidence at the hardware, OS, and application level.
FrameCounsel runs inside the macOS App Sandbox — an OS-level security boundary that restricts what the application can access. The app cannot read files outside its container without explicit user permission. Even if the application were compromised, sandbox containment limits the blast radius.
On Macs with FileVault enabled (which Apple enables by default on all modern Macs), every byte of data stored by FrameCounsel is encrypted at rest using XTS-AES-128 encryption. When your Mac is powered off, your evidence is cryptographically inaccessible.
Apple Silicon includes a hardware Secure Enclave — a dedicated security coprocessor with its own encrypted memory. Cryptographic keys used for FileVault and Touch ID never leave this chip and cannot be extracted, even with physical access to the hardware.
FrameCounsel is signed with an Apple Developer ID certificate and notarized by Apple's automated security service. This guarantees the binary has not been tampered with since it left our build system. Apple has verified it contains no known malware.
On first launch, macOS Gatekeeper verifies the application's code signature and notarization status. If any file in the application bundle has been modified, Gatekeeper will refuse to run it. You can trust that the code you are running is exactly the code we shipped.
A side-by-side comparison of on-device processing versus cloud-based forensic tools for handling legal evidence.
Common questions from defense attorneys and public defenders about FrameCounsel's security architecture.
No. FrameCounsel makes zero outbound network connections — not during analysis, not during idle time, not ever. All AI models (MLX Whisper, YOLO, DeepSORT, ArcFace, SAM3) are bundled inside the application binary and run entirely on your Apple Silicon chip. You can verify this yourself by running FrameCounsel with your Mac completely disconnected from any network. Every feature works identically offline.
Attorney-client privilege can be waived when privileged information is disclosed to third parties. Cloud-based analysis tools transmit your evidence to vendor servers, creating records on third-party infrastructure that opposing counsel could potentially subpoena or that could be exposed in a vendor data breach. FrameCounsel eliminates this risk entirely — your evidence, annotations, search queries, and analytical work product never exist on any system except hardware you physically control.
When you delete FrameCounsel, macOS removes the application's entire sandboxed container, including all case data, analysis results, transcripts, and annotations stored within it. Because no data was ever transmitted to any external server, there is nothing to persist elsewhere. Your evidence is fully under your control from import to deletion.
FrameCounsel's chain of custody system uses SHA-256 cryptographic hashing — the same standard used by federal law enforcement and digital forensics laboratories. The hash is computed at the moment of import and can be independently verified at any point. The append-only audit trail logs every analysis action with timestamps. These records are designed to meet the evidentiary standards of Daubert and Frye hearings.
FrameCounsel's architecture exceeds the requirements of CJIS Security Policy, ABA Model Rules of Professional Conduct (particularly Rule 1.6 on confidentiality), and state bar ethics opinions on cloud computing. Because no data ever leaves your device, there is no data-in-transit to secure, no vendor access controls to audit, and no third-party compliance certifications to verify. The security model is inherent in the architecture rather than dependent on vendor promises.
Download FrameCounsel and run forensic video analysis entirely on your Mac. Zero cloud exposure. Attorney-client privilege preserved by architecture. 30-day free trial, no credit card required.