A note on architecture, not law, for anyone building therapy, journaling, HRT tracking, symptom trackers, or AI health copilots. The reminder A user's full Talkspace session transcripts surfaced in a workplace lawsuit. The vendor said they fought it. They still produced the records. That outcome is not unusual. It is the predictable behavior of any system where the operator can read the content. The legal piece is interesting, but the architecture piece is the part you control. "Encrypted" is doing a lot of work Three things commonly get called encryption: TLS in transit. Stops the WiFi café, not the database admin or the court order. At-rest encryption with a server-held key. Stops a laptop thief, not the operator. End-to-end encryption where the server does not hold the decryption key. This is the one with the privacy property most users assume by default. A surprising number of "private" health products land in the second category and market themselves like the third.…