The Zurich Protocol
We cannot read your data.
That's not a policy. It's math.
Every conversation is encrypted on the device with AES-GCM-256 before it reaches our servers. The encryption key is derived from your password and never leaves the browser. We store only ciphertext.
How the encryption works
The Universal Bridge extension reads your conversation from the AI platform's DOM
A random per-conversation encryption key is generated (AES-GCM-256)
The conversation is encrypted with that random key
The random key is encrypted with your master key derived from your password via PBKDF2 (envelope encryption)
Only the double-encrypted ciphertext is transmitted and stored. Your password and master key never leave the browser.
Even if our entire infrastructure were compromised, attackers would find only ciphertext. Without the user's password, decryption is computationally infeasible.
What we can and cannot do
| We CAN do | We CANNOT do |
|---|---|
| ✓Store your encrypted ciphertext | ✕Read your conversation content |
| ✓Tell you how many chats you have synced | ✕Tell you what those chats contain |
| ✓Help you recover your account | ✕Recover data if your encryption key is lost |
| ✓Delete your ciphertext on request | ✕Recover data after cryptographic erasure |
| ✓Respond to a subpoena | ✕Hand over readable content — we do not have it |
Regulatory Compliance
Built from the ground up for the regulatory frameworks that govern your industry. Not bolted on. Not “coming soon.” Live.
SEC 17a-4(f)
6-Year Retention
Immutable, time-stamped archival of captured AI conversations. WORM-compliant retention enforcement with configurable policies.
FINRA 3110(b) / 4511
Supervision
Automated flagging, compliance review queues, and auditable supervision workflows for every AI interaction. DLP scanning on prompts and responses.
HIPAA
PHI Protection
Zero-knowledge encryption guarantees PHI in AI conversations is never exposed to the platform operator. DLP catches PHI patterns before they leave.
ABA Opinion 512
Legal AI Ethics
Compliant archival of attorney AI usage with privilege-aware retention, legal hold, and encryption that preserves attorney-client privilege.
Enterprise Key Management
Enterprise organizations control their own encryption keys. No single administrator can access all conversation data. Compliance access requires a quorum.
Quorum Decryption
N-of-M Shamir's Secret Sharing for the organization master key. Multiple custodians must contribute shares before any content is decrypted.
Key Ceremony
Guided key generation and custodian assignment with full audit trail. Custodian rotation supported without re-encrypting data.
BYOK
Bring Your Own Key for org-level API key management. Keys encrypted client-side, never transmitted in plaintext.
Audit Trail
Every key operation — generation, share distribution, reconstruction, rotation — is logged immutably in the org audit log.
Audit and Compliance
In progress. Report available to enterprise customers on request.
Planned before first enterprise customer. Results summary will be published here.
Zero-knowledge architecture minimizes personal data processing. Privacy Policy available at theaicheck.com/legal/privacy.
Vulnerability Disclosure
Found a vulnerability? Contact [email protected]. We welcome responsible disclosure.