Your terminal sees everything you type. That context deserves a higher standard.
Most software collects usage telemetry. Behavioral analytics, crash reports, feature tracking, session timing. For a web browser or a note-taking app, this is a reasonable trade-off - the data helps improve the product, and the risk is limited.
A terminal is different.
What Your Terminal Sees
Your terminal has access to everything that flows through it:
Every command you type, including ssh commands with hostnames and usernames
Environment variables, which often contain API keys, tokens, and secrets
Database connection strings with credentials
Output from scripts that may contain sensitive business data
File contents you cat or pipe through the terminal
Passwords entered at prompts (even if they are not echoed to the screen, the terminal processes the keystrokes)
A terminal sits at the intersection of your identity, your infrastructure, and your secrets. No other desktop application has this level of access to sensitive information in the course of normal use.
The Problem with "Anonymous" Usage Tracking
Terminal vendors that collect usage telemetry typically say it is anonymous - feature usage, session duration, crash reports. They are probably telling the truth. But there are structural issues:
Scope creep - what is collected today may expand tomorrow. A telemetry pipeline, once built, makes it easy to add new data points.
Metadata is data - even "anonymous" usage patterns can reveal what you work on, when you work, and how you work. Session timestamps, feature usage frequency, and connection patterns are informative.
Continuous reporting is continuous risk - a terminal with always-on telemetry has a steady stream of outbound traffic, each call a separate opportunity for capture or compromise. The risk profile is fundamentally different from one-shot artifacts (auto-update checks, signed-release verification) that don't carry usage data.
Trust is not verification - unless the terminal is open source and you audit the telemetry code, you are trusting the vendor's description of what is collected.
Account Requirements
Some modern terminals require you to create an account before you can use the app. This means the vendor knows who you are before you type your first command. An account ties your usage to an identity, which fundamentally changes the privacy calculus - even if the usage data itself is "anonymous."
A terminal should not need to know who you are to let you run commands.
What Does Responsible Look Like?
We think a terminal should follow these principles:
No usage tracking by default - if you want to collect behavioral data, make it opt-in with a clear explanation of what is collected
No account required - the core product should work without sign-up
Local-first credentials - connection credentials should not leave the user's machine unless the user explicitly chooses to sync them
Direct API connections - if the terminal has AI features, API requests should go directly to the provider, not through the terminal vendor's servers
Works fully offline - the terminal should run with no network connectivity required, beyond the calls you explicitly configure (SSH, AI providers, MCP servers)
How Yaw Handles This
Yaw doesn't track what you do. No usage analytics, no behavior telemetry, no crash reports, no command capture, no session timing. No account is needed to use any feature. Saved credentials never leave your machine - they are AES-256-GCM encrypted at rest on your local disk. When you use the built-in AI chat, requests route straight from your device to your chosen provider's API. There is no intermediary server, no proxy, and no infrastructure on our side that could log your prompts or responses.
This is not a competitive feature. It is a baseline. We think every terminal should work this way.
What You Can Do
Check your terminal's privacy policy and telemetry settings
Look for opt-out options if usage telemetry is on by default
Use a network monitor to see what your terminal sends, when, and how often
Consider whether your terminal vendor needs to know who you are
For compliance-sensitive work, prefer terminals that don't track usage
Your terminal is one of the most privileged applications on your machine. It deserves the same scrutiny you would give to any tool that handles secrets.