When a company evaluates AI adoption, the first question usually asked is "which model is more capable?" That's the wrong question to start with — or at least not the only one. For any use case that touches sensitive data, the question that actually matters is: who sees this data, and under which jurisdiction?
The difference isn't quality, it's control
A closed model, accessible only through a vendor's API, requires your data to pass through — often via servers abroad — to get a response. An open-weight model, on the other hand, can run entirely on your own infrastructure or on a Swiss sovereign cloud: the model's weights are yours to run, not a service you send information to.
This isn't a technical detail: for contracts, medical records, financial data, or information covered by professional secrecy, it's the difference between staying fully compliant with the FADP and GDPR, or exposing yourself to a legal risk that no vendor contract fully eliminates.
When a closed model remains the right choice
It would be dishonest to claim that open models always win. On some complex reasoning tasks, the best closed models remain more capable today, and adopting them is immediate because it requires no infrastructure to manage. For non-sensitive content — marketing drafts, public research, prototyping — it's often the more efficient choice.
A three-question decision framework
- Is the data involved personal, contractual, financial, or clinical? If so, start from open by default.
- Does the use case require reasoning capability that only a frontier model offers today? Consider a hybrid approach, with anonymized data.
- Who needs to be able to inspect or audit the system — a regulator, a client, your legal team? An open model is easier to document and explain.
The point isn't "open versus closed." It's building an architecture where each type of data ends up where it belongs — and where that choice is explicit, not accepted by default because it's the easiest path at the start.