My smart home is Home Assistant hosted on a server in my house. It's fully open source and has gone through multiple paid audits to show its security is good too. The only non-local-only integrations are the weather api's and my thermostat (ecobee).
I mean yeah, it's possible to set it up privacy-respecting and that's great. But the average tech enthusiast doesn't set up his own server beyound a NAS.
Heh, I'd argue the average tech enthusiast is exactly the person that would set this up. If not them, then who is homeassistant for? I think modern tech enthusiasts are privacy conscious and will put in the small effort to enjoy that privacy.
Its non-techies who wouldnt bother and just use the app it comes with.