What is Local Signing? In order to understand that you will first need to understand what public key crypto is, which is described here.
Public Key Crypto
Public-key cryptography, or asymmetric cryptography, is any cryptographic system that uses pairs of keys: public keys that may be disseminated widely paired with private keys which are known only to the owner. There are two functions that can be achieved: using a public key to authenticate that a message originated with a holder of the paired private key; or encrypting a message with a public key to ensure that only the holder of the paired private key can decrypt it.
In a public-key encryption system, any person can encrypt a message using the public key of the receiver, but such a message can be decrypted only with the receiver's private key. For this to work it must be computationally easy for a user to generate a public and private key-pair to be used for encryption and decryption. The strength of a public-key cryptography system relies on the degree of difficulty (computational impracticality) for a properly generated private key to be determined from its corresponding public key. Security then depends only on keeping the private key private, and the public key may be published without compromising security.
Even though NEM relies on a server/client system (see Two Tiers), the transactions are signed locally, without sending the private key anywhere.
This means that even though you're sending the transaction to a third party, they can't alter it in any way - which allows you to always keep control of your funds.