1 hour ago
22
Meta built a program to watch how its own employees use their computers. Mouse movements, clicks, keystrokes, occasional screen snapshots. The goal was to feed that behavioral data into AI model training. Then, in late June, something went wrong.
Meta has paused its Model Capability Initiative, known internally as MCI, following a security incident that exposed sensitive employee data to broader internal access than intended. The program, which launched in April 2026, was suspended on June 22, 2026, while the company investigates how the exposure occurred.
To be clear about what this program actually was: Meta was logging the moment-to-moment computer behavior of US-based employees, not to monitor productivity in the traditional sense, but to generate training data for its AI models.
What happened on June 22
The incident that triggered the pause involved sensitive employee data becoming inadvertently accessible across the company. Meta’s own investigation found no evidence of external breaches or unauthorized access by outside parties.
Spokesperson Tracy Clayton confirmed that privacy safeguards had been in place and that no indications of improper access by Meta employees were found.
The MCI was not a secret program, but it was controversial well before June 22. Employees raised concerns about privacy violations, security vulnerabilities, and the program’s habit of consuming significant system resources on their devices. The feedback was pointed enough that Meta introduced employee controls in early June, before the incident forced a full stop.
Starting June 3, 2026, employees could pause data collection for up to 30 minutes at a time, or request a full exemption from participation.
The broader AI training context
Meta’s decision to collect behavioral data from its own employees sits inside a much larger industry pattern. Training competitive AI models requires enormous volumes of high-quality data, and that data is increasingly hard to source without legal or ethical complications.
Using employees as a data source sidesteps some of the copyright and licensing issues that have entangled AI companies pulling from the public internet. It does not, however, sidestep workplace privacy law, employee consent frameworks, or the basic question of whether workers understood what they were signing up for when they joined the company.
The MCI’s scope, capturing not just usage patterns but granular physical inputs like mouse movement trajectories and keystroke timing, puts it in more sensitive territory than generic telemetry data.
Disclosure: This article was edited by Editorial Team. For more information on how we create and review content, see our Editorial Policy.
English (US) ·