Meta Pauses Employee-Tracking Program After Security Review Exposes Widespread Data Access
Meta paused its Model Capability Initiative after an internal security review found keystroke, mouse-movement, and screen-capture data from staff laptops was accessible across thousands of internal data tables.
Meta has paused a controversial employee-tracking program after an internal security review found that highly granular keystroke and screen-capture data from staff laptops was far more widely accessible inside the company than intended. The program, part of Meta's Model Capability Initiative (MCI), collected mouse movements, click locations, keystrokes, and screen content from employees' work laptops to help train internal AI systems. According to reporting based on internal documents and employee accounts, the data was left accessible across thousands of internal data tables, including AI prompts, transcriptions, private conversations, and performance-related information.
The MCI program was deployed to US employees' work laptops without an opt-out option, as confirmed internally by Meta's CTO. The software captured inputs plus associated screen content, creating a behavioral dataset: what you type, where you click, and what is on your screen while you do it. From Meta's perspective, the initiative was an efficiency play—the goal was to provide AI models with 'real examples of how people actually use computers' by passively logging how employees navigate everyday tools like Gmail, GChat, Metamate, and VS Code.
The program prompted significant internal criticism. An engineer's internal post protesting 'laptop surveillance' and screen monitoring went viral inside Meta, sparking a petition to kill the program entirely. After coverage of the exposure, Meta scaled back and then paused the initiative, amid sustained internal backlash and questions about whether privacy protections were ever more than a reassurance in a memo.
From a compliance angle, employee-monitoring programs of this scope can raise difficult legal and regulatory questions, particularly in jurisdictions that require transparency around workplace surveillance and data collection. The reputational impact is arguably even worse. When a company is always under scrutiny for tracking users, breaking trust with employees sends a strong signal about its default attitude toward data.
Collecting keystroke and screenshot data is high-risk by design. That type of data is content-rich, behavioral, and often contains secrets. Every new data point adds obligations around access control, minimization, retention, and audit that the organization must actively manage for as long as the data exists. Access controls must be precise and regularly audited, because a simple misconfiguration can have big consequences.
Any future data leak—internal or external—could expose not just emails, but the exact sequences employees type, including authentication flows and draft content. In the wrong hands, this kind of information could expose the company to compromise. This episode is a reminder that every new dataset creates new responsibilities. The more detailed and sensitive the information, the greater the consequences when access controls fail.