Since April, Meta has been recording its employees’ mouse movements, keystrokes, and screenshots to train its AI. On 18 June, a worker filed an emergency security incident report — sensitive employee data was visible to the entire company. Meta suspended the programme on 22 June. It took four days.
Meta’s Model Capability Initiative is suspended — and the cause was not employee objection, though there was plenty of that. Meta has paused the Model Capability Initiative, or MCI, which monitored employee keystrokes and mouse movements.
The programme was suspended due to sensitive data collected through MCI being made accessible to all Meta employees, rather than due to employee complaints about privacy violations. Meta Vice President Stephane Kasriel confirmed the security issue was discovered on 18 June, but an initial patch failed to secure the data. The leaked records included private conversations, performance data, and transcriptions.
Meta‘s spokesperson offered a careful statement. “We have carefully designed [the] programme with privacy safeguards, and while we have no indication at [the] time that any data was improperly accessed by Meta employees, we’re pausing it while we investigate.” The company’s own CTO had previously told employees that MCI data would be “tightly controlled.” It was not.
What’s Happening & Why It Matters
What MCI Did
Meta’s Model Capability Initiative suspension covers a programme that Meta rolled out in April 2026. It captures the mouse movements, clicks, and keystrokes of US-based employees, with occasional screenshots, and feeds the lot into Meta’s models as training data. The idea is to teach AI systems how human workers actually navigate tasks.
Meta CTO Andrew Bosworth called the programme’s purpose in an internal memo. “The vision we are building towards is one where our agents primarily do the work and our role is to direct, review and help them improve.” Employees as a source of AI training data, whose function is ultimately to be replaced by agents — did not go down well. The collection drew protest from employees who objected to being surveilled by software built to learn from them, a tension sharpened by its arrival ahead of job cuts. In May, Reuters reported that the programme was gathering more data than originally disclosed and keeping it in an unencrypted format, prompting additional privacy concerns.
The 30-Minute Pause Button
Meta‘s attempt to manage employee resistance produced one of 2026’s more revealing corporate decisions. In an attempt to soften the friction, Meta later offered a pause button letting workers switch off the tracking for 30 minutes at a stretch, a concession that managed to underline how constant the monitoring otherwise was.
The 30-minute opt-out is precisely the kind of concession that signals management has no intention of addressing the underlying concern. By contrast, it gave employees a visible measure of how comprehensive the surveillance was — if 30 minutes of relief is the accommodation, then 23.5 hours of recording is the default. Workers protested the internal tracking over privacy and personal liberty concerns, circulating petitions that eventually forced Meta to offer limited opt-out options. Those protests did not trigger the suspension. The security incident did.
The Security Incident
The immediate cause of Meta’s Model Capability Initiative suspension was a severity-one security failure. The suspension followed an SEV — a high-priority security incident report — filed by an employee regarding the exposure of staff data. Meta VP Stephane Kasriel confirmed the security issue was discovered on 18 June, but an initial patch failed to secure the data. A database filled with sensitive information was reportedly exposed to anyone who works at the company, with one former employee describing it as a “mess.”
The irony is structural. Meta built a system to harvest employee data precisely because it understood the value of that data. Additionally, it then stored that data — including private conversations, transcriptions, and performance records — in a manner that allowed the entire company to access it. The tool designed to teach AI how to handle sensitive information produced a sensitive information breach as its first significant operational event.
The GDPR Dimension — and European Employee Exemptions
Meta’s Model Capability Initiative suspension exposes a specific and legally consequential gap in Meta‘s global employment practices. Technically, there is one way to opt out: relocate to Europe. European privacy laws and worker protections prevent invasive tracking of the sort represented by MCI, and so Meta cannot implement it there.
Logging keystrokes and screenshots of identifiable employees runs straight into Europe’s data-protection regime. The programme has been flagged for a likely collision with GDPR, which sets a high bar for processing personal data and treats workplace consent as shaky given the power imbalance between employer and staff. A leak that made sensitive records accessible is precisely the failure such rules are written to prevent.
The GDPR exemption is a direct indicator of what the regulation is actually doing. Meta chose not to deploy MCI in Europe because European law made it legally unviable. US employees — who have no equivalent statutory protection — became the programme’s default subjects. That is a precise illustration of how data protection law shapes corporate behaviour. Where the law is strong, surveillance stops. Where it is absent, surveillance starts.
The Meta AI Security
Meta’s Model Capability Initiative suspension is the company’s third significant AI-related security incident this year. In March, a similar breach occurred when an AI took unprompted actions, resulting in a security incident. Earlier in June, hackers exploited Meta’s AI customer service chatbot to hijack Instagram accounts. As TF covered in its Meta AI Instagram hack article, that chatbot exploit compromised the Barack Obama White House page, Sephora’s corporate account, and the US Space Force Chief Master Sergeant’s account.
The three incidents together describe a pattern. Meta is deploying AI systems aggressively — in customer service, in agent development, and in internal training data collection — ahead of the security architecture capable of safely containing those systems. By contrast, Meta is not unique in this. As TF covered in its Anthropic brake pedal article, this is the pattern Anthropic’s Jack Clark warned about across the entire AI industry: a gas pedal with no brake.
The Scale AI Connection — and the Data
The strategic logic behind MCI connects directly to Meta‘s AI workforce ambitions. In June 2025, Meta paid $14.3 billion for a 49% stake in Scale AI and installed its co-founder and CEO, Alexandr Wang, as the head of its new superintelligence team. Scale built its business on harvesting workflow data from contractors. “For a lot of the capabilities that we want to build into the models, the biggest blocker is actually a lack of data,” Wang told an interviewer. “There’s no pool of really valuable agent data that’s just sitting around anywhere.”
MCI is Meta‘s answer to that data gap. The company decided that the most valuable pool of agent training data was its own employees navigating their own computers. Additionally, MCI was approved for use on personal Gmail — raising the specific concern that employee personal data would be captured alongside professional activity. Bosworth’s response to that concern: “Gmail is an approved context so if you have concerns it may be best not to check personal email on your work computer.”
TF Summary: What’s Next
Meta’s Model Capability Initiative suspension continues while Meta investigates the data exposure. Kasriel said Meta “will only re-enable MCI when we are confident in the effectiveness of our data protection controls.” He additionally confirmed that Meta has “gathered sufficient data to assess the long-term value of the tool” — a statement that carries specific ambiguity about whether the programme returns at all. Ireland’s Data Protection Commission — Meta‘s EU lead supervisory authority — has not yet commented publicly. The UK’s Information Commissioner’s Office is expected to request details of the incident.
MY FORECAST: Meta’s Model Capability Initiative suspension will not become a permanent cancellation — but it will return in a significantly redesigned form. The legal and reputational cost of the current design is too high. The data value is too significant for Meta to abandon the programme entirely. By contrast, MCI 2.0 will separate keystroke and mouse tracking from screenshot capture, implement on-device processing rather than centralised database storage, and require explicit employee consent rather than implicit employment-based authorisation. That redesign will take months. When MCI returns, Meta will present it as a privacy-first employee AI development tool rather than a surveillance programme. The data collection objective will not. The Ireland DPC will investigate regardless — and that investigation will likely produce the binding guidance that Meta is not voluntarily generating for itself.
Related Stories
- Meta AI Tricked into Hacking Instagram Accounts
- Anthropic Calls for a Brake Pedal Before AI Builds Itself
- Social Media on Trial: Lawsuits Mount From Spain to San Francisco