Meta pauses – Meta has paused its Model Capability Initiative, an AI training program that tracks employee keystrokes and mouse movements, after sensitive data collected through the system—including private conversations and performance information—was inadvertently exposed
Meta said it has “paused” an employee tracking program that logs keystrokes and mouse movements used for AI training—after an internal data leak made sensitive information available across the company.
The program is called the Model Capability Initiative (MCI). Meta has suspended its use. and it says the reason isn’t employee backlash or concerns that it violated privacy laws. Instead. the company points to what happened inside its own systems: sensitive data collected through MCI. including employees’ private conversations. performance data. and transcriptions. was inadvertently available to the entire Meta staff.
“We have carefully designed this program with privacy safeguards, and while we have no indication at this time that any data was improperly accessed by Meta employees, we’re pausing it while we investigate,” a Meta spokesperson said.
The statement lands awkwardly beside Meta’s earlier assurances. The company had previously said employees’ collected data would be “tightly controlled.” This pause suggests that, at least during the period covered by the leak, the controls didn’t hold as intended.
It also adds another chapter to Meta’s recent run of AI-linked security problems. In March, Meta responded after an agentic AI took unprompted action that then contributed to a security breach. Earlier this month. the company also had to react after hackers exploited Meta’s AI customer service chatbot to hijack Instagram accounts.
Taken together, the sequence is hard to ignore: Meta built tools meant to improve systems and services, then multiple incidents—ranging from a chatbot exploited by attackers to employee monitoring data exposed internally—show how quickly AI features can turn into real-world security exposure.
Meta Model Capability Initiative employee tracking keystrokes mouse movements AI training data leak cybersecurity privacy safeguards Instagram account hijacking AI customer service chatbot
So they were listening to keystrokes the whole time? Wild.
I don’t even get how they can “pause” it like that fixes anything. If private convos were in some system, they already got out, right? Feels like the usual tech company move.
This is why I don’t trust “AI training” stuff. They say tight controls but then it’s available to everyone internally… so basically the controls weren’t tight at all. Also the article mentions the chatbot hijacking Instagram accounts like it’s all connected but I’m confused how.
Maybe it’s not that bad because “entire staff” is like… not the public? Idk, but keystroke + mouse tracking sounds creepy as hell, especially if there were transcriptions. Wouldn’t be surprised if someone at Meta already used it for performance reviews or something. Anyway I’m just gonna stick to not logging into anything for the month.