Meta pauses AI programme that tracked employee mouse clicks after internal data Leak

Meta has suspended its internal AI training programme after sensitive employee data, including private conversations and performance records, was found to be accessible to all staff at the company.

Meta is pausing an internal artificial intelligence training programme after a security incident exposed sensitive employee data across the entire company, Business Insider first reported, with Reuters subsequently confirming the details.

The programme, called the Model Capability Initiative (MCI), was launched in April to improve Meta's AI models by collecting US-based employees' keystrokes, mouse movements, and clicks on their work computers.

The data exposed in the incident included full prompts and transcriptions, private conversations, people and performance data, and DSS sensitivity ratings on a scale of one to four.

The incident was classified as a SEV 2 on Meta's internal severity scale of zero to five, with zero being the most serious.

A Meta spokesperson confirmed the incident to Business Insider and said the company was looking into it.

"We have carefully designed this program with privacy safeguards, and while we have no indication at this time that any data was improperly accessed by Meta employees, we're pausing it while we investigate," the spokesperson told BI.

Tracy Clayton, another company spokesperson, repeated the same statement to Reuters, while declining to specify how long the programme would be halted.

Despite the announced pause, a source told Reuters the tool was still actively recording data as of Monday afternoon. The company acknowledged that halting the programme for all employees would take time to roll out.

Screenshots of internal discussions obtained by Business Insider show employees responding with alarm.

"I am incensed," one Meta employee wrote on Monday in an internal group. "I don't see any evidence of malicious access, but the fact that this data wasn't locked down as originally promised is super frustrating," the same employee continued.

Another Meta employee, writing in the internal SEV discussion thread, raised broader concerns about the scope of what had been captured.

"I have accessed both personal tax and medical information through my work computer, as have many thousands of employees. We were told this data would be protected and only used for valid business purposes after aggressive filtering," the employee wrote, asking for a deeper investigation into the issues.

The MCI programme was already contentious before the leak. When it launched in April as mandatory for most staff, employees voiced discomfort at having their digital activity recorded for AI training purposes.

The latest incident follows a Reuters investigation in May that found the programme at Meta was collecting more information than had initially been described to employees, and that the data was being stored in unencrypted form.