Overview
- Meta began pausing its Model Capability Initiative after an internal high‑priority security report showed employee activity data may have been accessible across thousands of internal tables on Monday.
- The MCI tool, launched in April for U.S. staff, recorded mouse movements, click locations, keystroke timing and occasional screen snapshots to generate training signals for AI models, and participation was initially mandatory.
- Engineers first discovered a vulnerability on June 18 and issued a patch within hours but were not immediately able to fully lock down access to the collected data.
- Senior leaders, including the chief technology officer, acknowledged the rollout fell short of the company’s privacy-review standards and said they will share investigation findings before deciding whether to re-enable the program.
- The exposure has sharpened employee privacy and morale concerns — more than 1,600 staff signed a petition before the incident — and raises legal and security questions because keystroke and screenshot data can contain private conversations, prompts, and sensitive personal information.