Meta pauses its employee keystroke-collection program after an internal data leak

Meta has temporarily suspended an internal artificial intelligence training program after a data leak left sensitive employee information exposed to the entire company. The incident was reported by Business Insider on June 22, 2026, based on screenshots obtained by journalists Charles Rollet and Pranav Dixit.

The program in question is called the Model Capability Initiative (MCI) and was announced by Meta in April 2026. Its stated objective was to improve the company's artificial intelligence models using as training data the keystrokes and mouse movements of its own employees. The program was mandatory for most of Meta's staff, which from its launch had already generated internal discontent among workers, who felt uncomfortable knowing that their everyday computer activity was being recorded and used for AI training purposes.

The leak that prompted the pause exposed highly sensitive information: employees' private conversations, work performance data and various transcripts, all of it accessible from any point within Meta's internal network. The severity of the incident was classified internally as SEV 2 on a scale that goes from 0 to 5, where 0 represents maximum severity. Although it is not the most critical level, the classification indicates that the incident was considered serious enough to require urgent attention.

A Meta spokesperson confirmed the incident to Business Insider and issued an official statement: "We designed this program carefully with privacy safeguards, and although at this time we have no indication that any Meta employee improperly accessed the data, we are pausing it while we investigate." The corporate response attempts to minimize the reputational damage, but the internal reaction among employees has been notably more critical.

According to the screenshots obtained by Business Insider, an employee wrote in an internal company group on the Monday after the leak became known: "I am outraged." The same worker continued: "I see no evidence of malicious access, but the fact that this data was not locked down as originally promised is extremely frustrating." This type of reaction reveals the tension between Meta's management, which aggressively promotes the use of internal data for AI development, and part of its workforce that feels their privacy rights are being violated or carelessly managed.

The incident comes at an especially delicate moment for Meta in security matters. The article notes that this leak is the most recent in a series of security incidents that have affected the company in recent months. The previous month (May 2026), a vulnerability was discovered in Meta's AI chatbot that allowed external actors to hijack multiple Instagram accounts. And in March 2026, according to The Information, an autonomous AI agent caused an incident also classified as severe within the company's systems. This pattern of incidents suggests that Meta is accelerating the deployment of AI technologies without the control and security mechanisms being fully up to the task.

From the perspective of agentic AI and the use of human behavioral data to train models, this case is especially relevant. The MCI represents a bet on collecting human-computer interaction data in real, professional environments: the keystrokes and mouse movements of workers performing complex tasks are, in theory, a source of rich signals about how humans solve problems, navigate interfaces and make decisions. This class of data can be valuable for training models that imitate or support human reasoning in work contexts.

However, the case clearly illustrates the ethical, legal and internal-trust risks involved in this type of massive data collection on a company's own employees, especially when the program is mandatory and not entirely voluntary. The question of how far a company can use its workers' behavioral data as raw material for AI training—and under what conditions of consent, transparency and security—is far from having a consolidated regulatory answer, both in the United States and in Europe.

Ultimately, the MCI episode at Meta is an early but significant example of the tensions that will arise with increasing frequency as more companies attempt to leverage their employees' internal data for artificial intelligence development. The combination of mandatory programs, poor data security management and lack of worker trust can become a major obstacle to this type of initiative, even within companies with the technical resources of Meta.