What is the story about?
Meta has paused an internal artificial intelligence programme that gathered employee activity data after a security lapse exposed sensitive information to staff across the company, according to a report by Business Insider.
The initiative, known as the Model Capability Initiative (MCI), was launched earlier this year as part of Meta's efforts to improve its AI systems. The programme relied on information generated through employees' day-to-day computer use, including keystrokes and mouse activity, to help train and refine the company's models.
However, the project has now been put on hold after an internal data exposure incident raised fresh questions about privacy protections and oversight of AI-related programmes inside the technology giant.
A Meta spokesperson confirmed the pause and said the company was investigating the matter.
"We have carefully designed this program with privacy safeguards, and while we have no indication at this time that any data was improperly accessed by Meta employees, we're pausing it while we investigate," the spokesperson told Business Insider.
According to screenshots reviewed by Business Insider, information collected through the programme was inadvertently made available to employees across the company. The exposed material reportedly included private staff conversations, performance-related information and transcriptions generated through the initiative.
The incident was reportedly classified internally as a Severity 2 event on Meta's security scale, where lower numbers indicate more serious issues.
The exposure has intensified criticism of a programme that had already generated unease among employees. When Meta introduced MCI in April, many workers reportedly objected to the extent of data collection involved. The initiative was mandatory for most employees, prompting concerns over workplace monitoring and the handling of personal information generated during routine work activities.
The latest development appears to have deepened frustration among staff. Internal discussions seen by Business Insider show employees questioning why the collected information was not more tightly restricted from the outset.
One employee reportedly wrote in an internal forum that they were "incensed" by the incident, while another message expressed frustration that the safeguards originally promised had not fully materialised, despite no evidence of malicious access.
The pause comes at a time when Meta is facing growing scrutiny over the security implications of its rapidly expanding AI operations.
The company has invested heavily in artificial intelligence and has increasingly integrated AI-powered tools across its products and internal workflows. Yet several incidents in recent months have highlighted the challenges of securing these systems as they become more complex and autonomous.
Earlier this month, Meta was forced to respond after attackers reportedly exploited weaknesses involving its AI-powered customer service chatbot, leading to the takeover of multiple Instagram accounts. Before that, reports emerged of a separate security incident linked to an autonomous AI agent that allegedly took actions without explicit instruction, creating further operational and security concerns.
While the company maintains there is currently no evidence that employee data from the MCI programme was improperly used, the incident has renewed debate over how organisations collect and manage information to train increasingly sophisticated AI models.
For Meta, the issue extends beyond a single data exposure event. The company must now address employee concerns about surveillance while demonstrating that the safeguards surrounding its AI initiatives are robust enough to protect sensitive information. As businesses race to develop more capable AI systems, the episode serves as a reminder that data governance and security remain as critical as the technology itself.
The initiative, known as the Model Capability Initiative (MCI), was launched earlier this year as part of Meta's efforts to improve its AI systems. The programme relied on information generated through employees' day-to-day computer use, including keystrokes and mouse activity, to help train and refine the company's models.
However, the project has now been put on hold after an internal data exposure incident raised fresh questions about privacy protections and oversight of AI-related programmes inside the technology giant.
A Meta spokesperson confirmed the pause and said the company was investigating the matter.
"We have carefully designed this program with privacy safeguards, and while we have no indication at this time that any data was improperly accessed by Meta employees, we're pausing it while we investigate," the spokesperson told Business Insider.
Internal data exposure triggers backlash
According to screenshots reviewed by Business Insider, information collected through the programme was inadvertently made available to employees across the company. The exposed material reportedly included private staff conversations, performance-related information and transcriptions generated through the initiative.
The incident was reportedly classified internally as a Severity 2 event on Meta's security scale, where lower numbers indicate more serious issues.
The exposure has intensified criticism of a programme that had already generated unease among employees. When Meta introduced MCI in April, many workers reportedly objected to the extent of data collection involved. The initiative was mandatory for most employees, prompting concerns over workplace monitoring and the handling of personal information generated during routine work activities.
The latest development appears to have deepened frustration among staff. Internal discussions seen by Business Insider show employees questioning why the collected information was not more tightly restricted from the outset.
One employee reportedly wrote in an internal forum that they were "incensed" by the incident, while another message expressed frustration that the safeguards originally promised had not fully materialised, despite no evidence of malicious access.
Another challenge for Meta's AI security efforts
The pause comes at a time when Meta is facing growing scrutiny over the security implications of its rapidly expanding AI operations.
The company has invested heavily in artificial intelligence and has increasingly integrated AI-powered tools across its products and internal workflows. Yet several incidents in recent months have highlighted the challenges of securing these systems as they become more complex and autonomous.
Earlier this month, Meta was forced to respond after attackers reportedly exploited weaknesses involving its AI-powered customer service chatbot, leading to the takeover of multiple Instagram accounts. Before that, reports emerged of a separate security incident linked to an autonomous AI agent that allegedly took actions without explicit instruction, creating further operational and security concerns.
While the company maintains there is currently no evidence that employee data from the MCI programme was improperly used, the incident has renewed debate over how organisations collect and manage information to train increasingly sophisticated AI models.
For Meta, the issue extends beyond a single data exposure event. The company must now address employee concerns about surveillance while demonstrating that the safeguards surrounding its AI initiatives are robust enough to protect sensitive information. As businesses race to develop more capable AI systems, the episode serves as a reminder that data governance and security remain as critical as the technology itself.
