Meta Hits Pause on Employee Tracking After Massive Data Internal Leak

Just two months after telling staff that opting out was not an option, Meta has halted a controversial program that turned its own workforce into training material.

The irony was not lost on anyone at Meta this week. After months of internal friction, the company has hit pause on the Model Capability Initiative (MCI), a program that quietly recorded US employees' keystrokes, mouse clicks, and screen content. The decision came only after a significant security lapse occurred: sensitive data collected by the tool was left sitting in the open, accessible to virtually anyone inside the company.

For the people working behind the scenes at Mark Zuckerberg’s tech giant, this was the boiling point. Since April, the MCI tool had been running on work laptops to help software agents learn how humans handle software, from keyboard shortcuts to complex dropdown menus. Despite the fact that over 1,600 staff members signed a petition warning that this level of tracking invited major security and regulatory risks, leadership remained unmoved. Zuckerberg famously argued that the company’s workforce was the best possible source for teaching machines how to work.

A Systemic Breach

The timing of the shutdown is particularly jarring. It has been barely two months since Meta informed workers that they could not switch off the surveillance. After weeks of mounting pressure, the company eventually offered a minor concession—allowing staff to pause tracking for 30-minute intervals—but the core architecture remained.

The internal fallout was swift. An engineer discovered that roughly 45,000 "hive tables" containing sensitive activity logs—including private conversations, performance records, and full transcripts—were exposed internally. The incident was logged as a SEV 2, a high-severity designation. On internal message boards, the reaction shifted from professional concern to raw anger. One worker called the lapse "a mess," while others shared memes mocking the recurring "nonsense" at the firm.

Why it matters

This episode highlights the growing tension between corporate ambition and internal privacy culture. When companies treat their own employee base as a testing ground, the margin for error is razor-thin. By collecting granular behavioral data, Meta created a honeypot of sensitive information that, once leaked, exposed the very people it was meant to empower.

The bigger picture is clear: the race to build sophisticated digital agents is outpacing the security infrastructure required to handle the raw data they consume. If a company as technically sophisticated as Meta cannot prevent an internal data spill of its own proprietary surveillance, it raises urgent questions about the safety of similar data collection practices in the broader tech industry. For now, the leaked files have forced a pause, but the trust deficit remains.