After sensitive employee information was reportedly made available throughout the organization, Meta has suspended an internal employee monitoring initiative intended to assist in the development of artificial intelligence systems.
Initially introduced in April, the Model Capability Initiative was intended to collect workplace activity data to assist Meta in improving its artificial intelligence models through the collection of work activity data. The system was reportedly used by employees to monitor interactions across various workplace applications including Gmail, Google Chat, and Meta’s AI assistant, as well as capture screenshots and usage patterns.
In response to concerns about privacy and consent, the initiative quickly drew criticism from employees. More than 1,600 Meta employees, including engineers, researchers, and designers, have signed a petition advocating the discontinuation of this program.
Prior to the latest incident, the monitoring initiative had already been under scrutiny. A Reuters report reported that the program collected more information than originally indicated and stored some of the data unencrypted, raising concerns among employees about privacy.
In internal discussions, employees were also concerned that personal information, including tax and medical records accessed from work devices, could be disclosed, despite assurances that the data would be protected and used solely for legitimate business purposes. According to the petition, employees argued that responsible AI development should not be compromised by individual privacy concerns.
A company's stated commitment to building trustworthy and responsible artificial intelligence systems is in conflict with the company's collection of workplace data without meaningful consent. Following reports that sensitive employee information had been accessed internally by employees, the controversy became more intense.
According to information cited in media reports, the exposed data could have included private communications, AI prompts, transcriptions, as well as performance data.
The incident has sparked an internal investigation, though there is no evidence of the information being improperly accessed or misused. Meta, according to Reuters, suspended the initiative after filing an internal security incident (SEV) in response to employee data being widely accessible within the organization.
As indicated in internal documentation, this information included artificial intelligence prompts and transcriptions, private conversations, personnel records, and classifications of data sensitivity. This incident raised new concerns regarding the collection, storage, and protection of employee information.
The Meta program has been suspended while the matter is being investigated.
A company spokesperson confirmed the initiative was designed with privacy safeguards and stressed the absence of any indication of unauthorized access during the investigation. As of the time of the investigation, Meta had not announced when the initiative might resume, and executives of Meta indicated that it would remain halted while the investigation continued.
As Meta stated, the Model Capability Initiative will be suspended gradually and might not reach all employees immediately.
A source familiar with the matter told Reuters that the monitoring tool was still recording employee activity on Monday afternoon while the company attempted to disable it across all its systems.
An additional clarification of the incident was provided by Meta Chief Technology Officer Andrew Bosworth in a later interview, in which he stated that the incident was not the result of an external security breach. Bosworth reported that employee information generated through the program initially could only be accessed by a small number of authorized employees, but was accidentally stored in an internal location incorrectly by a researcher.
According to Meta, there was no evidence of malicious activity found, and the incident was an internal error that caused the company to suspend the initiative while investigating the matter. The development indicates growing tensions between rapid advancement of artificial intelligence and employee privacy rights. The majority of technology companies are exploring new sources of training data to enhance the performance of their models, as well as investing heavily in artificial intelligence.
Despite increasing competition in the AI industry, Meta is expected to spend more than $135 billion on infrastructure in 2018. According to leaked audio from an internal Meta meeting, Mark Zuckerberg was in favor of using employee-generated data for AI training, asserting that highly skilled employees could serve as valuable examples for AI systems.
It has been criticized by privacy advocates, however.
Digital rights experts have argued that extensive workplace monitoring raises serious concerns about employee consent and transparency.
According to the incident report, maintaining employee trust and protecting sensitive information are critical challenges that organizations should not overlook as they accelerate the development of artificial intelligence.
A growing concern is how to strike a balance between rapid AI innovation and employee privacy and data security, as exemplified by the incident. As Meta continues its internal investigation, the outcome will likely influence how organizations approach AI training, workplace monitoring, and responsible data governance in the years to come.