Meta's 'MCI' program, which collects employee data for AI training, is facing backlash due to concerns about a surge in data traffic and potential violations of privacy regulations.



Meta, the company that operates Facebook and Instagram, has instructed its employees to install a tool called '

Model Capability Initiative (MCI) ' in April 2026. This tool tracks mouse movements and clicks and collects the data for AI training. Reports have emerged of complaints from employees about the MCI, including concerns about the large amount of data traffic it generates, and it has also been pointed out that it may violate European Union (EU) privacy regulations.

Exclusive: Meta tool to track employee mouse clicks on collision course with EU privacy rules | Reuters
https://www.reuters.com/business/meta-tool-track-employee-mouse-clicks-collision-course-with-eu-privacy-rules-2026-05-29/



MCI is a tool that operates on business-related apps and websites, taking snapshots of content on employees' screens. It aims to improve the AI's performance by training it on the finer points of everyday PC operations that humans perform, such as navigating dropdown menus and using keyboard shortcuts. An internal memo stated, 'All Meta employees can contribute to improving our model simply by performing their daily tasks.'

Meta begins collecting employee mouse movements and keystrokes as AI training data - GIGAZINE



Meta provides a list of software that uses MCI, and emphasizes privacy protections, such as ensuring that data collected through MCI is not used for performance evaluation or other purposes other than model training, and that security measures are in place to protect 'sensitive content.'

However, according to Reuters, Meta employees are strongly opposed to MCI being installed on their PCs. An internal memo obtained by Reuters criticizes MCI as an 'employee data extraction factory,' and in May 2026, employees in several US offices distributed leaflets protesting MCI and posted them in meeting rooms, vending machines, and restroom stalls. The leaflets contained statements to the effect that 'while cutting 10% of the workforce, they are trying to collect even more data from the remaining employees,' and also referred to Meta's large-scale layoff plans .

Furthermore, there have been reports of a surge in data usage at employees' homes after MCI was installed on their PCs while they were working remotely. In some cases, MCI sends and receives such a massive amount of data that it can consume a month's worth of data usage in just a few days.

Furthermore, there are concerns that the data MCI is collecting is more extensive than previously disclosed. One employee used Claude to analyze MCI's log files and shared the findings on the company's internal social networking service. The analysis revealed that MCI was integrated into existing data security software and had access to and stored various types of information in an unencrypted format, including employee code changes, computer sleep and wake cycles, visited websites, and copied and pasted clipboard content. The employee noted that compiling this massive amount of data would allow them to build a 'behavioral model that comprehensively reproduces the work procedures of knowledge workers.'



Dave Arnold, a spokesperson for Meta, told Reuters that the internal post was 'fundamentally inaccurate.' According to an anonymous employee, the post alleging extensive tracking of MCI was later deleted.

Furthermore, according to documents obtained by Reuters, Meta stated that MCI would collect the contents of emails and direct messages sent to its US employees, regardless of the sender's location. A legal expert who spoke to Reuters said, 'If this extends to employees or Meta's business partners in Europe, it could violate the EU General Data Protection Regulation (GDPR) . The question is whether the collection of data from EU residents can be considered 'unintentional and incidental,' and whether this tool falls within the GDPR's 'purpose limitation principle,' which states that 'personal data must be used only for the purposes stated at the time of collection.''

Meta's Arnold said, 'MCI is installed only on the computers of our U.S. employees, and to ensure transparency, we have notified employees outside the U.S. in advance that MCI is running on the PCs of their U.S. colleagues with whom they may communicate via email or chat. We have carefully considered and mitigated potential privacy risks in both the development and deployment of this tool, and we are committed to complying with applicable laws and regulations.'

Related Posts:

in AI, Posted by log1e_dh