Meta AI Surveillance: Employee Tracking Tool Faces European Privacy Scrutiny
Meta is facing privacy concerns over its MCI tool, which tracks U.S. employees' computer usage to train AI agents. Internal documents confirm the tool also captures data from international colleagues, sparking potential GDPR violations. Employees have criticised the project's extensive reach.
Meta Platforms is facing significant regulatory and internal backlash regarding its Model Capability Initiative (MCI), a new software tool designed to track U.S. employees' computer activity to train autonomous AI agents. Internal documentation indicates that the scope of data collection is broader than initially disclosed, with the tool capturing interactions involving non-U.S. personnel, potentially putting the company at odds with stringent European privacy regulations.
As per a report by Reuters, The initiative aims to record mouse movements, clicks, navigation patterns, and website usage across more than 200 applications. While Meta maintains the tool is installed solely on U.S. devices and focuses on interaction patterns rather than screen content, internal FAQs confirm that communications, including emails and direct messages sent to international colleagues, are being ingested into the system. Meta Layoffs 2026: What H-1B Visa Employees Were Told After Job Cuts Affecting Nearly 8,000 Workers.
The project has drawn immediate criticism from legal experts and privacy advocacy groups regarding the General Data Protection Regulation (GDPR). Under EU law, companies must establish a clear legal basis for processing personal data and adhere to strict purpose limitation tests. Privacy advocates argue that repurposing work communications to train AI models is incompatible with the original purpose for which the data was collected.
Furthermore, Meta has stated that the collected data is dissociated from individual identities, which the company claims prevents the ability to look up or delete specific records. However, privacy experts suggest this lack of traceability may actually violate GDPR requirements, which grant individuals the right to access and delete their personal data. Meta has informed its lead EU regulator, the Irish Data Protection Commission, that capturing non-U.S. data is not a primary objective of the tool.
The MCI project has also sparked significant unrest within Meta, with some staff members comparing the company to a data extraction factory. Internal analysis suggests the tool, which operates alongside existing security software, has access to sensitive information including code changes, clipboard contents, and precise workstation activity. Employees have expressed concerns that the collected data could be used to build exhaustive behavioural models of knowledge workers. Meta Layoffs Continue AI Push As Mark Zuckerberg Says Competing With AWS and Microsoft Azure Is ‘Definitely on the Table’.
Meta spokesperson Dave Arnold has disputed these internal characterisations, labelling employee conclusions about the tool’s capabilities as fundamentally inaccurate. Despite these assurances, the controversy has prompted calls for a formal investigation by the Irish Council for Civil Liberties, arguing that the implications of such workplace surveillance extend far beyond Meta and threaten the privacy of employees across various industries.
(The above story first appeared on LatestLY on May 30, 2026 08:41 AM IST. For more news and updates on politics, world, sports, entertainment and lifestyle, log on to our website latestly.com).