Meta Pauses Model Capability Initiative (MCI) Over Data Security Concerns
Published
Key Takeaways
- Program Paused: Meta is halting its Model Capability Initiative (MCI) employee mouse-movement and digital-activity tracker to investigate data security concerns.
- Data Exposed: Internal documentation mentioned that full prompts and transcriptions, private conversations, and people data were accessible to staff.
- Prior Reporting: May reports said that MCI was collecting more data than described and storing it in unencrypted form.
Meta said on Monday it will pause its Model Capability Initiative (MCI), an internal program that tracks employee mouse movements and digital activity for AI training, as the company investigates data security concerns.
The pause follows revelations that sensitive employee data was accessible to all Meta staffers, according to documents reviewed by Reuters.
What the MCI Program Captures
Rolled out in April, MCI captures mouse movements, clicks, and keystrokes on U.S.-based employees' computers to train Meta's AI models. Business Insider first reported the pause, which a company spokesperson said was rolling out and would take time to reach everyone.
As of Monday afternoon, the tool was still recording, a source told Reuters. Meta confirmed the investigation but declined to say how long it planned to halt the program.
"We have carefully designed this program with privacy safeguards, and while we have no indication at this time that any data was improperly accessed by Meta employees, we're pausing it while we investigate," said company spokesperson Tracy Clayton.
Data Exposure and Security Concerns
The decision came after an employee filed an SEV, or high-priority security incident report, over the exposure of employee data, internal documentation showed. The exposed data included "full prompts and transcriptions, private conversations, people & performance data, DSS sensitivity ratings (1-4)."
Reuters reported in May that the program was collecting more information than initially described and storing that data in unencrypted form, raising privacy concerns among employees.
Earlier this month, Meta patched a flaw in its AI support assistant that allowed attackers to hijack over 20,000 Instagram accounts. In March, the U.K. ICO began investigating Meta AI Glasses over privacy concerns after employees allegedly reviewed intimate user videos.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular