Meta’s AI training tool faces GDPR scrutiny over non-US employee data capture
Legal experts warn the tech giant’s practice of recording keystrokes and mouse movements could violate strict data protection rules, while staff protest over data usage and job security concerns.
Meta’s internal artificial intelligence training program, known as the Model Capability Initiative (MCI), is under renewed scrutiny for potentially capturing data from employees outside the United States in a manner that may breach European Union privacy regulations. According to reporting by Reuters, the tool records keystrokes, mouse movements, and clicks to gather real-world examples of everyday computer tasks, a process that appears to extend beyond the company’s initial disclosures regarding US personnel.
The scope of the monitoring tool has drawn concern after Meta admitted in internal Q&A documents that the system captures the contents of emails or messages sent to or by US-based colleagues, regardless of the location of the other party involved. The company stated that if a US employee has the tool enabled, any activity with non-US contacts would be logged. This mechanism effectively means that communications involving EU staff could be intercepted and stored as part of the AI training dataset.
A legal expert speaking to Reuters indicated that even limited capture of EU employee data could constitute a violation of the General Data Protection Regulation (GDPR). Under these regulations, companies are required to establish a legal basis for collecting personal data and must clearly disclose the nature of the information being gathered. The expert warned that the current deployment of the tool may not meet these stringent transparency and consent requirements.
Meta has pushed back against the severity of the allegations, with spokesperson Dave Arnold telling Reuters that the company had carefully considered and mitigated potential privacy risks during the development and deployment of the tool. Arnold confirmed that non-US employees had been notified that the software was active on the computers of their US colleagues, and the company asserted its commitment to complying with all applicable laws and regulations.
Beyond the legal implications, the program has sparked internal unrest among Meta’s workforce. Employees have reported that the tool tracks data from over 200 applications and websites, leading to significant data consumption that has depleted monthly quotas for some staff within days. Furthermore, staff have distributed flyers and launched a petition protesting the initiative, citing fears that the AI models being trained could eventually replace their roles.
