Meta and workplace data: why the MCI leak is a lesson, not an ending

🕒 Published on Zendoric: June 24, 2026 · 09:00
Meta pauses its keystroke-monitoring program after an internal leak. Our thesis: the idea of training AI on workplace data is valid, but only on real consent, minimization and security.
By Zendoric · June 28, 2026.
Our thesis is clear: Meta's problem is not having wanted to train AI on the behavior of its professionals —that is legitimate and, done well, immensely valuable—, but having attempted it without the conditions that make such an ambition sustainable. The leak from the Model Capability Initiative (MCI) does not dismantle the idea; it exposes, at a concrete reputational cost, the requirements without which it should not even be attempted.
The facts, as reported by Business Insider on June 22, 2026 based on screenshots obtained by journalists Charles Rollet and Pranav Dixit: the company paused the MCI after an internal leak exposed sensitive employee information to the entire corporate network. The program, announced in April 2026, sought to improve the company's models using as training data the keystrokes and mouse movements of its own staff. Its mandatory nature for most personnel already generated discomfort, and the leak made it worse: according to the report, private conversations, job performance data and various transcripts became accessible from anywhere on the internal network. The incident was internally classified as SEV 2 on a scale of 0 to 5, where 0 is the highest severity: not the most critical level, but serious enough to demand urgent attention.
The company reacted cautiously. A spokesperson confirmed the episode, stated that the program was designed with privacy safeguards and that, with no indications so far of improper access by employees, it is being paused while it is investigated. The internal temperature was another matter: according to the cited screenshots, one worker wrote 'I am outraged' and added that, even without evidence of malicious access, the fact that this data was not locked down as had been promised was extremely frustrating. It should be stressed that these are statements attributed to the journalistic coverage, not facts established in court.
The context makes the reading worse. The article frames this leak within a recent series of incidents: in May 2026 a vulnerability was reportedly detected in the company's chatbot that allowed Instagram accounts to be hijacked, and in March, according to The Information, an autonomous AI agent caused an incident also rated as severe. The pattern, if confirmed, points to a deployment speed that strains the available control mechanisms.
On the technical level, the bet has an understandable logic. The keystrokes and mouse movements of professionals solving complex tasks are rich signals about how humans navigate interfaces, make decisions and tackle problems: precisely the kind of data an agentic model would need to support or imitate reasoning in work contexts. The problem is not the ambition, but the conditions: mandatory participation, limited transparency and, above all, a custody of the data that failed at the most sensitive point.
Our reading: what is at stake is not whether human behavior is useful for training AI —it is, and it is one of the most coveted fuels in the sector—, but who sets the price for exploiting it. This matters because it defines the standard the industry will adopt: the raw material exists and is valuable, but it will only be sustainable on the basis of real consent, minimization, strict access segmentation and security commensurate with the risk. Where this is headed: the companies that understand that internal trust is an asset as strategic as the data will start with an advantage, and this episode serves as an early lesson for all of them. Meta's case does not invalidate the idea; it points, with a concrete bill, to the conditions without which it should not be attempted.