What just happened? Meta has paused an internal artificial intelligence training effort after a data exposure event raised concerns about how employee information was handled within the company. The incident raises questions about whether Meta's data governance practices are keeping pace with its AI ambitions.
The issue centers on the Model Capability Initiative, a program Meta rolled out in April to improve its AI systems by collecting detailed workplace activity data from employees. The system tracked inputs such as keystrokes and mouse movements to train models on real-world usage patterns. Participation was required for most employees, a decision that had already prompted internal concern.
That concern escalated after sensitive data tied to the program became accessible across the company. Screenshots reviewed by Business Insider indicate the exposed material included private conversations, performance-related information, and transcriptions. Internally, the incident was classified as SEV 2 on a scale where SEV 0 represents the most severe level.
Meta confirmed the incident and said it has paused the program while it looks into what happened. "We have carefully designed this program with privacy safeguards, and while we have no indication at this time that any data was improperly accessed by Meta employees, we're pausing it while we investigate," a spokesperson said.
The program reflects a broader push among major tech companies to improve AI systems using real-world behavioral data rather than static datasets. Instead of relying solely on precompiled datasets, Meta's approach draws directly on how employees interact with internal tools in real time. While this can produce more useful training data, it also increases the importance of strict access controls and data segmentation.
In this case, employees are questioning why those protections did not appear to be in place from the start. Internal messages shared in screenshots reviewed by Business Insider show frustration with how the data was handled. "I am incensed," one employee wrote. "I don't see any evidence of malicious access, but the fact that this data wasn't locked down as originally promised is super frustrating."
The incident adds to a growing list of AI-related security issues at Meta. Last month, a flaw in the company's chatbot allowed attackers to take over multiple Instagram accounts. Earlier this year, a rogue AI agent triggered a significant internal alert, according to reporting by The Information.
Together, these incidents highlight the challenges companies face when building AI systems at scale: how to collect richer training data while maintaining control over access. When those controls fail, even internally, the impact can extend beyond technical risk to employee trust.
For now, Meta's focus is on understanding how the exposure occurred and whether the system can be adjusted to prevent recurrence. More broadly, the episode raises questions about how far companies can go in using internal behavioral data to train AI without running into security and privacy constraints.