Meta Platforms reportedly acknowledged its controversial employee surveillance programme captures data from employees outside the US, raising fresh legal questions in Europe.

Reuters reported internal documentation it reviewed showed the company’s Model Capability Initiative (MCI) does capture data outside of the US.

MCI was introduced last month as a tool to record how US-based employees interact with their work computers by tracking mouse movements, clicks and navigation patterns across more than 200 apps and websites.

The goal of MCI is to use the employee-generated data to train AI agents capable of performing coding and white-collar tasks.

Meta told staff the programme is confined to US devices and stated safeguards are in place to protect sensitive information.

The news agency noted Meta acknowledged in a question-and-answer document provided to employees MCI will capture the contents of any emails or direct messages sent to US personnel, regardless of the sender’s ⁠location.

Meta spokesperson Dave Arnold told Reuters the company notified non-US employees the tool was running on the machines of US-based colleagues they might correspond with, describing the step as one of transparency.

A representative for Meta told Mobile World Live: “We’ve been clear that this tool is for US-based personnel only, and in the interest of transparency, we notified non-US employees that it was deployed on the computers of US colleagues they may email or chat with in the normal course of business.”

“We carefully considered and mitigated potential privacy risks in both the development and deployment of this tool, and we are committed to complying with applicable laws and regulations.” 

New regulatory exposure
Reuters stated the disclosure introduces new regulatory exposure in Europe, where technology companies are already fighting a series of heated legal battles over data collection.

Under the EU’s GDPR rules, the news site explained companies must establish a clear legal basis for processing personal data, disclose what is being collected and satisfy strict conditions around sensitive categories of information.

Kleanthi Sardeli, a legal expert at privacy advocacy group NOYB, told the news site even limited or incidental capture of EU employee data could put Meta in breach of GDPR rules.

A key question, she said, is whether data originally gathered for work communications can lawfully be repurposed to train an AI model.

The post Meta tracking tool raises EU GDPR concerns appeared first on Mobile World Live.

The European Union (EU) is pressing for deeper talks with the US administration over advanced AI models, and at the heart of the conversation is Anthropic’s Mythos.

There are growing concerns among governments over the security implications of Mythos, which Anthropic released to private companies in April.

Its release triggered an immediate wave of concern when it surfaced the model could identify tens of thousands of software vulnerabilities at a scale no previous system had demonstrated.

The AI player introduced its Mythos model on 7 April, under the auspices of Project Glasswing, to a limited number of technology companies including Amazon Web Services, Apple, Nvidia and Google.

Anthropic expects to bring Mythos-class models to all customers in the coming weeks.

Bloomberg previously reported the EU made limited progress in securing access to details of vulnerabilities Anthropic’s Mythos AI model could reveal.

European Commission spokesperson Thomas Regnier told Mobile World Live (MWL) the agency has had several meetings with Anthropic to understand the capability of the model, its implications for the cybersecurity of the EU and Anthropic’s plan around Project Glasswing.

“We will keep discussing with the company the cyber capabilities and risks of its latest model,” he stated.

CNBC reported Anthropic has yet to grant the EU, its AI office or any government organisations outside of the US, aside from the UK’s AI Security Institute, preview access to Mythos.

Since August 2025, the European Commission’s AI Office has held regular technical meetings with Anthropic tied to the General-Purpose AI Code of Practice, to which the company is a signatory.

A spokesperson for the EC noted Mythos is not a one-off as a “new wave of powerful models are coming to the market”.

The EC stated parallel progress is being made towards releasing OpenAI’s GPT-5.5-Cyber to trusted EU entities.

The EC spokesperson told MWL it is intensifying discussions with the US, “particularly on the most advanced AI models, including those with cyber capabilities”.

“Cybersecurity is a shared priority and we have agreed to mutually recognise our respective standards in this area,” the spokesperson stated.  “On EU side, we are also stepping up our cyber defences through targeted investments in AI and supercomputing.”

The post EU pushes for access to Anthropic model as fears grow appeared first on Mobile World Live.