Meta Platforms reportedly acknowledged its controversial employee surveillance programme captures data from employees outside the US, raising fresh legal questions in Europe.
Reuters reported internal documentation it reviewed showed the company’s Model Capability Initiative (MCI) does capture data outside of the US.
MCI was introduced last month as a tool to record how US-based employees interact with their work computers by tracking mouse movements, clicks and navigation patterns across more than 200 apps and websites.
The goal of MCI is to use the employee-generated data to train AI agents capable of performing coding and white-collar tasks.
Meta told staff the programme is confined to US devices and stated safeguards are in place to protect sensitive information.
The news agency noted Meta acknowledged in a question-and-answer document provided to employees MCI will capture the contents of any emails or direct messages sent to US personnel, regardless of the sender’s location.
Meta spokesperson Dave Arnold told Reuters the company notified non-US employees the tool was running on the machines of US-based colleagues they might correspond with, describing the step as one of transparency.
A representative for Meta told Mobile World Live: “We’ve been clear that this tool is for US-based personnel only, and in the interest of transparency, we notified non-US employees that it was deployed on the computers of US colleagues they may email or chat with in the normal course of business.”
“We carefully considered and mitigated potential privacy risks in both the development and deployment of this tool, and we are committed to complying with applicable laws and regulations.”
New regulatory exposure
Reuters stated the disclosure introduces new regulatory exposure in Europe, where technology companies are already fighting a series of heated legal battles over data collection.
Under the EU’s GDPR rules, the news site explained companies must establish a clear legal basis for processing personal data, disclose what is being collected and satisfy strict conditions around sensitive categories of information.
Kleanthi Sardeli, a legal expert at privacy advocacy group NOYB, told the news site even limited or incidental capture of EU employee data could put Meta in breach of GDPR rules.
A key question, she said, is whether data originally gathered for work communications can lawfully be repurposed to train an AI model.
The post Meta tracking tool raises EU GDPR concerns appeared first on Mobile World Live.
Login
