{"id":65040,"date":"2026-06-23T09:43:44","date_gmt":"2026-06-23T09:43:44","guid":{"rendered":"https:\/\/zero.redgem.net\/?p=65040"},"modified":"2026-06-23T09:43:44","modified_gmt":"2026-06-23T09:43:44","slug":"meta-pauses-controversial-employee-tracking-program-after-security-review","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=65040","title":{"rendered":"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613"},"content":{"rendered":"

{“lastseen”:”2026-06-23T13:36:50″,”description”:”Meta has paused a controversial employee\u2011tracking program after an internal security review found that highly granular keystroke and screen\u2011capture data from staff laptops was far more widely accessible inside the company than intended.\\n\\nThe program was part of Meta’s Model Capability Initiative (MCI), which collected mouse movements, click locations, keystrokes, and screen content from employees’ work laptops to help train internal AI systems.\\n\\nThe program also introduced an obvious risk. Collecting highly sensitive employee activity data is one thing. Keeping it properly secured is another.\\n\\nAccording to reporting based on internal documents and employee accounts, the data wasn\u2019t just collected. It was left accessible across thousands of internal data tables, including AI prompts, transcriptions, private conversations, and performance\u2011related information. \\n\\nAfter coverage of the exposure, Meta scaled back and then paused the initiative, amid sustained internal backlash and questions about whether privacy protections were ever more than a reassurance in a memo.\\n\\nFrom Meta\u2019s perspective, the Model Capability Initiative was an efficiency play. The goal was to provide AI models with \u201creal examples of how people actually use computers\u201d by passively logging how employees navigate everyday tools like Gmail, GChat, Metamate, and VS Code. Agents would be able to learn from live workflows instead of synthetic benchmarks.\\n\\nEmployees were promised that the data gathering would be limited to work apps and not employees\u2019 phones. But you can imagine how it was perceived:\\n\\n * Keystroke and mouse\u2011tracking software was pushed to US workers\u2019 laptops, with no option to opt out on company devices, as confirmed internally by Meta\u2019s CTO.\\n * The software captured inputs plus associated screen content, creating a behavioral dataset: what you type, where you click, what is on your screen while you do it.\\n\\n\\n\\nThe program prompted significant internal criticism. An engineer\u2019s internal post protesting \u201claptop surveillance\u201d and screen monitoring went viral inside Meta, sparking a petition to kill the program entirely.\\n\\nFrom a compliance angle, employee-monitoring programs of this scope can raise difficult legal and regulatory questions, particularly in jurisdictions that require transparency around workplace surveillance and data collection.\\n\\nThe reputational impact is arguably even worse. When a company is always under scrutiny for tracking users, breaking trust with employees sends a strong signal about its default attitude toward data.\\n\\nAll this while knowing that keystroke and screenshot data is high\u2011risk by design. That type of data is content\u2011rich, behavioral, and often contains secrets. Collecting it at scale creates a security burden. Every new data point adds obligations around access control, minimization, retention, and audit, that the organization must actively manage for as long as the data exists.\\n\\n * Access controls must be precise and regularly audited, because a simple misconfiguration can have big consequences.\\n * Data minimization and retention limits are essential since long\u2011term storage multiplies the impact of a potential breach.\\n * Any future data leak\u2014internal or external\u2014could expose not just emails, but the exact sequences employees type, including authentication flows and draft content. In the wrong hands, this kind of information could expose the company to compromise.\\n\\n\\n\\nThis episode is a reminder that every new dataset creates new responsibilities. The more detailed and sensitive the information, the greater the consequences when access controls fail.\\n\\n* * *\\n\\n**Scammers don’t need to hack you. They just need you to click once.** \\n\\nMalwarebytes Identity Theft Protection catches suspicious activity before it becomes a problem.”,”published”:”2026-06-23T13:01:50″,”modified”:”2026-06-23T13:01:50″,”type”:”malwarebytes”,”title”:”Meta pauses controversial employee-tracking program after security review”,”source”:””,”references”:””,”id”:”MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613″,”bulletinFamily”:”blog”,”cwe”:null,”cvelist”:[],”sourceData”:””,”sourceHref”:””,”cvss”:{“score”:0,”severity”:”NONE”,”vector”:”NONE”,”version”:”NONE”},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:”https:\/\/www.malwarebytes.com\/blog\/news\/2026\/06\/meta-pauses-controversial-employee-tracking-program-after-security-review”,”category_name”:”News”,”post_link”:””,”product”:””,”version”:””,”vendor”:””,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"

{“lastseen”:”2026-06-23T13:36:50″,”description”:”Meta has paused a controversial employee\u2011tracking program after an internal security review found that highly granular keystroke and screen\u2011capture data from staff laptops was far…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[6,8,12,115,13,33,7,11,5],"class_list":["post-65040","post","type-post","status-publish","format-standard","hentry","category-category_news","tag-cve","tag-cvss","tag-exploit","tag-malwarebytes","tag-news","tag-none","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\nMeta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613 - zero redgem<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/zero.redgem.net\/?p=65040\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613 - zero redgem\" \/>\n<meta property=\"og:description\" content=\"{“lastseen”:”2026-06-23T13:36:50″,”description”:”Meta has paused a controversial employee\u2011tracking program after an internal security review found that highly granular keystroke and screen\u2011capture data from staff laptops was far...\" \/>\n<meta property=\"og:url\" content=\"https:\/\/zero.redgem.net\/?p=65040\" \/>\n<meta property=\"og:site_name\" content=\"zero redgem\" \/>\n<meta property=\"article:published_time\" content=\"2026-06-23T09:43:44+00:00\" \/>\n<meta name=\"author\" content=\"invoker\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"invoker\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=65040#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=65040\"},\"author\":{\"name\":\"invoker\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\"},\"headline\":\"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613\",\"datePublished\":\"2026-06-23T09:43:44+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=65040\"},\"wordCount\":710,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"keywords\":[\"CVE\",\"CVSS\",\"exploit\",\"malwarebytes\",\"news\",\"NONE\",\"Security\",\"tapic\",\"Vulnerability\"],\"articleSection\":[\"category_news\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=65040#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=65040\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?p=65040\",\"name\":\"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613 - zero redgem\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\"},\"datePublished\":\"2026-06-23T09:43:44+00:00\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=65040#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/zero.redgem.net\\\/?p=65040\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/?p=65040#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/zero.redgem.net\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#website\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"name\":\"zero redgem\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/zero.redgem.net\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#organization\",\"name\":\"zero redgem\",\"url\":\"https:\\\/\\\/zero.redgem.net\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"\",\"contentUrl\":\"\",\"width\":191,\"height\":188,\"caption\":\"zero redgem\"},\"image\":{\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/zero.redgem.net\\\/#\\\/schema\\\/person\\\/fbfeae8dfad117ac08a7621bee1a1dca\",\"name\":\"invoker\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g\",\"caption\":\"invoker\"},\"sameAs\":[\"https:\\\/\\\/zero.redgem.net\"],\"url\":\"https:\\\/\\\/zero.redgem.net\\\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613 - zero redgem","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/zero.redgem.net\/?p=65040","og_locale":"en_US","og_type":"article","og_title":"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613 - zero redgem","og_description":"{“lastseen”:”2026-06-23T13:36:50″,”description”:”Meta has paused a controversial employee\u2011tracking program after an internal security review found that highly granular keystroke and screen\u2011capture data from staff laptops was far...","og_url":"https:\/\/zero.redgem.net\/?p=65040","og_site_name":"zero redgem","article_published_time":"2026-06-23T09:43:44+00:00","author":"invoker","twitter_card":"summary_large_image","twitter_misc":{"Written by":"invoker","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/zero.redgem.net\/?p=65040#article","isPartOf":{"@id":"https:\/\/zero.redgem.net\/?p=65040"},"author":{"name":"invoker","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca"},"headline":"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613","datePublished":"2026-06-23T09:43:44+00:00","mainEntityOfPage":{"@id":"https:\/\/zero.redgem.net\/?p=65040"},"wordCount":710,"commentCount":0,"publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"keywords":["CVE","CVSS","exploit","malwarebytes","news","NONE","Security","tapic","Vulnerability"],"articleSection":["category_news"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/zero.redgem.net\/?p=65040#respond"]}]},{"@type":"WebPage","@id":"https:\/\/zero.redgem.net\/?p=65040","url":"https:\/\/zero.redgem.net\/?p=65040","name":"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613 - zero redgem","isPartOf":{"@id":"https:\/\/zero.redgem.net\/#website"},"datePublished":"2026-06-23T09:43:44+00:00","breadcrumb":{"@id":"https:\/\/zero.redgem.net\/?p=65040#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/zero.redgem.net\/?p=65040"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/zero.redgem.net\/?p=65040#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/zero.redgem.net\/"},{"@type":"ListItem","position":2,"name":"Meta pauses controversial employee-tracking program after security review_MALWAREBYTES:3217C4695DDE3B50CC9820CDF4D81613"}]},{"@type":"WebSite","@id":"https:\/\/zero.redgem.net\/#website","url":"https:\/\/zero.redgem.net\/","name":"zero redgem","description":"","publisher":{"@id":"https:\/\/zero.redgem.net\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/zero.redgem.net\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/zero.redgem.net\/#organization","name":"zero redgem","url":"https:\/\/zero.redgem.net\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/","url":"","contentUrl":"","width":191,"height":188,"caption":"zero redgem"},"image":{"@id":"https:\/\/zero.redgem.net\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/zero.redgem.net\/#\/schema\/person\/fbfeae8dfad117ac08a7621bee1a1dca","name":"invoker","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/f17c01d7338e6932bcde121cf83569393df3374625d25afd62677cfb528f2e3e?s=96&d=mm&r=g","caption":"invoker"},"sameAs":["https:\/\/zero.redgem.net"],"url":"https:\/\/zero.redgem.net\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/65040","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=65040"}],"version-history":[{"count":0,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=\/wp\/v2\/posts\/65040\/revisions"}],"wp:attachment":[{"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=65040"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=65040"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/zero.redgem.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=65040"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}