The Data That Watched Employees Leaked to Them — Surveillance SaaS Hits a Wall

What Happened

Meta has stopped running a program that watched its own employees. The tool, called the Model Capability Initiative (MCI), collected keystrokes, mouse movements and click locations, and on-screen content. The purpose was to gather training data for AI. In other words, Meta logged its own staff’s work and fed it to its models.

The trouble was where that data ended up. On June 18, sensitive information collected through MCI was exposed internally so that the entire Meta staff could see it. Inside it were transcriptions of employees’ private conversations, performance-related data, and, by one employee’s account, personal tax and medical records. On Meta’s internal severity scale, where 0 is the most serious and the scale runs to 5, the incident was rated SEV 2. Engineers touched the issue within four hours of discovery, but the first fix didn’t hold, and access had to be locked down a second time.

Meta’s response: “We have carefully designed this program with privacy safeguards, and while we have no indication at this time that any data was improperly accessed by Meta employees, we’re pausing it while we investigate.” The data hoarded to watch employees ended up spread out in front of those very employees. A surveillance tool’s output leaking back toward the people being surveilled is the kind of irony that should make every founder pause.

What This Means for Founders

Filing this under “big-company mishap” misses the point. Employee-monitoring SaaS is one of the fastest-growing HR-tech categories right now. Market research puts the employee-monitoring software market at $3.89 billion in 2025, growing to $4.59 billion in 2026 at an 18% annual clip. Roughly 78% of U.S. employers use some form of monitoring tool. As remote and hybrid work hardened into the norm, the demand to “measure productivity” pushed the market up. The Meta incident lights up the shadow side of that growth.

For founders building HR or productivity tools, the lesson is blunt: data gathered through surveillance is a liability, not an asset. Keystrokes, screen captures, conversation transcripts — the moment you collect them, you inherit enormous storage and access-control obligations. A single permission misconfiguration can expose private information to an entire company. Meta couldn’t stop it within four hours. A resource-strapped startup handling the same data carries incomparably greater risk.

In Silicon Valley, the regulatory ground is shifting under these products. The EU AI Act, GDPR enforcement, and a growing patchwork of U.S. state privacy laws all treat employee data with rising suspicion, and “bossware” has become a reputational flashpoint covered by mainstream press. Enterprise buyers’ legal and HR teams now ask the surveillance vendor the same first question: who can see this data, and who is liable when it leaks? A FAANG-scale company can absorb a SEV 2 headline. A seed-stage company selling into those same enterprises cannot.

The path forks two ways. One is to collect less by design. Instead of raw keystrokes or screen grabs, handle only aggregate metrics that can’t be traced to an individual, and the blast radius of any incident shrinks. The other is to bake transparency into the product itself. Showing employees what is collected, keeping access logs, and committing to retention limits isn’t a compliance cost — it’s the thing that closes the deal with a cautious buyer. What Meta lost wasn’t data. It was trust.

What You Can Do Now

If your product handles employee or user behavior data, write one sentence today: “What happens if all of this data is exposed at once?” If the answer is grim, you’re better off not collecting that data, or processing it so individuals can’t be identified. Put your collected fields, access permissions, and retention periods on a single page, and start tightening wherever access is widest. If you’re targeting a regulated market, building the “access log” and “collection notice” screens before adding one more feature is what ultimately speeds adoption.