Internal documents show the Model Capability Initiative captures emails and chats US employees exchange with European colleagues, putting the AI-agent training programme on a collision course with GDPR.
Meta’s Model Capability Initiative, the surveillance programme it deployed across US employee workstations in April to capture keystrokes, mouse clicks and screen contents for AI-agent training, is collecting substantially more European employee data than Meta has publicly acknowledged, according to a Reuters exclusive on Thursday citing internal Meta documents.
Privacy lawyers at the Vienna-based NOYB argue the architecture as documented puts Meta on a collision course with the GDPR.
The structural problem is one of scope. Meta has consistently told staff, regulators and the public that MCI runs only on US-based work machines and does not surveil European employees.
The 💜 of EU tech
The latest rumblings from the EU tech scene, a story from our wise ol’ founder Boris, and some questionable AI art. It’s free, every week, in your inbox. Sign up now!
The Irish Data Protection Commission, Meta’s lead EU privacy supervisor under GDPR, was told the same. The internal documents Reuters reviewed show, however, that MCI captures the contents of any email or message a US-based Meta employee sends or receives, regardless of where the other party is located.
Every chat a Meta worker in California has with a Meta colleague in Dublin, Paris or Munich is therefore being ingested into the training pipeline. Every email a US-based account manager sends to a European customer is, on the same architecture, being captured.
The legal frame is the part that matters. GDPR’s purpose-limitation principle holds that personal data collected for one purpose, in this case workplace communication under an employment contract, cannot subsequently be repurposed for an unrelated end, in this case training a frontier AI model.
NOYB’s framing of the case, summarised in a statement to Reuters, is that “taking an employee’s chat and ingesting it into an AI model is incompatible with the initial purpose” for which the message was sent.
The repurposing argument does not require Meta to be actively monitoring European employees; the mere fact that European personal data is being incorporated into the training set is, on the NOYB reading, the GDPR violation.
The case lands inside an already-tense Meta-EU relationship. The European Commission extracted user-consent commitments on targeted advertising from Meta last year.
The Court of Justice of the EU ruled against Meta in an Italian publisher-pay case in 2024, and the company is currently challenging Ofcom in the UK High Court over Online Safety Act fees.
NOYB has separately demanded that 11 European data protection authorities stop Meta from using personal data for AI training. The MCI case is therefore not Meta’s first AI-training privacy fight in Europe, but it is the first in which the privacy fight runs through the company’s own employees rather than its consumer-product users.
The underlying commercial logic is also worth pausing on. MCI sits inside Meta’s broader Agent Transformation Accelerator programme, run by Meta SuperIntelligence Labs and aimed at training the Muse Spark family of models to perform multi-step workplace tasks autonomously.
The keystroke-and-mouse data is what teaches the models how human workers actually navigate Google Docs, LinkedIn, Wikipedia and the roughly 200 other apps MCI covers. The training corpus, in other words, is structurally dependent on observing real workers doing real workplace tasks.
Meta’s decision to use its own US employees rather than external paid workers is what gives the company its data advantage; it is also what creates the GDPR exposure.
The internal documents also raise the question of whether MCI’s European-data ingestion is incidental or systematic. Meta has positioned the European capture as accidental overflow, the unavoidable result of running the tool on US machines that communicate with European colleagues.
The framing matters because GDPR does carve out exceptions for incidental processing in some contexts. NOYB’s response is that the volume and routineness of the capture, every email, every chat, all the time, exceeds anything reasonably describable as incidental. The Irish DPC will have to rule on which framing applies.
Meta CTO Andrew Bosworth has previously confirmed there is no opt-out for US employees. European employees are formally exempt because GDPR will not permit equivalent monitoring; the documents now suggest that exemption is operating more as a slogan than as an enforced boundary.
The IDPC has not yet opened a formal investigation. Meta has not separately commented on the Reuters findings. The case will be one of the first material tests of how the GDPR’s purpose-limitation principle applies to AI-training data flows that cross the Atlantic.
