Meta has announced that it will begin systematically capturing employee mouse movements, keystrokes, and other behavioral data from work computers for the purpose of training artificial intelligence systems. The policy applies to employee work devices and creates comprehensive behavioral monitoring of company workers.
This specific workplace surveillance policy represents a substantial expansion of employer monitoring authority into behavioral biometrics. Meta is not monitoring output (what employees produce) but the behavioral patterns of how they work (mouse movement, keystroke velocity, pause patterns). This data reveals cognitive patterns, work habits, decision-making processes, and potentially health or wellness indicators.
The stated purpose is AI training, which is genuine but permits wide interpretation. The behavioral data could train systems that predict employee behavior, detect "anomalies" in work patterns, or identify which employees are most or least productive. The data collected can be repurposed for multiple purposes beyond the stated AI training.
The privacy implication is substantial. Employees' computers are partially work devices but also contain personal communications, financial information, and other private data. Capturing keystrokes means capturing passwords, personal email contents, and search histories. Mouse movement patterns can reveal which web pages employees visit, how long they remain on each page, and behavioral patterns of web browsing.
The normalization implication is also significant. Meta is a large technology employer setting workplace precedent. If Meta captures this data, other tech employers will follow. Within years, comprehensive keystroke and mouse movement monitoring could become standard practice in office work globally. Employees lose the ability to opt out of such monitoring by choosing not to work in tech.
The regulatory gap here is substantial. US employment law permits employers to monitor employees on company devices, but does not explicitly address biometric behavioral monitoring. EU employment law has stricter requirements about proportionality and consent. The policy reveals that US employment law offers minimal protection against comprehensive workplace surveillance.
Historically, workplace monitoring has evolved from physical supervision (managers watching workers) to computer monitoring (software tracking keystrokes and websites visited). This policy represents evolution toward biometric behavioral monitoring—collecting data about how employees move and type, not just what they type.
Watch for: (1) Employee privacy organization responses and complaints; (2) Whether other tech employers adopt similar policies; (3) Congressional inquiry into workplace monitoring practices; (4) State-level privacy law responses; (5) Employee litigation regarding the policy; (6) Whether Meta modifies the policy due to backlash; (7) SEC inquiry into whether the policy creates cybersecurity risks.