Meta has paused a company-wide mouse-tracking program as part of a broader data security review, the company confirmed. The program, which logged how employees moved their cursors and clicked on internal systems, was suspended while security teams re-evaluate how the data is collected and stored.
What the program tracked
Mouse-tracking software typically records every cursor movement, scroll, and click a user makes. Inside Meta, the system was used to monitor employee activity on corporate devices — a tool intended to flag unusual behavior, such as a compromised account or an insider data leak. But the same data can also reveal patterns, like which apps an employee opens or how long they linger on a document.
The pause comes as no public incident has been reported, but the review suggests the company is taking a closer look at whether the tracking itself creates new risks. Collecting granular behavioral data on thousands of workers means building a database that, if breached, could expose intimate details about how people work.
Why the review matters
Meta has faced years of scrutiny over how it handles user data. The internal program raises similar questions — but this time the subjects are employees, not the platform's billions of users. A security review of this kind typically examines who has access to the raw tracking logs, how long the data is kept, and whether any of it could be tied back to an individual's identity in ways that aren't necessary for security.
The company did not say how long the review will take or whether the program might be permanently retired. Investigators are also looking at whether any data from the mouse-tracking system was shared outside the security team or used for purposes other than threat detection.
Privacy concerns inside the building
For Meta employees, the news is likely to stoke existing worries about workplace surveillance. The company already monitors internal chat logs, email traffic, and badge swipes. Adding mouse-level detail to that mix could make workers feel like every action is being watched.
Some privacy advocates have argued that even well-intentioned security tools can drift into overreach if not audited regularly. In Meta's case, the review itself suggests someone inside the company flagged a potential problem — or that a scheduled audit turned up something unexpected.
The pause puts a spotlight on the broader tech industry practice of monitoring employees' digital behavior. Apple, Google, and Microsoft all run similar programs, but rarely disclose the details of how they operate. Meta's decision to halt the system while it's under review is unusual enough that it signals the company is taking the risk seriously — at least for now.
What's still unclear is whether the data already collected will be purged or kept. That decision, likely part of the review's final recommendations, could set a precedent for how Meta handles surveillance data on its own workforce.
