Posted by dlx 19 hours ago
Yes they could have accessed logs before but there’s a difference between directed checking after incidents and active surveillance at scale.
Companies have shown us that IP going to AI providers is acceptable. Once you cross that line your thought workers are assets not people.
[citation needed]
https://www.lawinsider.com/clause/right-to-use-employees-nam...
Though you have to label it as personal (like creating a « Personal » folder or label and your employer can still access it in case of suspicion but he must do it in your physical presence and accompanied with a witness, generally a representative of the employees.
So you theoretically don’t have full privacy on this computer but you can’t be sanctioned for this usage.
Most companies I've worked at have a policy of some "reasonable personal use" being permitted. The concern is usually focused on the other way around: Companies do not want their IP on your personal machines.
They can certainly look at whatever is on their own machines, however, regardless if it is your personal data or not.
One large caveat: If you do any work on your company's equipment, they may possibly own it, no matter how relevant it is to the company. It's one of the legal tests used to judge the ownership of your work.
That was a few years back, dunno if that was fixed.
It’s actually quite reasonable and logical.
https://french-business-law.com/french-legislation-art/artic...
Enjoy your red tape frogs. "Live to work" anglo protestant work ethic followers will complete the necessary economic destruction of rude "work to live" cheese eating surrender monkeys.
This is our payback for Charles de Gaulle, Foucault, and Jacques Lacan (it's hard to rank these three based on damage done to western society)
It's not like people have an unlimited number of places to work, even if they have Meta on their resume. Many of my colleagues (and myself included) had struggled in the job market in the past before landing at Meta. If it's work for Meta, or suffer more tumult in the hiring market; it's easy to understand why many might decide to take the offer even with the moral implications. I used to bring up politics in the office with coworkers and many people are simply unaware of the consequences of the company's products. There are a few different categories that these people fall into, but the main ones I saw in the office:
1) Chinese H1B holders who are happy to be working in the US at all, and generally apolitical (or view anything as better than the status quo of where they come from)
2) Just normal people who are interested in their own lives and have never been trained to think about the world in a big picture way (some overlap between 1&2 exist of course)
It's very western of us to always be tracking the conseqentiality of our actions even when we're just the cog in a wheel at BigCo. I think that it's the right thing to do, but this sort of reasoning largely absent in eastern cultures, or even for some in the west—even among those who are well educated. It's kind of hard to blame individuals when they either are rightfully consumed by worrying about their own welfare or are for whatever reason not as seminally hyperaware or woke as we can be in the west. Growing up I liked imposing my political philosophies onto everyone; maturity is understanding that even objectively righteous values are only useful for the right types of minds.
On the contrary, once someone has truly been made aware of the ramifications of their actions; it's more difficult for me to extend my sympathy to them. I consider mark and priscilla to be fully implicated based on their exposure to the harm that they're actively, willingly, knowingly causing. Other employees may never get that memo, though, people obviously avoid political talk in the workplace.
You can't have solidarity about a bad thing with the people who are doing the bad thing! They have to stop doing the bad thing first! That's how solidarity works!
Don't put some mystery where simple greed is perfect enough explanation and there is little worry about others, some could use the word 'selfish' too. US society at large seems to me structured that way - there is no social net for the unlucky, healthcare also varies a lot based on disposable cash/job, good education is only for rich.
Yes. Which includes quitting, en masse, from any company that does this.
Meta ought to find it impossible to employ anyone with a policy like this.
Apparently, money wins over principles for 99% of us. How is this different and how are we better than Meta employees?
Also, capturing keystrokes and mouse movements only when at work and on work computer isn't really constant surveillance. Capturing all our code, text, photo and video (made at work or at home) seems worse and we don't bat an eye.
But the discussion was about Meta employees in general. They're heavily involved in the second type of surveillance that you alude to.
And employers know this, so they are enacting all kinds of draconian policies because they know employees know that they can't just leave the job and also keep their families fed.
It was metaapes, iirc.
https://www.reuters.com/investigations/meta-is-earning-fortu...
This is just another factor they’ll have to grapple with in their analysis.
I’m sure some of them will find it a bridge too far but not enough to really matter. The work will continue as will the expansion of Meta and the negative externalities that it produces.
When I worked at a startup that had some internal conflict between the software engineers and management, someone made a Signal group to chat about the issues among the software engineers privately and everyone joined that group with their own Signal accounts, without any kind of issue.
So they can monitor your email and slack server-side, but not your client-side stuff that doesn't touch their servers. However if you use a VPN then they can also monitor your DNS requests and every website you visit. Any kind of client-side telemetry is limited to a few things, however those things can involve what applications you have installed (like spotify) for security reasons or USB sticks plugged in.
It had no impact of recruiters trying to win me back since then.
His eyes glaze over and he just reads that instead in his corner vision instead of listening to you, and you get snubbed forever more
How can they legally mandate an exit interview when you resigned? Is it part of the employment contract? What would have happened if you showed them the finger and not participated?
https://www.businessinsider.com/how-block-lists-affect-your-...
https://medium.com/@ossiana.tepfenhart/the-no-hire-list-is-r...
https://www.theguardian.com/technology/2018/mar/16/silicon-v...
I'd be more concerned about industry-wide blacklisting.
But I also had a different situation where we also decided to hire someone, only to find out that we can't because he's been let go from another company owned by our parent company, and his severance agreement said he can't work for the same group of companies for 12 months. I think he was genuinely unaware that we're part of the same group(if was a huge corporation) and it just never came up in any conversation until HR tried to put together paperwork for him.
In the USA this is mostly theoretical since HR could immediately fire the employee due to at-will employment.
But in Canada, it's a much bigger issue due to labour protections.
e.g. Many managers at American multinationals gave assurances over email to employees about work-from-home arrangements. Then the company does a huge RTO push.
When the employee refuses, HR discovers they can't fire the employee without a hefty buyout.
Best not to give assurances if you're managing a multinational team.
Is that an American thing? I've been a manager for years and never heard of that happening. I didn't even know how much the people I managed were paid.
https://mathewsdinsdale.com/employers-advisor-march-2025/#:~...
Most cultures around the world are acutely aware that the actions and opinions of their leaders are not a reflection of behaviors and opinions of regular citizen.
If keystrokes are captured, isn't this a double-edged sword where maybe the company might be inadvertently collecting evidence against itself if there's an investigation and the investigators want to collect keystrokes?
I work at a tech firm in India, and we are encouraged to create skills.md based on the traits of our colleagues, with the intention of reducing key personnel risk. A handful of engineers were let go as the result of a re-alignment, and their AI counterparts are actively maintaining their code.
I wonder if this is where they are going.
Feel like I'm reading a Gibson novel here.
> I work at a tech firm in India
First I wondered how can you have such a low expectation on privacy, then you answered my question. What you need in India is more unionization and fight against corruption. It is becoming worse here in Europe but in India you do not have the protections that we have. Without that you will have no rights.
You will have to fights to get rights at your job. In the same way that Europeans are going to have to fight to keep them.
In many EU countries even if privacy protection is strong on paper, the settlement will be so low compared to US that you won't afford to take any vacation.
EDIT: I remember, an example of this actually came up a while ago on HN. An Apple employee had to return a device unwiped, due to legal discovery, but the device had intimate pictures on it[1]. Oops! Don't do that, people.
proof?
> Turns out people actually don't really care about privacy at work
lol, won't ask for proof, because it's trivially falsifiable
(yes that's a real story from my career, and the company was 100+ employees at the time)
TBH at this point I don't believe you are a real person.
The fact that you don't believe people who don't share your same opinion on mixing work and personal stuff are somehow not "real" is part of the problem.
I say semi-official because someone asked the question at a Q&A training thing with IT, and that was the IT manager's response.
You can see the EU's guide here: https://www.edps.europa.eu/data-protection/data-protection/r...
> Limited private use of these tools is often permitted, generating a level of expectation by employees for privacy: employers should not routinely read employee' emails or check what they are looking at on the internet.
Maximizing shareholder value by observing you doing job in the pursuit of replacing you with a very small shell script is a great reason that they've just discovered.
Get your own laptop, pay for your own cellphone, use your own internet service, etc. If you create anything of value on their property or with their property or during times they're paying you in any capacity, expect them to use it for profit.
Where I grew up you do have legal right and social expectation not to be under surveillance at work. You even have an expectation of privacy in public spaces - I know this is not the case in other countries, but I accept/know that and it would be senseless to imply this is expected everywhere.
I mean I have my own laptop and phone, why would I use a work device for that stuff?
Because you're traveling for work, and carrying two separate laptops eats into your limited baggage size/weight. Things are marginally better now that everything uses the same standard charger, but not much.
Per TFA, this thing is literally taking screenshots of what is on the employee's screen. At work my screen sometimes had things such as: performance data on other employees, my own PII from HR systems, PII from customers, password managers, etc. It's also logging keystrokes. How many times do you type passwords a day.
Collecting that kind of information on purpose is truly wild. Imagine the security safeguards you would need just to prevent it from leaking. Wait what, they're explicitly collecting it to train LLMs with it? God help us all.
The ones on the ‘inside’ are doing to 500% of the time I’m sure
100% of the people at my company use their computer for personal tasks, and this is permissible under our policies. Our company is fully BYOD and owns zero computers, and zero cell phones.
There's quite a difference between that and zero privacy, and there's also quite a difference between "IT policy says" or "the law permits" and "this is how things ought to be".
That said, between necessary endpoint security and the potential to get caught up in corporate legal disputes I feel like maintaining a strict separation is advisable. But that doesn't mean I support unnecessarily invasive surveillance or think it's a good thing.
A bogus argument, methinks. Consider that the company also owns the phones, but can or do they listen to every phone call ?
https://www.fbi.gov/video-repository/think-before-you-post-p...
https://www.aclu.org/news/free-speech/fbi-can-neither-confir...
https://www.democracynow.org/2025/10/2/headlines/trump_direc...
https://www.levernews.com/are-you-on-the-fbis-new-watch-list...
https://www.latimes.com/politics/story/2025-12-11/justice-de...
> Under settled Board law, numerous practices employers may engage in using new surveillance and management technologies are already unlawful. In cases involving employer observation of open protected concerted activity and public union activity like picketing or handbilling, the Board has recognized that “pictorial recordkeeping tends to create fear among employees of future reprisals.”10 The Board accordingly balances an employer’s justification for surveillance “against the tendency of that conduct to interfere with employees’ right to engage in concerted activity.”11 In that context, “the Board has long held that absent proper justification, the photographing of employees engaged in protected concerted activities violates the Act because it has a tendency to intimidate.”12
https://www.nlrb.gov/news-outreach/news-story/nlrb-general-c...
I know you’re in India, but in the US, could this not be considered intellectual property theft on “right of publicity”? Your persona and working style is one of your core values you bring to market; building a simulacrum of that is not something I expect to be part of the “your output is the company’s IP” in an existing contract.
I will give a company the right to try to reproduce my output. But my very likeness and modus operandi? No.
You don't need to "give" them anything -- they already have everything they need due to basically anything you do, especially at work, especially while using company equipment, being legally considered "works made for hire" https://www.copyright.gov/title17/92chap1.html + https://www.copyright.gov/circs/circ30.pdf
Here's how a refusal to them doing whatever they think would maximize shareholder value with any of your output or data they collect from your company computer would actually go down: the company would do something you didn't like, you'd try to complain about it, HR would listen and document everything. In the best-possible case, they'd let you personally opt out. More likely, since you're likely very easy to replace in their minds, they'd refer you to their data privacy clauses in their acceptable usage policy section of the employee handbook, maybe reference the notice sent out to everyone about how they're doing this, then fire you for performance reasons a few months later. You'd be given an NDA and a very average severance, then you could choose to try to hire a lawyer (who would take at least a third of any pre-tax settlement amount) and fight them, in which case they'd settle for more or less the same as the severance package (and keep in mind both that and any court settlement are both taxable income, so you're not getting a windfall in any case), or you'd just sign the NDA and take the severance with no admission of wrongdoing on their part and no legal recourse.
Large companies employ entire orgs of lawyers who specialize in these matters, and it is literally their job to protect the company, not the employees, from lawsuits like this. Is it fully legal and in the clear? Probably not. Will they still 100% get away with it and leave employees with no realistic options or upside attempting to fight it? Of course. Welcome to America, land of the free for corporations which are legally people, just ones with infinite lives who cannot be arrested / imprisoned but can make legal decisions but cannot be subpoenaed. See eg https://www.theverge.com/policy/886348/meta-glasses-ice-doxx... for how the C-suite thinks about this type of thing.
Follow eg https://www.aclu.org/press-releases/aclu-and-75-organization... to see what actually happens.
More on how "work for hire" applies in a legal sense:
https://www.brookskushman.com/insights/innovations-at-work-w...
https://outsidegc.com/blog/common-misconceptions-about-the-w...
I am aware of "how the C-Suite thinks about this type of thing", but this is also a good example to surface here of what to redline in future employment contracts. Yes, that will likely shut you out of a lot of places, but the opposite is beyond learned helplessness: it is capitulation to a future that will not end well for the tech worker.
There remains a thing called human dignity.
If a company can't trust the people it hires, that's a fault in the hiring process, not the employees.
I can see an argument for companies not trusting there employee's because most employees harbor borderline corrupt thinking in their work place and have terrible work ethics, of course all of this is brought on by corporate culture so its there fault in the first place, but im not exactly sure what started where.
>I work at a tech firm in India, and we are encouraged to create skills.md based on the traits of our colleagues, with the intention of reducing key personnel risk. A handful of engineers were let go as the result of a re-alignment, and their AI counterparts are actively maintaining their code.
Okay, now this sounds like satire. But I suppose that's the way the world is going.
Like that "Scott is an asswipe who never agrees to any idea that isn't his" or what?
This is exactly what they're doing, and they aren't the only ones.
One must be a fool to do any of this on any company-owned hardware. Facebook or no Facebook.
"this computer is property of WORK CORP, you have no expectation of private on this computer"
If you want privacy use a personal device....
Maybe because they're aware that complaining about the boss is protected by law (in the United States and many other countries).
When I joined the workforce a long time ago, I went in with the mindset that: Their property, their equipment, their right to monitor (or even keylog).
I was pleasantly surprised to find that not to be the case, but I've always believed in their right to do so.
Why do people expect to have a right to do non-work related stuff on the job? Every company I've worked for states in the employment contract/policies what you can and cannot do on the job. They never enforce it to the extent that they outline in the policies, but it's usually clear cut.
If you want to rant about the company, do it outside the company! Or at a physical water cooler. When coworkers want to rant to me about the company, they don't use Slack/Teams. They message my personal, non-work number.
In the late 2010s/pre-covid it was very common for employees to port their personal cell phone number to their work phone and just not have a personal cell phone. The internal culture at the company was remarkably open for their size.
That all went away by the time I left in 2022, and from what I've heard it has only accelerated into an employee-hostile environment. I'm not shocked at this move.
From my perspective a lot of it was downstream of over-hiring in the post-pandemic frenzy. It's hard to maintain that culture while doing large layoffs, and there's no incentive for them to do so beyond the longer term reality that many of their best employees have left and they're increasingly seen as a place to earn a top paycheck in between layoffs.
If humans are the point, this also goes for keeping work environments humane.
> The profession exists in support of human life.
*this is just an observation, not a normative claim
That's a bit self-aggrandizing - especially for Software engineers.
I don't mean to say that this software was the only means of doing either of these things, of course. But we do make tools that people use regularly when living their lives. Sometimes it's just about being reliable or not getting in the way. The modern equivalent of flintstones and sharing stories around the fire.
It's about taking your work seriously - the qualities of what we make matter - and feeling some sense of purpose. And knowing who you're doing it for. I don't think that's being self-important.
Why do you renounce to your rights to privacy so easily? You are an employee not a slave, sometimes I have the feeling that Americans do not know the difference.
> If you want to rant about the company, do it outside the company!
You have a right to organize inside the company, and for that the most efficient easy way are the internal company communications. Communications with the purpose of unionizing should be private and the company accessing them should be punished, and if needed C level should go to prison for their crimes.
How do you organize otherwise? How do you contact your colleagues about grievances about the company?
It is mind blowing to see this capitulation on personal rights. It seems that corporate rights are more important than anything else in the USA. It is a pure dystopia.
Governments, corporations and any other organizations should all exist FOR the people, not the other way around.
American-style capitalism truly is a disease.
If that's something he cant handle he might have a problem with personal accountability.
Either way when it comes to ranting about the company: many workplaces don't have a watercooler where all your team mates congregate (e.g. remote/different offices). Also what, you'll rant about confidential work projects over non-work texts?
Like use the restroom? Personally, I'm not a slave. I am getting more and more used to the idea of having to push back on those who do exhibit such a mentality. Y'all are beginning to become a threat to the rest of us.
More substantively: I would like the employer/employee transaction to be one of buing/selling labor. To me, training AI on keystrokes nudges the deal towards selling one's "soul" next to other dystopian tropes like brain implants and work toilets that analyze excretions.
You are correct that employers own the laptops and can install anything they want, which is why I never do anything other than work there - the farthest I will go is participate in employer-hosted shitpost groups/channels, which are not anonymous, and they are free to train their models on that.
I guess you never talk to coworkers about your weekend. That's on the job. I see you mention the water cooler; how dare you talk there?
If they just want to monitor your computer for the purposes of productivity tracking, that is in their right, imo - just a shitty thing to do.
On the other hand I would be looking for another job if they had keyloggers or were taking screenshots even if they said anything about me shopping on Amazon or randomly browsing Hacker News or any website that wasn’t gaming or Netflix during work hours.
Heck I use to travel a lot more for business and I used my work laptop for Netflix and other streaming services in the hotel.
As long as I’m meeting performance standards it shouldn’t matter.
Not that I support it -- but typically companies don't do this in spite of security concerns, they do it to address security concerns. But of course, what meta is doing sounds like a different situation. It sounds like they want to make a model that replaces part of their workforce.
And when all of the above happens Meta will be absolved of any responsibility.
I don't understand how it's legal either. I guess we need laws against it yesterday.
Meta already has literally have billions of people's personal profiles and browsing history.
I don't think screenshots of their SWE's IDEs is going to be useful for identifying internet users.
I do agree screenshots themselves are less useful for that.
1. Why use their employee's data to fingerprint input? They could do that to a billion+ of their users instead.
2. Input fingerprinting is multi-decades old science, there are already production products that do this.
The cat is out of the bag, but that doesn't mean it's a non-issue.
EDIT: While we are here, let's do this for politicians as well :), publicly available, auditable 24-hour surveillance.
Politicians will be the first to carve out exceptions for themselves for reasons of "security" while everyone else is surveilled.
Yes, it should literally be the opposite -- with power should come accountability. But that's not how these things work in practice.
Well good thing we can just not vote for anyone and/or remove anyone who tries to take this stance. It's not like they are appointed by God.
The legal environment is the only way to baseline behavior. In countries with strong worker's rights, you generally don't have to fight much to make use of them; it's the norm for management, too. Likewise, the US-style norm of having no expectations toward your employer and the "stay in your lane" type takes rampant in the thread are also symptoms of the environment and its norms.
This sounds unironically a good idea.
Extremely common with divorce attorneys - and labor law.
Good luck getting a lawyer to sue another lawyer either.
When I bought my home, I had a purchase agreement that said 'I will pay up to 1500$ cash if the property assesses for less than X' (X being the amount I told the realtor I was willing to pay.)
And the property happened to assess EXACTLY for X.
Collusion in markets is nothing new, and even when we regulate people find ways around it.
It is very telling especially in light of the Palantir manifesto, that all of this technology is being applied against individuals instead of towards ensuring business compliance.
Here (UK) we do have a bit of variety, thanks to devolution and bloody mindedness. I'm talking about English here (possibly Welsh too), rather than British (England + Wales + Scotland) or even UK (England + Wales + Northern Ireland). Wales is actually a bit more complicated than that but let's keep it simple.
Here (England), you advertise a house price and invite buyers. You generally engage one or more estate agents (realtors) I think it is called an "invitation to treat" in legal terms.
... negotiations ...
Once a price is "agreed", contracts are drawn up by both sides and "exchanged". When the exchanged contracts are both accepted, then the contract is binding on both sides. Basically: the Buyer will Buy and the Seller will Sell etc.
I think the US is fairly similar in that you do have to agree to something before it becomes a binding agreement.
The goal is to manufacture a lack of empathy along the lines of: "why should I treat this person better than I was treated".
But then, we're talking about humans, especially the violence-enjoying strata of humans here.
And you expect Meta employees, of all people, to believe this?
Palantir builds these systems for the US government which is (hopefully) something you can hold accountable / can reasonably trust.
Meta builds these systems for itself to make digital cocaine and sell personal data to profit off everyone (including and moreso primarily the elderly and children). You can't hold them accountable, actually pretty much nobody can hold Zuckerberg accountable.
When Palantir helps USG spy on the planet the primary purpose is defeat enemies + protect assets. When Meta builds these systems the primary purpose is digital cocaine.
I think it takes about the same amount of suspended disbelief to say that, as it takes a Facebook employee to believe the primary purpose of targeted ads is to connect customers and businesses.
Either way, I'd definitely hold those directly responsible for collecting and selling of the data way worse than those that just make use of a product. It's like the war on drugs where those making say they will make as long as there are people wanting to buy
Neither. Palantir makes data management software, they've never been in the business of collecting or analysing data themselves at all. There's generally a fundamental misunderstanding online of what Palantir actually does.
Any time you see an article or comment saying something along the lines of "Palantir is stealing your data", consider if it makes sense when you replace Palantir with MySQL, if it doesn't then it's generally safe to assume that article is garbage.
There are plenty of legitimate reasons to have grievances with Palantir, but they're completely drowned out by nonsense.
This is rather naive. Palantir makes politics by creating and funding a SuperPAC to discredit a former employee who happens to support the RAISE act.
Leading the Future, a super PAC whose funders include the founders of companies like Palantir and OpenAI, is spending millions of dollars this election cycle, and a considerable amount of that money is going toward attack ads against Alex Bores – even though Bores himself used to work for Palantir.
https://youtu.be/znKb71kLG5c?si=5Q9B88bXaGCkgebN
They even have a political manifesto, a thing that a private company dedicated to data analytics, should definitely not have:
https://gizmodo.com/alex-karps-supervillain-manifesto-is-put...
You’d be surprised how few people actually buy into the corporate culture at these companies. It’s just to get paid because everyone needs a job to pay their expenses.
You want to solve this then lower the cost of housing.
- the project was time constrained, so hardly any time, and
- there were serious ethical questions which could never be addressed well within the allotted time for this project
So we ended up discarding the idea of collecting data from a representative group, even before we got to the point of asking "how do you do handle that ethically". We ended up collecting data from 1 subject. The student in question, indeed. He handled the data from which he derived heuristics that simulated the data. The collected data therefore never left the student's hands.
<sarcasm>Silly us, we should have just not bothered and collected it from anyone and anywhere. Apparently.</sarcasm>
In all seriousness, this callous and complete disregard for ethical questions offends me so very much.
I realize you can argue whatever is done at work should have no expectation of privacy, and I get that, but as an employer myself I've always felt that schemes like keyboard and mouse tracking are going a chasm too far. Your employees are human beings not robots. In the older context of corporate productivity tracking there are far better metrics available - starting with, I don't know, maybe talking to your employee and asking them how things are going.
I wouldn't have a problem if it were opt-in, but if this were foisted upon me I would surely quit.
Then they’ll deploy models trained on this, and begin capturing employees using AIs that are good at using AIs to do work.
Repeat a few times and they’ll start capturing the keystrokes from people mashing their heads into keyboards with dispair and exclaiming, “Why can’t these models do anything anymore!!”
(I work at Meta)
It’s only once the business is having a cash crunch or will no longer need to hire competitive candidates that they start letting people go without severance.
Tell that to Elon Musk and Twitter employees.
This will also give them data on which employees aren't using AI enough, and then they'll be PIP'd or let go.
These models already have the skills that humans were using them for, so either by training the models to use subagents or simply inlining the work done by the AI, you have a much easier time training the model to perform tasks from a human-distribution. The humans have done the work of making the human-distribution look more like an AI distribution.
If it is as you say, then eventually the house of cards will crumble. Then we can finally go back to work and quit being inundated with needing to use AI for everything.
I hope this is widely hacked. If these employees are any good, someone will whip up a countermeasure that feeds absurdly wild and nonsensical data into Meta's fetid, gaping maw.