Conclusion First: Your Business Data May Already Be Enhancing Someone’s AI

Meta has announced that it will track employees’ mouse movements and keystrokes to train AI models. This means that behavioral data from internal tools will be entirely used as “learning material.”

You might think, “Isn’t this just a big company issue?” However, this is not just a concern for small businesses in rural areas. The reason is that similar clauses are likely already embedded in the terms of service of the SaaS tools you use every day.

—

What Meta’s ‘Employee Data Harvesting’ Entails

The software that Meta has introduced is called the “Model Capability Initiative.” It tracks mouse movements, clicks, and keystrokes on applications and websites that employees use during work. The goal is to improve the accuracy of AI models. In other words, the daily work of employees is transformed into training data for AI.

At first glance, this seems reasonable. Employees can simply do their jobs, and the AI becomes smarter without any additional costs. However, there is a deep-rooted problem here.

Names of customers shared in chats, transaction terms written in internal documents, names of competitors entered in search boxes—these can all become “learning material.” And all of this can happen without the individuals being aware of it.

—

The Mechanism by Which ‘Fine-Tuning’ Destroys Privacy

There is a noteworthy study here. A paper indicates that when fine-tuning (additional learning) is performed on large language models, the model’s ability to judge “what can be shared and what cannot” deteriorates.

Specifically, models after fine-tuning show a decreased understanding of privacy standards based on context. For example, judgments like “this information is for internal use only” or “this customer data must not be shared with third parties” become lax. Researchers refer to this as “Privacy Collapse.”

The troublesome part is that this deterioration cannot be detected by standard safety benchmarks. In other words, even if it is said that “safety tests have passed,” privacy holes may remain open.

Applying this to Meta’s initiative, there is a risk that AI models trained on employee behavioral data could inadvertently output personal or confidential information. Moreover, this could occur not as a “bug” but as a “side effect of the specifications.”

—

The Real Risk for Small Businesses — When Was the Last Time You Read Your SaaS Terms of Service?

Now, let’s get to the main point.

Meta uses its own employees’ data. But how does the SaaS your company uses handle your company’s data?

Since 2023, many major SaaS companies have revised their terms of service to include clauses stating that “user data may be used for service improvement.” Increasingly, this “service improvement” includes training AI models.

Here are some specific examples:

• Zoom revised its terms of service in August 2023 to include a clause allowing the use of call data for AI training (later amended in response to criticism).
• Google Workspace mentions the possibility of using user data for AI training in its terms for general services (though generally excluded for paid business plans, there are conditions).
• Tools popular among small businesses, such as Notion and Canva, also leave room for data utilization in their terms.

The problem is that the terms of service average between 4,000 and 8,000 words. They are often written in English. Does a company with ten employees have the capacity to scrutinize this? In most cases, the answer is no.

In other words, without knowing it, your customer list, estimated amounts, and internal communications may be part of some AI’s training data. This is the reality.

—

Considering Costs — What Happens to Small Businesses If a Data Breach Occurs?

The feeling of “Well, we should be fine at our scale” is dangerous.

According to IBM’s “Cost of a Data Breach Report 2024,” the average cost of a data breach is $4.88 million (approximately 730 million yen). Even when limited to companies with fewer than 500 employees, the average is $3.28 million (approximately 490 million yen).

Of course, this refers to large-scale breach incidents. However, data incorporated into AI models via SaaS can surface in ways that differ from traditional “leaks.” How will you respond when a customer says, “For some reason, the AI knows your estimated amount?”

For small businesses, damage to reputation directly impacts sales. While large companies may manage to get through with an apology press conference, a small business in a rural area could lose transactions over a rumor that “that company has poor information management.”

—

So, What Should You Do? — Three Things Small Businesses Should Do Today

Vague suggestions like “let’s strengthen data governance” are meaningless. Here are three specific actions you can take starting today.

1. Check the ‘AI Training Opt-Out’ Settings of Your SaaS (Time Required: 30 Minutes)

Many SaaS platforms have an “opt-out” setting that prevents your data from being used for AI training. However, it is often set to “opt-in” (allowing use) by default. Check the settings in the management interface and opt out of everything that you can.

Key services to check:

• CRM (Customer Management Tools)
• Chat Tools (Slack, Teams, etc.)
• Cloud Storage (Google Drive, Dropbox, etc.)
• Accounting and Billing Software

2. Read Only the ‘Data Usage’ Section of the Terms of Service (Time Required: 1 Hour)

You don’t need to read the entire document. Search for “Data Usage,” “Training,” “Machine Learning,” and “Artificial Intelligence” to find the relevant sections. You can paste the URL of the terms of service into ChatGPT and ask, “Does this service potentially use customer data for AI training?” to get the gist in ten seconds.

This is a practical example of using AI to manage AI risks.

3. Separate the ‘Storage’ of Confidential Information (Time Required: Half a Day)

Consolidate data that would be problematic if exposed, such as customer personal information, transaction terms, and estimated amounts, into services that are clearly not used for AI training. Instead of placing all data in the same location, separate “data that can leak” from “data that must never leak.”

This is not about high-level security investments. It’s about operational decisions regarding which folder to place an Excel file in. The cost is zero. What is needed is judgment.

—

The Structural Change Indicated by Meta’s Actions — The ‘Value of Data’ Has Changed

Finally, I want to take a step back and consider a broader perspective.

The reason Meta uses employee data for AI training is simple. The performance of AI models is determined by the quality and quantity of training data. And the cost of acquiring high-quality data is skyrocketing.

Reports indicate that OpenAI is paying $60 million (approximately 9 billion yen) annually for a data licensing agreement with Reddit. Google uses data from the web for training and is facing lawsuits in various countries. Because buying data from external sources has become expensive, the strategy is to exhaust internal data first—this is the structure behind Meta’s decision.

This trend will not stop. In other words, for SaaS companies, customer data is transforming from “something stored” to “an asset that can be utilized.” The true business model of the cloud service you are using for a few thousand yen a month may not be the subscription fee, but rather your data.

—

Summary — Ignorance Is the Biggest Risk

Meta’s tracking of employee data may seem like a big company issue, but it poses a question for all companies.

“Whose AI is your company’s data making smarter?”

If you cannot answer this question, I encourage you to start by opening the settings screen of the SaaS you are using today. It can be done in 30 minutes. The cost is zero.

Technological evolution cannot be stopped. However, how you handle your data is something you can decide for yourself. Small businesses can make decisions quickly. While large companies are going through approval processes, you can change settings today. That is the strength of small businesses.