Facebook's new 'Data Abuse Bounty Program' to reward users for reporting apps that misuse data

Facebook's Data Abuse Bounty is inspired by the existing bug bounty programme that the company uses to uncover and address security issues and it would help Facebook identify violations of its policies.

Published Date
11 - Apr - 2018
| Last Updated
11 - Apr - 2018
 
Facebook's new 'Data Abuse Bounty Program' to reward users for re...

Facebook has launched a "Data Abuse Bounty" programme to reward people who report any misuse of data by app developers. The Data Abuse Bounty is inspired by the existing bug bounty programme that the company uses to uncover and address security issues and it would help Facebook identify violations of its policies.

"We committed to launching this programme a few weeks ago as part of our efforts to more quickly uncover potential abuse of people's information," Collin Greene, Head of Product Security, wrote in a blog post, late on Tuesday. This programme would reward people with first-hand knowledge and proof of cases where a Facebook platform app collects and transfers people's data to another party to be sold, stolen or used for scams or political influence.

"Just like the bug bounty programme, we will reward based on the impact of each report. While there is no maximum high impact, bug reports have garnered as much as $40,000 for people who bring them to our attention," Greene said.

Facebook would review all legitimate reports and respond as quickly as possible when the company identifies a credible threat to people's information. "If we confirm data abuse, we will shut down the offending app and take legal action against the company selling or buying the data, if necessary. We'll pay the person who reported the issue and we'll also alert those we believe to be affected," the executive added.

However, Facebook's Data Abuse Bounty program has some preconditions before someone can claim a reward for reporting data abuse. You can read those terms below.

Scope To be eligible for a reward the situation must involve 

  • More than 10,000 Facebook users.
  • Definitive abuse of data. Not just collection.
  • A case we were not already aware of or actively investigating. 

 Explicitly out of scope scenarios:

  • Scraping.
  • Malware or mass-scale tricking of users to install apps.
  • Scenarios where social engineering is a major component.
  • Non-Facebook cases (ex: Instagram).

 Facebook is currently embroiled in a widening scandal that a British political consultancy firm Cambridge Analytica had improperly gathered detailed Facebook information on 87 million users, up from a previous estimate of more than 50 million.

IANSIANS

Indo-Asian News Service