Facebook is launching a Data Abuse Bounty to reward people who report any misuse of data by app developers. Facebook will pay from $500 to upward of $40,000 for substantiated cases
The Social Media committed to launching this program a few weeks ago as part of its efforts to more quickly uncover potential abuse of people’s information. The Data Abuse Bounty, was inspired by the existing bug bounty program that the company uses to uncover and address security issues, will helping identify violations of its policies.
“This program will reward people with first-hand knowledge and proof of cases where a Facebook platform app collects and transfers people’s data to another party to be sold, stolen or used for scams or political influence,” read a blogpost.
Just like the bug bounty program, Facebook will reward based on the impact of each report. While there is no maximum, high impact bug reports have garnered as much as $40,000 for people who bring them to the company’s attention.
The company will also review all legitimate reports and respond as quickly as possible when we identify a credible threat to people’s information. Some of the steps taken by Facebook will include shutting down the offending app and take legal action against the company selling or buying the data, if necessary. Facebook will then pay the person who reported the issue, and alert those they believe to be affected.
To be eligible, the case must involve at least 10,000 Facebook users, show how data was abused (not just collected) and Facebook must not have been aware of that specific issue before.
Companies that scrape data, anyone who uses malware to get people to install apps, social engineering projects and non-Facebook cases on its other platforms like Instagram are not eligible. It is open to expanding the program down the road.
The move by Facebook comes a month after the social media was largely involved in the Cambridge Analytica data leak scandal.
The data analytics firm could use unauthorized data from a psychology quiz intended for academic purposes only to target potential voters during the 2016 U.S. presidential election. Cambridge Analytica and the creator of the app, Aleksandr Kogan, have denied the accusations.
The data abuse bounty program is based off its current bug bounty program, which pays people who find security flaws on its platforms. Faecbook pays out over $1 million on average a year in bug bounties, executives said.
Meanwhile, Facebook CEO, Mark Zuckerberg for the last two days testified in front of the US Senate addressing the recent Cambridge Analytica scandal as well as how Facebook needed to take a broader view of our responsibility.
Zuckerberg was the sole witness testifying at a joint hearing held by the Senate Committee on the Judiciary and the Senate Committee on Commerce, Science, and Transportation. The hearing is called “Facebook, Social Media Privacy, and the Use and Abuse of Data.”
Zuckerberg told legislators that in retrospect, he realized it was wrong not to have alerted users about Cambridge Analytica’s behavior in 2015, when the company found out about the abuses. He also said that the company wasn’t planning to offer any sort of paid tier of service that would let users choose not to have their data collected by third-parties.
The Senators, however, warned that they might consider regulatory action if Facebook doesn’t get its act together on privacy.