Following the Cambridge Analytica fiasco, Facebook has launched a “Data Abuse Bounty” programme to catch data misuses by app developers. The programme will reward people who report any misuse of data by app developers. The new Data abuse bounty programme takes its basics from the ongoing bug bounty programme. The bug bounty programme is used by the company to address security issues that violate Facebook’s policies.
In a blog post, Collin Greene, Facebook’s Head of product security said: “We are committed to launching this programme a few weeks ago as part of our efforts to more quickly uncover potential abuse of people’s information”. The programme will be rewarding people who report a Facebook platform app that collects and misuses user data. The person would only be rewarded if he has first-hand knowledge of the case along with the proof stating the misuse of data.
Greene even said “Just like the bug bounty programme, we will reward based on the impact of each report. While there is no maximum high impact, bug reports have garnered as much as $40,000 for people who bring them to our attention“. The company would be individually reviewing all the reports which seem to be legitimate as soon as possible. If the company confirms the data abuse, suitable actions will be taken against the app.
Another executive from the company added “If we confirm data abuse, we will shut down the offending app and take legal action against the company selling or buying the data, if necessary. We’ll pay the person who reported the issue and we’ll also alert those we believe to be affected“.
According to Facebook, Eligibility standards for rewards are as follows:
- The case must involve more than 10,000 Facebook users.
- Evidence confirming definitive abuse of data. Not just collection.
- A case that Facebook is not already aware of or actively investigating