Facebook just announced launching a Data Abuse Bounty program where people will be rewarded for reporting misuse of data by application developers.
Facebook’s Data Abuse Bounty – the Details
The Data Abuse Bounty is inspired by the already existing bug bounty program that Facebook uses to uncover and address security issues, and should will help in the disclosure of violations of the platform’s policies.
This action is definitely “inspired” by the Cambridge-Analytica scandal and the following CubeYou events where quiz apps were used to harvest users’ information.
The freshly released Data Abuse Bounty program should encourage users to locate and report any violation of its policies in regards of data misuse. A sum of money will be given to anyone who successfully reports such abuse in the form of unlawful data collection.
“This program is complementary to our existing bug bounty program in that it ‘follows the data’ even if the root cause isn’t a security flaw in Facebook’s code,” Facebook said, adding that bad actors can maliciously collect and abuse Facebook user data even when no security vulnerabilities exist.
The sum of money given to users will depend on the report. For high-impact reports the social network would pay up to $40,000 but this sum can be even bigger if the reported issue is of huge relevance.
In case Facebook finds that the reported app is indeed misusing users’ data, it will be shut down immediately and legal actions may be taken against the company selling or buying the data.
Facebook’s Data Abuse Bounty is unique for the industry as it is not focusing on security-related issues but on privacy ones.
To be eligible for the program, the report must involve at least 10,000 Facebook users. It should also provide information both on the ways the data was collected and abused. In addition, the report should be unique to Facebook.