Facebook Announces Bounty Program, Will Pay Upto 40,000 Dollars For Reporting Data Abuse

SHAHNAWAZ | 0
4738
| April 11 , 2018 , 13:35 IST

As Facebook CEO Mark Zuckerberg testified before the US Congress, Facebook on Tuesday announced a Data Abuse Bounty Program that gives people money for reporting ‘bad actors’.

Talking about the initiative, Facebook COO Sheryl Sandberg wrote, “We’re looking for cases where people or groups have collected data using an app connected to Facebook and then sold or transferred that data to another company where it can potentially be abused.” 

The company is looking for cases where data is collected legitimately using an app on Facebook but was sent or sold to a third party without consent from Facebook.

According to Facebook, users will be incentivized to report apps that they believe are collecting user data and passing it to malicious parties for exploitation. The company says it will terminate the application, initiate a forensic audit and even take legal actions among other steps if the reported app violates its policies.

However, in order to get a reward for the reported app, the situation must involve at least 10,000 users and a definite case of data abuse must be ascertained (not just data collection). It should also be a unique case, which Facebook may not already be investigating or be aware of. A user will also have to adhere to the company's 'responsible disclosure policy' to be eligible for the bounty.

A user will earn a minimum of 500 dollars if the reported case is investigated and found to be true. The bounty will go up if the impact and the number of affected users goes up and people can expect to earn a maximum of 40,000 dollars which Facebook has paid in the past for its security bug bounty program.