Facebook launches data Abuse Bounty Program that rewards researchers who report the abuse of data by app developers. The reward’s based on just like any other bug Bounty Program. For researchers who notifies high severity bug’s, they offer rewards up to $40,000 as a maximum payout.
This new Data Abuse Bounty Program as a part of our efforts to more quickly uncover potential abuse of people’s information,” said Collin Greene, Head of Product Security.
The move come’s after Overall 87 Million affected Facebook Users has been identified and most of them in the US but at least 1 million Facebook Users in the UK and More than 1 Million Facebook Users affected in Indonesia, the Philippines alone.
Facebook said the main goal of this program is to protect users by fixing security vulnerabilities and to restrict the user data collected by app developers.
“Bad actors can maliciously collect and abuse Facebook user data even when no security vulnerabilities exist. This program is intended to protect against that abuse.”
Mozilla launched a new Firefox add-on Facebook container that opens Facebook in an isolated blue screen container that cut’s of the tracking the data.
Mark Zuckerberg says lawmakers that we didn’t do enough to prevent these tools from being used for harm. It was my mistake, and I’m sorry.
The minimum reward starting from $500 and the maximum reward is $40,000 and it will be determined based on a variety of factors, including (but not limited to) impact, data exposure, number of affected users and other factors.
To report a potential data Abuse Bounty facebook set’s minimum criteria “10,000 or more Facebook users affected is our initial minimum for rewarding issues”.
Zuckerberg said to House committee that We’re in the process of investigating every app that had access to a large amount of information before we locked down our platform in 2014. If we detect suspicious activity we’ll ban them and tell everyone affected.