As Facebook continues to do damage control and fix its policies regarding how third-party developers are able to access user data, a new bounty program has been announced. The Data Abuse Bounty will reward anyone that is able to report misuse of information by app developers.
The new reward program is in addition to the standard bug bounty program that offers compensation for responsible disclosure of security issues. Similar to the original bug bounty program, reports will be evaluated and then rewarded based on the severity of the infractions found.
Facebook states that there is no maximum limit on payouts, although "high impact bug reports" are said to be worth around $40,000. Once an app is confirmed to be violating policies in place, Facebook will remove the app from its platform. Depending on the severity, legal action will be taken against those buying or selling any data collected using deceptive practices. Warnings will then be sent out to users that may have had data collected and shared.
Detecting and proving misuse of data is going to be a major challenge for a platform as large as Facebook but protection of the client base is essential for long-term success. This move is yet another action being taken within the past few weeks to ensure that third-parties are no longer able to obtain mass quantities of personal information without explicit consent from users.
The Data Abuse Bounty is yet another strategy to show that Facebook is actually trying to ensure that abuse of customer data does not happen again instead of just plastering apology statements all over its website. Congressional hearings held by joint Senate committees this afternoon and Wednesday are likely to note many of the changes being made to offer greater protection to consumers.