Facebook Promises a Large Bounty for Finding Data Leaks

Posted on

A bounty as large as $40,000 is being offered by Facebook to people who find the next big data leak. Recently, the tech giant declared a bounty program which would offer payouts starting from $500 and going up to $40,000 for finding data abuse cases on the social media platform.

Facebook planning to hire more people in its bug bounty team

This is the first time that the social networking site has come out with its own data abuse program. While talking to CNBC, Alex Stamos, the chief security officer of Facebook, said that this abuse program will help the company find cases of data abuse that are not tied to security vulnerability. He further said that it will cover both the discovery of more cases like Cambridge Analytica and the actions needed to stop them.

The bug and data abuse bounty team will take care of the cases that are submitted with supporting evidence and will investigate the matter to decide what action to take. As per report, the company could sue the data leakers and shut down the apps they are using to leak data. There are ten people on the data abuse bounty team as of now, but this number could increase in the future as Facebook is planning to hire more members for its team.

In a blog post, Facebook’s Head of Product Security, Collin Greene, said that Facebook committed to releasing the program a few weeks ago as part of its efforts to reveal potential abuse of users’ data. The social media giant, which is currently entangled in the Cambridge Analytica scandal, would review reports submitted by the public and would try to respond as soon as possible. If the tech giant identifies any credible threat, it will reward the person and take legal action against the company that is buying or selling the data.

How to qualify for the reward

To qualify for the reward, the case should involve more than 10 thousand Facebook users and the social media giant should not have any prior information related to that particular abuse. Further, the report must show not only how the data was collected, but also how it was abused.

According to executives of the company, Facebook is already paying out over $1 million per year on average in bug bounties.  This new initiative might be subject to criticism that it is not really such a new idea, and even if it is an improvement on its previous practices, it is something it could easily have done months ago, yet didn’t.




Continue reading