- How to stream Liverpool vs. Chelsea Friday 6:45 PM
- How to stream Real Madrid vs. Sevilla Friday 6:35 PM
- How to stream Peter ‘Kid Chocolate’ Quillin vs. Alfredo Angulo Friday 5:16 PM
- How to stream Barcelona vs. Granada Friday 4:50 PM
- ‘Atlantics’ tells a ghost story steeped with emotion and realism Friday 4:16 PM
- ‘Jojo Rabbit’ is a sweet, singular movie that loses its grip on satire Friday 3:40 PM
- Jordan Peterson is in rehab for Klonopin addiction Friday 3:34 PM
- The cat-worshipping turkey cult video, explained Friday 3:22 PM
- Despite legal threats and drama, the Area 51 desert event is on Friday 3:05 PM
- How to stream Yair Rodriguez vs. Jeremy Stephens on UFC Fight Night Friday 3:00 PM
- Twitter just launched its ‘Hide Replies’ feature Friday 1:59 PM
- How to turn off image metadata before it snitches on you Friday 1:36 PM
- The ‘Breaking Bad’ movie is coming to theaters—for one weekend only Friday 1:04 PM
- Teens recorded, shared videos of mall fight that ended in fatal stabbing Friday 12:44 PM
- How to stream Giants vs. Buccaneers in Week 3 Friday 12:31 PM
In an effort to prevent Cambridge Analytica-type scandals from happening again, Facebook has launched a new initiative: a data abuse bounty. Internet sleuths who discover a company is abusing their access to Facebook data could net themselves a payday of up to $40,000.
Facebook outlined its data abuse bounty program in a new page on its website Tuesday, coincidentally the same day its CEO Mark Zuckerberg was testifying before Congress over how the social media network failed to protect the data of millions of users.
For a data abuse situation to count for a monetary reward, the issue must involve at least 10,000 Facebook users. It must also be a “definitive abuse of data”—not just data aggregation. The award only applies to cases that Facebook itself is unaware of and not yet actively investigating.
Facebook details that some scenarios are also not covered by the bounty, including data scraping, malware (or otherwise tricking users to install malicious apps), scenarios that rely heavily on social engineering, and non-Facebook cases that involve other properties such as WhatsApp or Instagram.
One more stipulation that’s common to bounty programs is that you give Facebook time to investigate the issue itself before revealing your findings publicly.
If the situation meets all these criteria (and then some), whistleblowers could get anywhere from $500 to $40,000.
Such bounty programs aren’t unusual. Google has a well-known bug bounty program for those that find bugs or malware in its apps and services, including third-party Google Play apps. In 2015, United Airlines began a bug bounty program to ensure its customer and company data was secure. And in 2016, Instagram paid a 10-year-old $10,000 for spotting a particularly nasty bug in its app that allowed users to delete the comments of others.
Facebook’s data abuse bounty program comes a little late for those affected by the Cambridge Analytica scandal—or perhaps just in time, if Congressional representatives ask about how Facebook plans to mitigate the threat of data abuse in the future.
Christina Bonnington is a tech reporter who specializes in consumer gadgets, apps, and the trends shaping the technology industry. Her work has also appeared in Gizmodo, Wired, Refinery29, Slate, Bicycling, and Outside Magazine. She is based in the San Francisco Bay Area and has a background in electrical engineering.