Mark Zuckerberg has a new talking point as he faces a grilling before Congress: Facebook announced a new program to pay people who report “any misuse of data by app developers.”
Facebook didn’t explicitly say how much it will fork out, saying the compensation will be based on “the impact of each report,” similar to its existing bug-bounty program. While there’s no maximum Facebook is willing to pay, some bug reports have resulted in payments of as much as $40,000, Collin Greene, Facebook’s head of product security, wrote in a blog post Tuesday outlining the program.
“Cases that prove to be true can get a reward starting at $500 minimum,” Facebook explains in an FAQ on the new program. “We determine bounty amounts based on a variety of factors, including (but not limited to) impact, data exposure, number of affected users and other factors.”
The data-abuse bounty program is Facebook’s latest response to the debacle surrounding the misappropriation by political consulting firm Cambridge Analytica of the social platform’s user data. Info on up to 87 million Facebook users, most of them in the U.S., was sold to Cambridge Analytica without the users’ consent or knowledge, according to Facebook. U.K.-based Cambridge Analytica has claimed it obtained records on only 30 million Facebook users through a researcher and has repeatedly denied reports that it used that info as part of its work for Donald Trump’s 2016 campaign.
Facebook’s mishandling of the Cambridge Analytica situation has put it in the political hot seat — and ultimately could lead to new regulations governing data privacy. Facebook also faces a potentially massive fine if the FTC concludes that the company violated a 2011 consent decree requiring explicit user consent to share data.
CEO and co-founder Mark Zuckerberg is scheduled to appear before a Senate committee Tuesday, in a hearing that starts at 2:15 p.m. ET. He’s also on deck for a similar appearance before a House committee on Wednesday at 10 a.m. ET.
The Facebook Data Abuse Bounty program will “reward people with first-hand knowledge and proof of cases where a Facebook platform app collects and transfers people’s data to another party to be sold, stolen or used for scams or political influence,” Greene wrote.
Facebook said that if it confirms data abuse, it will promptly disable the offending app “and take legal action against the company selling or buying the data, if necessary,” Greene added. More info is available at facebook.com/data-abuse.