After Facebook revealed that 87 million users may have had their data compromised as a result of the Cambridge Analytica scandal, it is now unveiling the next step in its plan to regain the trust of its members. Ahead of CEO Mark Zuckerberg’s congressional testimony today, Facebook introduced the Data Abuse Bounty Program.
The Data Abuse Bounty Program will reward users who report any app or service connected to Facebook that misuse data. “This program will reward people with first-hand knowledge and proof of cases where a Facebook platform app collects and transfers people’s data to another party to be sold, stolen or used for scams or political influence,” Facebook Head of Product Security Collin Greene wrote in a blog post on the company’s news portal.
The company has not set a maximum reward amount, but high impact discoveries can earn as much as $40,000. Although the program’s nature is similar to bug bounty programs that are widely seen across the tech industry, Facebook notes that the Data Abuse Bounty program is the first of its kind.
“If we confirm data abuse, we will shut down the offending app and take legal action against the company selling or buying the data, if necessary,” Greene added. “We’ll pay the person who reported the issue, and we’ll also alert those we believe to be affected.”
After news of the Cambridge Analytica scandal broke, Facebook’s publicly traded stocks spiraled, with some high profile tech celebrities, including Apple’s former co-founder Steve Wozniak, asking users to quit the social network. Facebook had to implement a number of changes to assure members that it values privacy, including making privacy tools easier to access, restricting third-party apps from accessing Facebook data, labeling political ads on its site, and conducting an investigation on how the social network was used in influencing elections.
“It’s clear now that we didn’t do enough to prevent these tools from being used for harm as well,” Zuckerberg wrote in a prepared statement ahead of his testimony in front of Congress. “That goes for fake news, foreign interference in elections and hate speech, as well as developers and data privacy.”
In his statement, Zuckerberg also apologized for Facebook’s failure to be a steward of consumer data: “It was my mistake, and I’m sorry. I started Facebook, I run it, and I’m responsible for what happens here.”
U.S. legislatures will want to know why the company took so long to reveal the data breach, and Zuckerberg will likely have to answer tough questions on the actions that Facebook is taking to ensure that this doesn’t happen again. In addition to the data breach, Facebook may have played an unwitting role in 2016 with Russia’s meddling in the U.S. election. The company revealed that 126 million users may have been exposed to Russian-backed accounts, and lawmakers may want to know how Facebook will prevent this in the future.
To find out if you were affected by the Cambridge Analytica data breach, be sure to read our guide.