Facebook Bug Bounty Program: A Desperate Attempt To Win Back Users’ Trust?

Must Read

Google Will No Longer Track Users Across Multiple Sites: Pledges To Adopt Pro-Privacy Ad Buying Tools!

Google’s advertising business is all set to undergo some major privacy-pro changes. In what can only be called a...

Ambani To Lock Horns With Musk Over Future Transportation Tech!

RIL Chairman and Asia’s richest man Mukesh Ambani has decided to lock horns with SpaceX and Tesla founder Elon...

Amazon Had No Evil Intent As Painted By Kishore Biyani, Documents Reveal!

The ongoing spat between Amazon and Future Retail seems to become ugly with each court hearing, and Amazon is...

Companies and business are observed confiding to users perceptions before taking a decision on an important issue or planning on their next move. The end user of a product or service is most likely to know both the good and bad implications of it. But a few years back brands started hiring professionals in a bid to identify loopholes in the solution/apps that may prove fatal for companies as well as their customers or users. Despite all checks and balances, it’s always difficult to tag a solution/platform with ‘an absolute secure’. The always evolving need of a business keep offerings vulnerable to a certain extent.

Facebook Inc. (NASDAQ:FB) has been known to police itself since its inception, but in the wake of ongoing data breach scandal, the social media giant has decided to cut user some slack. Facebook launched a program yesterday that is called Data Abuse bounty. The purpose is pretty obvious; it will reward the users who report any data breach or misuse of data by app developers.

Facebook Bug Bounty Program Targets Malicious Apps

If someone has an evidence or first-hand knowledge about any app that is violating Facebook’s terms of services by collecting and transferring users’ data to another party to be sold, stolen, or used for political influence or scams, they can notify Facebook through this program. If the data abuse report is confirmed, Facebook will “shut down the offending app and take legal action against the company selling or buying the data, if necessary“. Facebook has not said anything about a maximum reward for a successful trip, but this program is inspired by the existing bug bounty program, and people who brought “high impact bud reports” to attention have been rewarded with up to $40,000. Facebook says it will review all the legitimate reports and respond the users about the credible threat to their data as quickly as possible. The payout will be based on the impact of each report and also the people Facebook believes to be affected will be alerted subsequently.


This move resonates with Facebook’s previous steps like disabling the search tool so that ‘malicious actors’ don’t misuse people’s data. Also recently, Facebook announced that it is coming up with an unsend feature in messenger after Zuckerberg’s messages were secretly retracted from users’ inboxes; one can’t be fairly certain how this will better the scenario, for both users and Facebook. Considering the recent backlash, the social network turning to its users and incentivizing them seems only logical at this point. Obviously, this won’t suffice the users whose data was compromised in Cambridge Analytica files; what price can one put on his personal data, right? But, this step is likely to obstruct any data abuse through suspicious apps in future.

Despite Facebook’s indiscretions and current ambivalence of users, the social network has managed to roll out reasonable changes in its privacy terms and data use policy. It has restricted apps for accessing information by limiting Facebook login data, besides making changes in policies regarding political ads. A new initiative has been announced to assess the role of Facebook in elections.

Companies making use of bounty programs is not new. Software security researchers are increasingly engaging with bounty programs to hunt down vulnerabilities. Bugcrowd and HackerOne, both launched in 2012, have become popular in the growing bug bounty market. They have a bug-hunting community of white hat hackers.

SecurityTrail, a Security and Intelligence firm, has a data bounty program for finding particularly interesting cases in their 30TB data set. Furthermore, the search engine giant Google paid a hefty $2.9 million in bug bounties in 2017. Some other reputed companies who announced bounty programs in 2018 are:

  • Intel – offering a maximum payout of $30,000 for detecting critical bugs in their hardware, software or firmware
  • Cisco – offering a bounty for some serious vulnerability;
  • Apple – launched its bug bounty program to breach Apple’s Secure Enclave Technology. The Cupertino giant had launched its first ever bug bounty program in September 2016, offered up to $200,000 for successfully finding vulnerabilities in its products.


Please enter your comment!
Please enter your name here

Latest News

Do You Know How to Recognize Phishing, Quickly?

Phishing is one of the most common cybersecurity threats today. Cybercriminals use emails or text messages to send links...

In-Depth: Dprime

Will ‘TikTok By Microsoft’ Be A Winner?

For the last two years, TikTok has been in the public eye for all sorts of reasons. First, it was the exploded and unparalleled...

Facebook Subscription Model: Looking Beyond Ad Dollars?

Seldom do job listings create a stir this gripping. However, when the job listing in question is a stealth post from Twitter, with a...

Will The Online Food Delivery Market in India End Up Becoming A Two-Horse Race?

It's pretty much evident that the food delivery space in India is all set to get riled up soon enough as one of the...

More Articles Like This