Facebook Expands Bug Bounty Amid Spiraling Privacy Scandal
Amid a data privacy scandal that has blown up worldwide, Facebook has decided to make a few changes to “review developers' actions for evidence of misuse, implement additional measures to protect data, and give people more control of their information.”
For one, the social network is expanding its bug bounty program to reward people for reporting misuses of data by app developers. Details are as yet scant, but the change seems apropos given the revelations that Cambridge Analytica was able to scrape private user data on 50 million Americans using an internecine path around convoluted terms of service, Facebook login loopholes and an obsolete API that the platform made available up until 2014.
Facebook has also paused app review while it reviews its current situation and policies – again, likely a wise move given that the US's Federal Trade Commission has opened up a closed-door inquiry into the company’s privacy practices.
Other efforts to reduce the potential of future scandals include an in-depth investigation of all apps that had access to large amounts of information before Facebook changed its platform in 2014 to reduce data access and full audits of any apps with suspicious activity. The company will also inform users if an app is removed for data misuse of personally identifiable information and will ban the developer.
Additionally, Facebook said that developers that build applications for other businesses, that is, the Cambridge Analyticas of the world, “will need to comply with rigorous policies and terms,” which it promised to publish in the coming weeks.
“We know these changes are not easy, but we believe these updates will help mitigate any breach of trust with the broader developer ecosystem,” said Ime Archibong, vice president of platform partnerships at Facebook, in a blog.
Source: Information Security Magazine