Meta, which is Facebook's new name, has expanded its bug bounty program to reward programmers for finding vulnerabilities and bugs in extracted data.
Data collection is how Meta bulk collects personal information from user profiles, such as profile pictures, email addresses, and phone numbers, through automated tools.
see more
Alert: THIS poisonous plant landed a young man in the hospital
Google develops AI tool to help journalists in…
Researchers who can find bugs in data already collected, as well as report bugs that may trigger scraping activity, will earn rewards in the bug bounty program.
“We are looking to find vulnerabilities that would allow attackers to bypass scraping limitations to access data in [a] larger scale than we initially intended," said Security Engineering Manager Dan Gurfinkle, quoted in a report by the Engadget.
Meta said it is the first company to launch a bug bounty program for data collection.
With data harvesting, companies like Meta extract personal information from various websites. And while much of this information is voluntarily provided by users to the website they are using, the collection of data enables wider dissemination of information, including sharing information in databases searchable.
And since data collection is an industry-wide activity, where Users' personal information is shared with different parties, Meta cannot really avoid it.
It's actually one of the frontier companies. But data collection is a business strategy that is done in accordance with legal norms. Any data leakage in this process leads to unsolicited data exchange, and this could be a result of a bug or vulnerability. Meta wants researchers to discover this bug and reward them for it.
In Meta's words, researchers will be rewarded for finding "unprotected or openly public databases containing at least 100,000 user records unique Facebook pages with PII [Personally Identifiable Information] or sensitive data (e.g. email, phone number, physical address, religious affiliation or policy)."
But payments for this program will be a little different. Meta said that instead of giving the prize money to the programmer, he would donate the money to a charity. that the winning programmer would choose, just so the company can avoid incentivizing the publication of fragmented data.
But for bug reports that could lead to data mining incidents, researchers will have the option of either receiving a direct payment or making a donation. Meta said that each bug or dataset can earn a bounty of at least $500.