Facebook to extend bug bounty to cover data leakage, sever ties to data brokers

The Social Network™ all-but-admits its previous legalese for developers was useless

12 Reg comments Got Tips?

Facebook has outlined a set of changes to its platform that impact developers and data brokers.

The changes appear to be reactions to the company’s recent and well-publicised troubles stemming from unauthorised use of some data for contentious political purposes.

Data brokers will suffer for Facebook's sins by being excluded from the platform.

Facebook has a program called "Partner Categories" that it tells advertisers will let them "further refine your targeting based on information compiled by ... partners, such as offline demographic and behavioural information like homeownership or purchase history."

The partners Facebook uses are Acxiom, CCC Marketing, Epsilon, Experian, Oracle Data Cloud and Quantium.

Graham Mudd, a Facebook product marketing director, said that using such providers to refine ad targeting "is common industry practice" but that Facebook feels "this step, winding down over the next six months, will help improve people’s privacy on Facebook.”

On its own platform, Facebook has promised new fine print for business-to-business applications, complete with “rigorous policies and terms”. Which kind of admits some of Facebook’s past fine print was floppy. Perhaps floppy enough to let data flow to Cambridge Analytica and beyond?

Also notable is a change that means apps that provides access to lists of a user’s friends will now be reviewed by Facebook.

Facebook Wow Sad Angry

Facebook's inflection point: Now everyone knows this greedy mass surveillance operation for what it is


Another change will mean that “If we find developers that misused personally identifiable information, we will ban them from our platform.” Once that’s done, Facebook “will notify everyone who used it.”

The company’s also promised to make app management features “more prominent and easier to manage” so that punters can see what they’ve connected to, how it uses their data, and sever links if they want to.

Facebook’s also eating its own dogfood by tapping communities to help out, in this case by expanding its bug bounty program “so that people can also report to us if they find misuses of data by app developers.” The details of the expanded program are, like most of the above, coming real soon now.

“We know these changes are not easy,” wrote Facebook’s director of product partnerships Ime Archibong, “but we believe these updates will help mitigate any breach of trust with the broader developer ecosystem.”

The Social Network™ has paused review of new apps while it makes these changes.

Facebook's often promised to make its permissions more usable and to ensure data only flows in directions its users understand, but its Settings menus remain confusingly extensive and use opaque language. Perhaps this new round of changes will address that problem. Convincing developers to play nice is another matter entirely. Facebook is a honeypot of data and the unscrupulous will always try to bend its rules. ®


Biting the hand that feeds IT © 1998–2020