Facebook expands data abuse bug bounty programme to Instagram

Instagram users can now report app developers they believe are misusing their data as part of an expansion to the social network’s security tools.

The data abuse bounty programme is used to identify violations of policy around data use and rewards those who find and report abuses, the firm said.

Parent company Facebook first introduced the data abuse prevention scheme last year and said it was expanding it to Instagram to help protect the information people post on the photo and video-sharing platform.

The social networking giant also announced that it had invited a select group of security researchers to test a new Instagram feature before it is more widely rolled out.

Checkout enables people to purchase products directly through the platform without leaving the app but is currently only available in the US.

Instagram said the security researchers would test the feature and receive bounty awards for any eligible reports which identify an issue.

Instagram’s head of engineering, Nam Nguyen, said: “Putting people first is one of Instagram’s most important values, and keeping our service secure is an essential part of the work we do to serve our community.

“Expanding and building on the Facebook bug bounty programme is a key development in our ongoing security efforts, and we are grateful to the wider security community for all they do to help keep our platforms safe.”

Facebook said it had previously used a similar approach when it was preparing an update to the overall design of its platform.

The company said that programme had uncovered an issue which could have allowed someone to remove another person’s profile photo, but was fixed before the redesign was fully released.