©2024 Meta.
To be eligible for a bounty, you can report a third-party app operator misusing user data. This program is not limited to Bug Bounty researchers, and we welcome all reports of data abuse.
Note that the situation must involve definitive abuse of user data, not just collection. It must also involve more than 10,000 users and be a case we were not already aware of or actively investigating. Please provide the appID for applicable third-party app when submitting a report.
Below are some specific examples of in-scope and out-of-scope issues to help guide your research.