Know of an app that's abusing Facebook user data? It could be worth $40,000

Elizabeth Weise | USA TODAY

Show Caption Hide Caption Why you may need to change your Facebook password There's more data to protect than just your Facebook profile.

SAN FRANCISCO — Facebook could pay you as much as $40,000 to help it track down the misuse of data gathered by app developers.

The program, which launched Tuesday, aims to encourage the platform's users to help it find and stamp out third parties or companies that buy or collect data about Facebook users through means barred by the site's terms of service.

"The scenario we expect is one company that built an app to collect information that then passes that information to another company to be abused," is how Facebook put it in a page describing the new program.

The program comes as Facebook is dealing with massive fallout from revelations that political ad targeting firm Cambridge Analytica acquired user data from an estimated 87 million people whose profiles were scraped and improperly shared from a psychology app developer. The latest in the three-week-old scandal comes this week as Facebook CEO Mark Zuckerberg testifies before Congress.

More: Zuckerberg faces senators to explain Facebook data breaches, Russia election meddling

More: Facebook's FTC probe rocked the stock. But will anything rein in Facebook?

More: Read Facebook CEO Mark Zuckerberg's planned testimony before Congress

As encouragement for data abuse reports, Facebook is offering a minimum of $500 and potentially as much as $40,000 depending on the severity of the impact and how many people are affected. To receive the reward, at least 10,000 Facebook users must have been affected by the abuse.

The program is innovative. It doesn't appear as of any other social media platforms have used crowd sourcing to help them police how users data is collected and used.

Similar bounty programs that look for software bugs have long been used by companies to crowd source the search for glitches that can lead to security problems. Most major tech companies have some sort of bug bounty program that pays searchers, sometimes shelling out hundreds of thousands of dollars for especially dangerous or far-reaching bugs.

Facebook is specifically asking for examples where data that was legitimately collected from users on a platform app that the user had downloaded was then sold, stolen or transferred to another company without authorization from Facebook. Doing so is a violation of the company's platform data use agreement.

The reports have to be based on first-hand knowledge and can't be based on speculation. But it also can't be obtained illegally or without proper authorization. Only the first person who reports the information to Facebook will receive the bounty.