Google today announced the launch of Developer Data Protection Reward Program. It is a bounty program that will help Google to identify and mitigate data abuse issues in Android apps, OAuth projects, and Chrome extensions. You can get rewarded if you provide an evidence of data abuse. You can get reward up to $50,000.
Through this program, Google is trying to avoid the cases where user data is being used or sold unexpectedly, or used in an illegitimate way without user consent.
Examples of violations include:
- An app providing travel services, using or transferring user data unrelated to travel.
- An app transferring user data to affiliates to help develop new products.
- An app using or sharing user data for the purpose of targeting that user with advertisements.
- An app developer allowing employees to read user data without the user’s permission .
- An extension that has no interactive UI elements exposed to the user, but collects web browsing activity in the background for another purpose, including providing rewards to the user
- Any extension that publicly discloses authentication, payment, or financial information (for example, sending this data over HTTP)
- An extension whose sole marketed purpose is to add themes to popular social media sites, but also anonymously scrapes the number of friends a user has, for sale or research purposes, and does not have a prominent disclosure to its users
- Using contact data without user permission for another service unrelated to the original app (e.g. requesting contact information, then reusing it for a separate business or application unrelated to the original app).
Learn more about this program here.