Connect with us

Technology

Meta Looks to Take More Action Against Data Scraping With Expansion of Its Bug Bounty Program

Published

on

Meta’s looking to expand its detection measures on potential misuse of user data by adding new rewards for data scraping elements into its Bug Bounty program.

Data scraping, which involves extracting user data from websites, has been a key element in various hacking and user data exposures, with Meta itself suffering some of its biggest PR headaches due to unapproved usage of user data insights.

As explained by Meta:

We know that automated activity designed to scrape people’s public and private data targets every website or service. We also know that it is a highly adversarial space where scrapers – be it malicious apps, websites or scripts – constantly adapt their tactics to evade detection in response to the defenses we build and improve. As part of our larger security strategy to make scraping harder and more costly for the attackers, today we are beginning to reward valid reports of scraping bugs in our platform.”

The new program will see app researchers offered rewards for alerting Meta to data scraping measures, ‘even if the data they target is public’.

Which is interesting, because right now, as it currently stands, scraping public data from websites is not technically illegal, or at the least, there is standing legal precedent for such that would allow third parties to extract public data without falling foul of the law.

LinkedIn has been in the courts for several years battling a company called hiQ, which had built a recruitment insights tool based on scraped LinkedIn profile data.

LinkedIn first sought to block hiQ’s access to its user data back in 2017, and since then, through various court cases, hiQ has been won several challenges which have allowed it to continue accessing public LinkedIn data, by arguing that this information is indeed public, and therefore freely accessible.

LinkedIn took the case to the Supreme Court, and earlier this year, it was given the opportunity to challenge the hiQ decision once again. The case is still ongoing, but it underlines the challenges in defining ownership, or user intent, in regards to publicly accessible data.

For its part, Meta has made user data less and less accessible over time, and even more so in the wake of the Cambridge Analytica scandal, but it is interesting that Meta notes here that even publicly accessible data scraping will be considered in its new bounty program.

“Specifically, we’re looking to find bugs that enable attackers to bypass scraping limitations to access data at greater scale than the product intended. Our goal is to quickly identify and counter scenarios that might make scraping less costly for malicious actors to execute.”

The real push here is on large-scale data scraping activity, and combating groups that seek to utilize user data for means that users have not explicitly agreed to. Because again, as with Cambridge Analytica, that can cause major PR issues for Meta, and bring more scrutiny over its practices.

Which is a good step, Meta should be doing all that it can to protect user data, and ensure that hackers are not stealing your info and selling it on the dark web. But at the same time, it will be interesting to see how Meta enforces such once it’s alerted to these programs via the Bug Bounty. 

Meta says that it will also now offer rewards for any discoveries of publicly available user data sets:

“We will reward reports of unprotected or openly public databases containing at least 100,000 unique Facebook user records with PII or sensitive data (e.g. email, phone number, physical address, religious or political affiliation). The reported dataset must be unique and not previously known or reported to Meta. We aim to learn from this effort so we can expand the scope to smaller datasets over time.”

Though in these situations, Meta will not offer direct cash rewards for researchers, instead providing donations to the charity of the discoverer’s choice.

Why? Because if Meta offered cash rewards for discoveries of large user data sets, that could also incentivize hackers to create those datasets in the first place, to then claim the money.

Meta will, however, issue monetary rewards for valid reports about scraping bugs, in line with other disclosures as part of its Bug Bounty program.

It could be a good way to help Meta protect user data, and with over 25,000 Bug Bounty reports in 2021, there’s clearly a lot of interest in taking part, which could significantly expand the company’s detection web for such misuse.

That could play a big role in stopping the next big Facebook data leak, and helping the company mend its reputation for such in the longer term.

Original Post: socialmediatoday.com

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Technology

InScribe and James Madison University Partner to Create New…

Published

on

Interactive Communities Deliver Support and Encouragement to the School’s Growing Adult Learner Population Working Towards Degree Completion and On-the-Job Advancement

(PRWeb January 11, 2022)

Read the full story at https://www.prweb.com/releases/inscribe_and_james_madison_university_partner_to_create_new_state_of_the_art_student_digital_communities/prweb18425733.htm

Original Article: prweb.com

Continue Reading

Technology

TikTok Is Working on a New, Opt-In Function to Show You Who Viewed Your Profile

Published

on

I’m not entirely sure what value this might bring, but TikTok is reportedly working on bringing back the option to see who viewed your profile in the app over the preceding 30 days, which would provide more transparency over user interest.

As you can see in these screenshots, uncovered by app researcher Kev Adriano (and shared by Matt Navarra), TikTok looks to be testing an opt-in functionality that would enable you to see who’s checking out your TikTok profile, while users would also be able to see when you’ve checked out their profile as well when this feature is switched on.

Which TikTok used to have, as a means to increase connections in the app.

As you can see here, TikTok used to provide a listing of people who’d checked out your profile, with a view to helping you find others to follow who may have similar, shared interests. TikTok removed the functionality early last year, amid various investigations into its data sharing processes, and with several high-profile cases of TikTok stalkers causing real-world problems for platform stars, it made sense that it might not want to share this information anymore, as it likely only increases anxiety for those who may have concerns.

But I guess, if stalkers wanted to check out your profile they wouldn’t turn the feature on, so maybe, by making it opt-in, that reduces that element? Maybe.

I don’t know, I don’t see a heap of value here, and while I can understand, when an app is starting out, how this sort of awareness might help to increase network connections, I’m not sure that it serves any real value for TikTok, other than providing insight into who’s poking around, and likely increasing concerns about certain people who keep coming back to check out your profile again and again.

Maybe there’s a value for aspiring influencers, in reaching out to potential collaborators who’ve checked out their stuff, or maybe it works for hook-ups, if that’s what you want to use TikTok for, which is why the opt-in element is important.

But much like the same feature on LinkedIn, mostly, it seems pretty useless. I mean, it’s somewhat interesting to know that somebody from a company that you’d like to work for checked out your profile, but if they did, and they didn’t feel compelled to get in touch, who really cares?

There is a limited value proposition here, in that getting in touch with those who did check out your profile could result in a business relationship, similar to the above note on potential collaborators on TikTok. But I’d be interested to see the actual percentage of successful contacts made is as a result of these insights.

I can’t imagine it’s very high – but maybe, if you give users the choice, and they explicitly opt-in, there is some value there.

Seems like stalker tracking to me, and potential angst and conflict as a result.

There’s no official word from TikTok as to whether this option will ever be released at this stage.

Source: socialmediatoday.com

Continue Reading

Technology

How to Expand Your Reach With Newsletter Advertising

Published

on

As marketers search for creative ways to reach new leads, newsletter advertising is becoming a staple in the industry. With effective targeting and high engagement rates, this up-and-coming medium is an effective choice for advertisers of all sizes and budgets.

While newsletter advertising has gained popularity among growing startups like AppSumo, it’s also a go-to for top brands like Lyft and Warby Parker. However, despite its high performance and adoption by leading marketers, its potential is largely untapped.

Because of the lack of education surrounding newsletter advertising, many marketers neglect email in favor of more mainstream, competitive platforms. However, with the right approach, investing in email advertising can help you reach more qualified audiences and get ahead of competitors.

What is newsletter advertising?

Newsletter advertising is the process of placing sponsored content in email newsletters to get in front of subscribers. Unlike other forms of digital marketing, newsletter ads are delivered straight to their audience’s inboxes. Because of this, they’ll often reach readers more directly, bypassing any ad blocking measures.

The Paved platform offers two main types of newsletter advertisements: sponsorships and programmatic ads.

Sponsorships

Newsletter sponsorships are coordinated via a partnership between the publisher and the advertiser. Because each sponsorship campaign is organized individually, they can be custom designed for the newsletter partner. Some publishers will even help tweak the sponsorship design and copy to fit their publication’s style and appeal to readers.

​Sponsored email in The Report newsletter from March 2021

Programmatic ads

Just like sponsorships, programmatic email ads are placed within the body of newsletters to directly reach engaged audiences. However, they’re more similar to social media ads due to their automation, scalability and precise targeting. Whereas sponsorships are coordinated on an individual basis, programmatic ads allow advertisers to run placements across multiple newsletters with a single campaign.

Programmatic ad for Hired in the eWebDesign newsletter

Why newsletter advertising beats other marketing channels

Not only is newsletter advertising a fresh and creative way to reach new audiences, but it also has its share of practical benefits. The advantages of newsletter advertising make it a worthwhile investment for brands in both the short and long-term.

Reach new audiences

The first step in converting new customers is figuring out where to find potential leads. Unfortunately, the rise of VPNs and privacy companies have made it increasingly difficult to connect with audiences online.

According to data by Hootsuite, roughly 42.7% of internet users use an ad blocker. With newsletter advertising, that’s not a problem. By delivering your message in the body of a trusted newsletter, you can market to audiences who can’t be reached through social media or display ads.

Leverage heightened engagement

One of the most valuable aspects of newsletters is their level of reader engagement. It’s not easy to convince someone to give you their email. Therefore, opting in to receive a newsletter is a much stronger signal of interest than liking a page or following an account.

Because newsletter readers are more engaged, email marketing tends to outperform other channels in ROI. Litmus’ 2020 State of Email report calculated an average return of $36 for every $1 spent on email marketing.

Access built-in targeting

Email newsletter lists are often inherently targeted due to their niche content. On the Paved platform, many publishers run interest-focused newsletters based on topics like programming or yoga. Incidentally, this creates a neatly packaged audience that advertisers can leverage for their campaigns.

Programmatic ads allow you to target your audiences even more precisely. On the Paved Ad Network, you can define your target audience, budget and frequency cap. From there, you’ll be able to automatically display your ad in front of individual readers across several newsletters based on their demographic profile.

Join a marketplace to launch your newsletter advertising strategy

Joining a marketplace is the quickest and easiest way to start advertising in newsletters. Instead of reaching out to publishers individually, you’ll be able to request, design and schedule multiple sponsorships in one place.

On the Paved marketplace, you can browse hundreds of newsletters to find the right partner for your brand. Once you’ve booked a campaign, you can exchange messages, send payment and automatically track results through the platform.

Sign up with Paved for free today to unlock all the tools you need to streamline your newsletter advertising campaigns.

Original Post: socialmediatoday.com

Continue Reading

Trending

Chimed.com