Facebook has revealed just 53 Australians and 10 New Zealanders used the quiz app at the centre of the Cambridge Analytica data harvesting scandal.
The social media giant has previously said, however, that 311,127 people in Australia and 63,714 people in New Zealand had their information "improperly shared" with Cambridge Analytica. In total, 87 million users worldwide were affected.
That would mean that most users impacted were friends or friends of friends of a small number of people that actually took a quiz and consented to share data.
Facebook overnight released a new tool that advises users on the spot whether their data was scooped up by Cambridge Analytica.
The company also outlined a range of steps it said would make it harder for apps to scoop up large amounts of user data.
“We're changing the way login works to reduce the data that an app can request without app review,” Facebook said.
“Apps can only request name, profile photo and email address. Requesting any other data will require our approval.”
The company said it had created a new tool at the top of the news feed to make it easier for users to manage apps.
Facebook also said that, “moving forward, if we remove an app for misusing data, we'll tell everyone who used that app.”
In addition, apps that remain unused for more than three months will now lose access to the user’s information.
Data abuse bounties start at $500
Facebook also released details of a data abuse bounty program.
“This program will reward people with first-hand knowledge and proof of cases where a Facebook platform app collects and transfers people’s data to another party to be sold, stolen or used for scams or political influence,” the company said in a blog post.
“Just like the bug bounty program, we will reward based on the impact of each report.
“While there is no maximum, high impact bug reports have garnered as much as US$40,000 for people who bring them to our attention.”
The rewards start at $500 and the company said that “10,000 or more Facebook users affected is our initial minimum for rewarding issues.”
“We determine bounty amounts based on a variety of factors, including (but not limited to) impact, data exposure, number of affected users and other factors,” it said in a program FAQ.
“The higher the impact and/or number of affected users, the higher the bounty.”