Based on the fact that the ISPs lobbied to be able to sell browsing history... I don't think any government agency truly enforces consumer privacy protection.
Not that FTC will hurt them more given their past penalties but...
IMO, the penalty should be xx% of their revenue. Customer data is sacred; unless you can secure it, don't ask for it.
The breach occurred on Dec 14th 2014 and it wasn't disclosed until 2016 during the acquisition by Verizon.
Taken from the sec's site:
" Instead, the company’s SEC filings stated that it faced only the risk of, and negative effects that might flow from, data breaches. In addition, the SEC’s order found that Yahoo did not share information regarding the breach with its auditors or outside counsel in order to assess the company’s disclosure obligations in its public filings. . Finally, the SEC’s order finds that Yahoo failed to maintain disclosure controls and procedures designed to ensure that reports from Yahoo’s information security team concerning cyber breaches, or the risk of such breaches, were properly and timely assessed for potential disclosure."
A better title would be “SEC Penalizes Yahoo for Failure to disclose Massive security breach”
Then failure to disclose is the object
“SEC Penalizes Yahoo $35M for Non-Disclosure of Massive Cyber Theft” would be better.
UPDATE: Seems like it's Altaba that's paying the fine.
Wow we must have a sophisticated, moral civilisation here.
Compared to, say, Zuckerberg or Equifax's public raking over the coals.
Sorry to be pedantic but it'd be 'her job', in this case - Marissa Mayer was CEO at the time.
She testified and took a lot of the blame, whereas the fine happened under Tim Armstrong. I figured I'd go with the latter since that's when the fine came down, but I think both deserve credit (good or bad).
> A CEO ... . Like it or not, their job is to protect the company, not the users.
It wouldn't sound as correct if the subject was a specific person. In that case the gender-specific pronoun would be better.
> Marissa Mayer, as CEO ... . Like it or not, her job is to protect the company, not the users.
Even so, use of 'their' in the latter example would still be acceptable, if a little odd, because it's referring more to the role than the person (I think).
 for what it's worth, I think you're overwhelming underestimating the percentage of people who think more gender-inclusive language is a useful thing.
That said, I didn't suggest the option because I was trying to make that point, I suggested it because the parent was dealing with a situation (unsure of gender of the CEO) where use of the singular they is really effective.
but in any case, yahoo is already effectively dead, so this is pretty meaningless imho
“While those factors may caution the public, many wonder if anyone reads what is often viewed as nothing but legalize”.
I assume they mean “legalese”.