the NDA demand with a same-day deadline is such a classic move. makes it clear they were more worried about reputation than fixing anything.
the NDA demand with a same-day deadline is such a classic move. makes it clear they were more worried about reputation than fixing anything.
Reply: "sorry, before reaching out to you I already notified a major media organization with a 90 day release notice"
In case someone takes this as actual advice, I think this comment is best accompanied with a warning that this gets them to call a lawyer for sure ^^'
(OP mentions a lawyer in the title, but the post only speaks of a data protection officer, which is a very different role and doesn't even represent the organization's interests but, instead, the users', at least under GDPR where I'm from)
Typical shakedown tactic. I used to have a boss who would issue these ridiculous emails with lines like "you agree to respond within 24 hours else you forfeit (blah blah blah)"