- Notices pertaining to the proposed agreement do not provide reasonable notice that they release claims stemming from unauthorized data access in 2012. They explain that the settlement relates to data breaches that occurred in 2013, 2014 and 2015-2016 only.
- The proposed agreement improperly releases those 2012 claims.
- The notice does not give an accurate size of the settlement. For instance, it explains that Yahoo might commit $35 million to attorney fees in a payment that's separate from the settlement fund.
- Related to the last point, the settlement allows for "unreasonably high" attorney fees that could result in the Defendants receiving some monies back.
- The agreement does not adequately reveal the scope of "non-monetary relief," which may or may not include budget increases and the hiring of additional IT personnel to secure Yahoo's systems.
- The notice's supplemental findings disclose a misleading estimate of the size of the settlement class.
Yahoo’s history of nondisclosure and lack of transparency related to the data breaches are egregious. Unfortunately, the settlement agreement, proposed notice, motion for preliminary approval, and public and sealed supplemental filings continue this pattern of lack of transparency.As a result, Yahoo and the Plaintiffs of the class action lawsuit will need to devise, agree to and submit a new proposal that's "fundamentally fair, accurate, and reasonable."