The document discusses responsible disclosure of security vulnerabilities found by researchers. It provides statistics on known data breaches versus prevented breaches in 2014 and 2015. It notes that responsible disclosure success rates have been higher but the number of records affected is much lower. The document recommends best practices for security researchers conducting responsible disclosure, including finding the appropriate contact, being clear on goals, making a good impression, carefully qualifying issues, avoiding demands or threats, and using clear writing.