Yes, and that shouldn't be a crime.

Now a more relevant example:

I discovered a security vulnerability in FB.

1. Publish the vulnerability publicly (legal)

2. Sell the vulnerability to exploiters (illegal)

3. Accept FB's bug bounty reward (legal)

4. Attempt to negotiate a different amount with FB, falling back to #1 (illegal, blackmail)

5. Attempt to negotiate a different amount with FB, falling back to #2 (illegal, extortion)

6. Attempt to negotiate a different amount with FB, falling back to #3 (legal)

I assert that treating #4 as a crime is to use the police powers of the state to protect FB's wallet.

Negotiating is above-board in its own right, which means you've got the right to say, "No, that price is too low," and walk away from the exchange. But, in a broad sense, I'd argue it becomes an issue when you say, "If you don't pay me, I'm going to facilitate crime with this data (or at least make it easy for others to do so)!" Because it's contemptuous of the law—not to mention it's a power dynamic that can really jeopardize a person's agency and certainly leads us to a more corrupt society if it's not acknowledged formally for being untoward.

But I also think a lot of these companies are happy to frame negotiations as extortionate if someone has the audacity to counter their offer, and that's bullshit. But it would also be bullshit to try to drive up the price on a real bounty after the fact by threating to let the bountied person run free with a map to your house, so it's complicated and I can see the precedent in thought there.

Threatening it as consequence of non-payment is, though. The nature of blackmail is weird, it gets written about a lot.

The facilitation the gp was referring to was what would be done with the vulnerability after it was publicly released.