Facebook Joins the Multi-Billion-Dollar Penalty Club

July 25th, 2019 by Phil Mattera

It is a sign of how jaded we have become to corporate misconduct that the $5 billion fine imposed on Facebook by the Federal Trade Commission for privacy violations is being shrugged off by the company, by the market and by the public. Many are describing it as a slap on the wrist.

It’s true that a ten-figure penalty is no longer such a rarity. According to Violation Tracker, 35 parent companies have had to pay that amount in at least one case in the United States. Eleven corporations have been hit with billion-dollar-plus penalties more than once. Of these, nine are big banks: Bank of America, Citigroup, Credit Suisse, Deutsche Bank, Goldman Sachs, JPMorgan Chase, Morgan Stanley, Royal Bank of Scotland and Wells Fargo. The other two are BP and Volkswagen.

Bank of America, whose penalty total is far greater than that of any other corporation, has racked up seven ten-figure cases, including three in excess of $10 billion.

BofA’s rap sheet is perhaps the most persuasive evidence that escalating penalties are not having the desired effect of deterring corporate wrongdoing. Even at the higher levels, the fines are seen by large companies as a tolerable cost to pay for continuing to do business more or less as before.

The Justice Department and the regulatory agencies seem to be aware of this and are at least making noises about taking other steps to deter and punish miscreants.

In the case of Facebook that includes provisions in the FTC settlement that will put more responsibility on the company’s board to make sure that privacy protections are enforced. It also enhances external oversight by an independent third-party monitor.

All of this might be more impressive if Facebook had not already signed a previous settlement with the FTC in 2012 that was supposed to establish strong privacy protections—provisions that the company has clearly evaded.

Also contained in the Facebook settlement is a provision that will require Facebook CEO Mark Zuckerberg to personally certify that the company is adhering to privacy protections. This would only have an impact if it is rigorously enforced, with non-compliance putting him behind bars rather than just triggering another big payout.

There is also renewed discussion of stepped up antitrust enforcement, especially against the big tech companies. This would be more effective if federal authorities were willing to try breaking up the likes of Facebook, Alphabet/Google and Amazon rather than seeking limited restrictions on their market power. That approach has largely been shunned for the past two decades, ever since the effort to split up Microsoft collapsed and the DOJ had to settle for more modest remedies.

Prosecutors and policymakers continue to struggle with the issue of how to deal with large companies. Often it seems they are mainly concerned with little more than giving the appearance of getting tough. Only when faced with sustained public pressure will they come up with effective ways to rein in rogue corporations.

Comments are closed.