The Big and the Bad

Proposed new guidelines on merger enforcement just released by the Federal Trade Commission and the Justice Department are a welcome development. In many industries, takeovers have put U.S. consumers at the mercy of a small number of mega-corporations all too willing to use their market power aggressively.

DOJ and FTC have put forth 13 guidelines under which the agencies could block mergers that eliminate substantial competition, increase concentration, entrench or extend a dominant position and so forth. Mergers that substantially lessen competition for workers could also be targeted.

Along with the market benefits that would come from slowing consolidation (reduction in the number of firms in an industry) and concentration (increase in the share of business activity controlled by a small number of large firms), this new aggressive posture could also help to restrain the growth of corporate misconduct.

The reason is that as corporations grow larger and more dominant they seem to become more inclined to break the rules—not only the rules against price-fixing but also those concerning labor standards, environmental protection, transportation safety and much more. Evidence for this can be found in the data collected in Violation Tracker.

A prime example is the financial services sector. The country’s four largest banks—JPMorgan Chase, Bank of America, Citigroup and Wells Fargo—account for $180 billion in cumulative penalties since 2000. This is nearly half of the penalties paid by all of the 330 parent companies in this sector covered by Violation Tracker.

Penalty concentration is even greater in the petroleum industry, where the top five oil companies—Exxon Mobil, Shell, Chevron, BP and ConocoPhillips—are responsible for cumulative penalties of $42 billion. That is three-quarters of the $55 billion paid by all the companies in the sector.

Big Tech giants Meta Platforms, Alphabet and Microsoft have cumulative penalties of $9 billion, which is 60 percent of the total paid by entire the information technology sector. (This excludes Amazon.com, which is categorized in Violation Tracker as a retailer, and Apple Inc., which is put in the electronics category.)

Tyson Foods, JBS (the Brazilian parent of Swift and Pilgrim’s Pride), and WH Group (the Chinese parent of Smithfield Foods), which dominate meat and poultry processing, account for $1 billion in penalties, while leading packaged food companies PepsiCo, Mondelez International, Kraft Heinz and ConAgra account for another $435 million. Together they are responsible for about 40 percent of the $3.7 billion in penalties paid by the food products sector overall.

In other industries such as motor vehicles and airlines there are few significant companies, so penalties are also highly concentrated among them.

This is not to say that mega-corporations have a monopoly on misconduct. Many of the more than 500,000 cases documented in Violation Tracker involve small firms.

Yet their misdeeds usually have a limited impact, whereas the transgressions of the godzillas of the business world cause the most harm to workers, consumers and communities. Preventing large companies from becoming even larger and more dominant will help limit these harms.

More Compliance Officers, Less Compliance

It appears these are boom times for corporate compliance officers. According to an article in Law360, a recent survey by the recruiting firm BarkerGilmore found that that “the demand for compliance talent is higher than ever because of an evolving list of new requirements like environmental, social and governance programs; enterprise risk management and new work culture brought on by post-pandemic norms.” Pay is also rising rapidly for these officers.

This is all good news for those who want to make a career of helping corporations deal with government regulations, but what does it mean for compliance itself? Does the inclination of big business to spend more on this function indicate that corporate behavior is improving?

Based on the data collected in Violation Tracker, that does not seem to be the case. Fines and settlements in the U.S. in 2022 climbed to over $69 billion, the highest annual total in seven years. Over the entire span of time covered by the database, which extends back to 2000, the only higher totals occurred in the mid-2010s, when the annual tallies reached as high as $77 billion due to giant settlements by the likes of BP in connection with the Deepwater Horizon disaster and by the major banks in connection with the mortgage and toxic securities crises.

Last year also saw a jump in the average penalty paid per case. That figure was $2.5 million, up from $2 million the year before. Aside from the $2.9 million average in 2020, last year’s amount was the highest since 2015.

Another indicator that 2022 was a banner year for penalties can be seen in the number of individual parent companies which paid a massive amount–$100 million or more–in fines and settlements. Sixty-three parents gained that dubious distinction, the highest number since 2015.

Included in that group were eleven companies with penalties of $1 billion or more: Allianz, Walgreens Boots Alliance, CVS Health, Teva Pharmaceutical Industries, Wells Fargo, Walmart, AbbVie, Danske Bank, Navient, Bayer and Glencore.

What does it say that penalties are accelerating at the same time that corporations are purportedly putting more resources into compliance? One possibility is that the increasing use of compliance officers is merely window dressing, a gesture meant to satisfy investors concerned about social responsibility. These officers may have little power and influence. They can warn managers about regulatory risks but may have little ability to change behavior that is illicit but profitable.

A more charitable interpretation would be that compliance officers are bringing more violations to light by encouraging companies to self-report infractions. This, in turn, could contribute to increases in overall penalty levels.

This would be a hopeful sign if it meant that companies were at the same time cleaning up their behavior. The problem is that recidivism shows no signs of receding. Year after year, most large companies go on breaking the rules and treating penalties as an affordable cost of doing business as usual.

If compliance officers could do something about that, they would truly be earning their rising pay.

Wells Fargo Pays More for Its Sins

When the Consumer Financial Protection Bureau announced in 2016 that it was fining Wells Fargo $100 million for creating fee-generating customer accounts without permission, bank executives may have thought they could simply pay the penalty and move on.

Instead, Wells has had to contend with a series of regulatory and legal consequences. The latest is a $1 billion settlement the bank has just agreed to pay to resolve a class action lawsuit brought by shareholders accusing it of misrepresenting the progress it had made in improving its internal controls and compliance practices. The deal ranks among the largest securities settlements of all time.

In between the initial CFPB action and the new lawsuit resolution, Wells confronted the following:

  • In 2018 the Federal Reserve forced out several board members and took the unusual step of barring Wells from growing in size until it improved its compliance. It is telling that the asset cap is still in place.
  • That same year, Wells paid $575 million to settle litigation over the bogus accounts brought by state attorneys general.
  • In 2020 the U.S. Justice Department announced that Wells would pay $3 billion to resolve potential criminal and civil liability, but the bank was allowed to enter into a deferred prosecution agreement rather than having to plead guilty. The Trump DOJ also declined to bring charges against any individual executives.

While the monetary penalties paid by Wells are not trivial, they are far from punishing for an institution with nearly $2 trillion in assets and $13 billion in annual profits. They also do not seem to have had much of a deterrent effect.

In 2022 the CFPB took new action against the bank, compelling it to pay a $1.7 billion penalty and provide $2 billion in redress to customers to resolve allegations that it engaged in a variety of new misconduct. Wells was found to have repeatedly misapplied loan payments, wrongfully foreclosed on homes, improperly repossessed vehicles, and incorrectly assessed interest and fees, including surprise overdraft charges. Some 16 million customer accounts were said to have been cheated one way or another.

That 2020 deferred prosecution agreement means that Wells has in effect been on probation. Why, in light of the CFPB case, has the bank not been found to be in violation of that agreement? Is it simply because Wells is now focusing its alleged misconduct on real accounts rather than the fake ones it had been creating? That would be like letting a mugger off the hook for using a knife rather than gun.

Not only should Wells have its probation revoked, but it should undergo something analogous to what the FDIC does when a bank is in financial disarray. Federal regulators should find Wells to be in ethical disarray and take it over while fundamental changes are made to bring it back to some semblance of compliance.

The alternative is letting a rogue institution continue to prey on its customers in any way it can.

A Marriage of Two Tainted Banks

The acquisition of struggling Credit Suisse by its rival UBS may calm the international banking waters, but it will do nothing to improve the compliance profile of the Swiss financial services sector. That’s because both Credit Suisse and UBS have seriously tainted records. Combining them will simply put all those problems under one roof.

Let’s start with Credit Suisse. Its problems extend back at least to the late 1980s, when it was named as one of the banks that allegedly laundered money for a Turkish-Lebanese drug ring. Credit Suisse also played a role in the Reagan Administration’s Iran/Contra scandal.

In the 1990s Credit Suisse was one of the Swiss banks sued in the United States by relatives of Holocaust victims who had been unable to access assets held by the banks for decades. There were also charges that the banks profited by receiving deposits of funds that had been looted by the Nazis. In 1998 the banks agreed to pay a total of $1.25 billion in restitution. The judge in the case later accused the banks of stonewalling in paying out the settlement.

After it acquired a controlling interest in First Boston in the late 1980s and formed CS First Boston, Credit Suisse ended up with more U.S. legal entanglements. CSFB was a target of U.S. divestment activists in the early 1990s because of Credit Suisse’s operations in apartheid-era South Africa. Later that decade, it was one of the investment banks sued for their role in the 1994 bankruptcy of California’s Orange County. In 1998 CSFB agreed to pay $870,000 to settle SEC charges of having misled investors in Orange County bonds and then settled a suit brought against it by the county for $52.5 million.

In 2003, CSFB was one of ten major investment firms that agreed to pay a total of $1.4 billion to settle federal and state charges involving conflicts of interest between their research and investment banking activities. CSFB’s share was $200 million.

In 2009 Credit Suisse agreed to forfeit $268 million to the United States and $268 million to the New York County District Attorney’s Office to resolve criminal charges that it violated economic sanctions in its dealings with customers from countries such as Iran and Sudan.

In 2014 the U.S. Justice Department fined Credit Suisse $1.1 billion and ordered it to pay $666 million in restitution to the IRS after the bank pleaded guilty to charges of conspiring to help U.S. customers evade taxes through the use of offshore accounts.

In 2017 the Justice Department announced a $5.3 billion settlement with Credit Suisse concerning its marketing of toxic mortgage-backed securities a decade earlier. The settlement included a $2.5 billion civil penalty and $2.8 billion in relief to distressed homeowners and affected communities.

Credit Suisse has paid hundreds of millions more in penalties in other cases involving foreign bribery, foreign exchange market manipulation, defrauding investors and much more. Its penalty total in Violation Tracker is more than $11 billion.

And the scandals continue. For example, Credit Suisse is currently embroiled in a corruption case involving the tuna fishing industry in Mozambique.

UBS has a record that is no better. Union Bank of Switzerland and Swiss Bank Corporation, which merged in 1998 to form UBS, were both involved in that same money laundering scandal with Credit Suisse. They were both also embroiled in controversies over investments in South Africa and their polices regarding the accounts of Holocaust victims.

UBS also entered the U.S. market (through the purchase of PaineWebber) and was implicated in the conflict-of-interest scandals. It, too, was prosecuted by the Justice Department for conspiring to aid tax evasion, paying $780 million in penalties.

In 2008 UBS agreed to buy back $11 billion in securities and pay $150 million in penalties as part of the resolution of multi-state litigation alleging it misled customers in the marketing and sale of auction rate securities.

It has paid hundreds of millions more in fines and settlements in cases dealing with financial market manipulation and other offenses. Including that $11 billion securities buyback, its Violation Tracker penalty total is over $17 billion.

In short, the marriage of UBS and Credit Suisse will bring together two banks with highly problematic records. The combined company should work not only to help stabilize financial markets but also to address its legacy of misconduct.

Woke Capitalism or Sleepy Oversight?

Some of the same people who are trying to convince us that January 6 was a peaceful sightseeing outing and that the situation in Ukraine is a minor territorial dispute have come up with a remarkable explanation for the collapse of Silicon Valley Bank. They claim it is the result of what they call “woke capitalism.”

Politicians such as Florida Gov. Ron DeSantis and House Oversight Chair James Comer are echoing claims by propagandist Tucker Carlson that SVB’s collapse was the result of its involvement with ESG—environmental, social and governance policies meant to promote objectives such as sustainability and diversity.

There are two problems with this claim. The first is that SVB was hardly a leader in the ESG world. The bank’s preoccupation was apparently to ingratiate itself with venture capitalists, private equity investors and start-up entrepreneurs, whether or not they were pursuing social goals. It was also chummy with California wineries. SVB wanted to be a power in Silicon Valley, not a crusader. Like most banks, it made some ESG-type investments, but they were a small part of its portfolio.

The other problem is that there is no connection between ESG practices and the forces that led to SVB’s demise. Based on what has come to light so far, it appears what happened at the bank was largely a result of poor risk management. SVB failed to pay adequate attention to the consequences of having loaded up on long-term government debt securities that were rapidly losing value at a time of escalating interest rates.

Along with that poor internal risk management, there was apparently a failure of regulatory oversight. To some extent, this was the fault of the Trump Administration and Congress, which in 2018 watered down the Dodd-Frank Act and exempted banks of SVB’s size from intensive scrutiny.

As pointed out by the New York Times, Moody’s was more alert to the perils at SVB than the regulators or the bank’s own executives. Last week the credit rating agency contacted the bank’s CEO Greg Becker to warn him that SVB’s bonds were in danger of being downgraded to junk status.

This set off a scramble by SVB to raise more capital. Once depositors got wind of this, they began emptying their accounts, many of which had balances above the $250,000 limit normally insured by the FDIC. Soon there was a full-blown run on the bank, prompting regulators to take over SVB and shut it down. The Biden Administration then bailed out the depositors in whole, using assessments from other banks. ESG has nothing to do with any of this.

As this is being written, the business news is focusing on problems at Credit Suisse. It will be interesting to see if the U.S. Right tries to apply the woke label to that situation as well. Although it gives lip service to ESG, Credit Suisse has a track record of less than enlightened practices. Two decades ago, it was being sued over its investments in apartheid-era South Africa. It has a history of lending to oil and gas projects and has been slow to respond to demands to reduce that exposure.

As shown in Violation Tracker, Credit Suisse’s record in the U.S. includes numerous cases in which it paid penalties to resolve allegations relating to the facilitation of tax evasion, foreign bribery and other misconduct. Its U.S. penalty total is over $11 billion.

Come to think of it, the Right will probably decide that a bank with a history of making money from racism, fossil fuels, tax evasion and bribery is worthy of support.

The woke capitalism critique cannot be taken seriously as an explanation of what happened at SVB. Yet there is the danger that it will serve to divert attention for some away from the real problems: reckless bank management and sleepy financial regulation.

Ending the Under-Regulation of the Railroads

When an apparent contract impasse between rail unions and management threatened to bring about a national shutdown late last year, the Biden Administration was quick to act. Unfortunately, the action it took was to ban the walkout without requiring any concessions from the giant rail corporations.

Two months later, a freight train operated by one of those corporations, Norfolk Southern, derailed in East Palestine, Ohio. Many of the 150 railcars—which included tankers filled with hazardous materials such as vinyl chloride—caught fire and burned for days. During this time, the Biden Administration was widely criticized for failing to act promptly.

After a couple of weeks, the administration did catch up, especially once the Environmental Protection Agency got more directly involved. Now the EPA is in charge of the response and is finally requiring Norfolk Southern to remediate the area under plan approved by the agency rather than doing the voluntary cleanup the company had previously promised.

Like many accidents before it, the East Palestine derailment has brought to light some disturbing truths about the way in which the federal government regulates—or fails to regulate—the railroad industry. It is in the wake of these incidents that all the claims by rightwing legislators and corporate executives about heavy-handed oversight of business are revealed to be baseless.

Instead, the problem with railroads is that they are under-regulated and that government officials are too chummy with the major carriers. This is especially true with regard to the Federal Railroad Administration, the unit of the Transportation Department responsible for rail safety.

The FRA’s gentle approach to regulation goes back many years. Here’s an excerpt from a 1996 article in the Los Angeles Times:

The National Transportation Safety Board on Wednesday blamed the Federal Railroad Administration, the Burlington Northern Santa Fe and the railroad industry as a whole for February’s disastrous freight train wreck in the Cajon Pass near San Bernardino…The board said the runaway train derailment apparently occurred because the FRA, the industry and the Santa Fe division of the newly formed Burlington Northern Santa Fe railroad failed to ensure that the train was equipped with a backup electronic brake system that probably could have stopped the train after its main braking system failed… “The problem is that we asked the FRA to do something immediately, and they didn’t do it,” Robert Lauby, chief of the NTSB’s railroad division, told the board.

A 2004 article in the New York Times documented close personal ties between FRA officials and industry executives and lobbyists, adding: “Critics of the agency say that it has, over the years, bred an attitude of tolerance toward safety problems, and that fines are too rare, too small and too slowly collected.” A 2005 audit of the FRA by the Transportation Department’s inspector general expressed concern about the agency’s failure to adequately address systemic safety problems in the industry.

In 2015, following a series of derailments and spills of trains carrying crude oil, the FRA proposed new regulations that were widely criticized as inadequate by members of Congress, state and local officials, and safety advocates.

The Obama Administration did, however, try to implement new rules requiring trains carrying “high hazardous materials” to install electronic braking systems to stop trains more quickly than conventional air brakes. The rule was finalized in 2015, only to be repealed as part of the Trump Administration’s crusade to eliminate regulations.

Reporting published since the East Palestine disaster depicts Norfolk Southern as having taken full advantage of the FRA’s lax oversight and as one of the most aggressive opponents of a proposed regulation that would bar railroads from operating trains with only a single crewmember.

In recent years the company has boosted profits while its accident rates have grown, leading to charges that it is cutting corners on safety to fatten the bottom line. A USA Today analysis found that Norfolk Southern has had the second-highest rate among the major railroads each year since 2019.

The exact cause of the East Palestine derailment is not yet known. If the National Transportation Safety Board finds it was something preventable, that will put heat on both the company and the FRA. The company will face calls to invest more to upgrade its equipment, even at the cost of profits. And the agency will feel new pressure to end its cozy relationship with the industry and show that it is serious about protecting the public.

Biden’s Catalogue of Corporate Abuses

There was not much soaring oratory in President Biden’s State of the Union address, but the speech was an unapologetic call for a full set of progressive policy initiatives. It was also a bold critique of big business practices affecting workers, consumers and communities. Biden offered what amounted to a catalogue of corporate misconduct.

Although Biden implicitly praised the private sector for strong job creation during the past few years and explicitly hailed companies planning to make big investments in U.S. semiconductor production (with generous federal subsidies), he also spoke of the prior decades during which corporations moved large numbers of well-paid manufacturing jobs overseas and devastated many communities.

Biden chastised Big Pharma for charging exorbitant prices and generating high profits, warning that he would veto any attempts by Congress to repeal new legislation that will require the industry to negotiate Medicare drug prices for the first time.  

Calling the tax system unfair, Biden lambasted large companies that have managed to avoid paying anything to the federal government and praised the adoption of a 15 percent minimum. Addressing those corporations, he stated: “just pay your fair share.”

Citing Big Oil’s record profits over the past year, Biden criticized the industry for not investing more in domestic production and instead using the windfall for stock buybacks that boost share prices. He called for quadrupling the tax on those transactions.

Biden went after insurance companies for surprise medical bills and called out nursing homes “that commit fraud, endanger patient safety, or prescribe drugs they don’t need.” He took credit for cracking down on shipping companies that charged excessive rates during the supply-chain crunch.

Touting a bill called the Junk Fee Prevention Act, Biden lashed out at hidden surcharges and fees imposed by hotels, airlines, banks, credit card companies, cable TV and cellphone providers, ticket services, and other sectors. “Americans are tired of being played for suckers,” he declared.

Biden took aim at large employers that require workers, even in low-skilled positions, to sign non-competition agreements, blocking them from taking a job with a competing company. Saying he is “sick and tired of companies breaking the law by preventing workers from organizing” unions, he called for passage of the PRO Act.

Speaking of the efforts to keep small business afloat during the pandemic, he vowed to double-down on efforts to prosecute corruption in those programs.

Biden also joined the chorus of voices denouncing the tech giants, stating “we must finally hold social media companies accountable for the experiment they are running on our children for profit.” He called for legislation to “stop Big Tech from collecting personal data on kids and teenagers online, ban targeted advertising to children, and impose stricter limits on the personal data these companies collect on all of us.”

There was a lot more to the speech, but this was a remarkable recitation of the sins of unbridled big business. It is significant that Biden delivered this critique without ever using the word “regulation,” which the Right has endlessly demonized. Yet he spoke repeatedly of both administrative and legislative initiatives to address the abuses.

The latter category is dead in the water in the new divided Congress. It will be up to the Biden Administration to show what it can do through executive action to turn his critique into significant change.

The 2022 Corporate Rap Sheet

The prognosis for the U.S. economy remains uncertain, but it is clear that 2022 has been a bumper year for corporate penalties. Including an update that will be posted soon, Violation Tracker will end up documenting more than $56 billion in fines and settlements. Among them are a dozen individual penalties in excess of $1 billion.

Many of the largest cases were brought by state attorneys general against large drug companies and pharmacy chains for their role in fueling the opiate crisis. Teva Pharmaceuticals entered into a settlement worth up to $4.25 billion to resolve allegations it deceptively marketed opioid products. Allergan paid $2.37 billion in a similar case.

Settlements were even higher in cases involving the failure of large pharmacy chains to question extraordinarily high volumes of suspicious opioid prescriptions. Walgreens paid $5.7 billion, CVS $5 billion and Walmart $3.1 billion.

The biggest Justice Department penalties were imposed on foreign companies in criminal cases. Allianz, the German insurance company and asset manager, paid $5.8 billion to resolve allegations that it misled public pension funds into investing in complex and risky financial products, causing them to suffer heavy losses. Denmark’s Danske Bank A/S paid $2 billion to settle charges that it lied to U.S. banks about its anti-money-laundering controls in order to help high-risk customers in countries such as Russia transfer assets.

Glencore, a commodity trading and mining company headquartered in Switzerland, paid $1.2 billion in a case involving international bribery. In another case brought under the Foreign Corrupt Practices Act, ABB Ltd, also based in Switzerland, paid DOJ a penalty of $315 million. It was also offered a leniency agreement called a deferred prosecution agreement, even though it was not the first time the company had been caught up in a bribery case.

In another case in which DOJ targeted a foreign company for actions abroad, the French building materials company Lafarge (part of the Holcim Group) paid $777 million to resolve allegations that it gave material support to terrorist groups such as ISIS when it made payments in exchange for permission to operate a cement plant in Syria.

Coming in just under a billion was the $900 million settlement DOJ reached with the drug company Biogen to resolve allegations that it paid illegal kickbacks to physicians to induce them to prescribe its products. This was the largest penalty among some 200 resolutions of cases brought under the False Claims Act during the year.

The biggest environmental fine of 2022 was the $299 million paid by automaker FCA US LLC (formerly the Chrysler Group and now part of Stellantis) to resolve criminal charges that it defrauded regulators and customers by making false and misleading representations about the design, calibration, and function of the emissions control systems on more than 100,000 of its vehicles. The allegations were similar to those faced by Volkswagen in its emissions cheating scandal, for which it paid around $20 billion in fines and settlements in previous years.

This year also saw an environmental settlement of $537 million paid by Monsanto (owned by Bayer) in a case involving the contamination of water supplies with polychlorinated biphenyls, or PCBs.

Privacy was the focus of numerous large cases, especially ones involving the tech giants. Google paid $391 million in a settlement with 40 state attorneys general of allegations the company misled consumers about the collection and use of their personal location data. Twitter had to pay $150 million to resolve allegations by DOJ and the Federal Trade Commission that it misrepresented how it employed users’ nonpublic contact information.

Employment-related cases tend to have lower regulatory penalty amounts, but private class action cases can result in sizeable settlements. This year saw Sterling Jewelers pay $175 million to settle a lawsuit alleging that for years it had discriminated against tens of thousands of women in its pay and promotion practices. Business services company ABM Industries agreed to pay $140 million to settle litigation alleging it failed to keep accurate records of time worked by its janitor employees, causing them to be underpaid.

There were also cases that overlapped employment issues and antitrust. Cargill, Sanderson Farms and Wayne Farms agreed to pay a total of more than $84 million to settle allegations that they violated antitrust laws by sharing poultry workers wage and benefit information, thereby depressing compensation levels.

In 2022 large corporations once again paid vast sums of money in connection with a wide range of misconduct. At the same time, they are spending more than ever to tout their supposed social responsibility credentials. The country would be a lot better off if big business focused less on ESG PR and more on compliance.

Update: After this blog was posted, several other major penalties were announced. The Consumer Financial Protection Bureau announced the largest penalty in its history against Wells Fargo, which was ordered to pay a fine of $1.7 billion and provide $2 billion in customer restitution to resolve allegations that the bank imposed illegal fees and interest charges on borrowers for automobile and home loans. The Federal Trade Commission fined software company Epic Games $520 million for violating online privacy protections for children. And a subsidiary of Honeywell was fined more than $160 million for paying bribes in Brazil.

Blowing the Whistle on Twitter

There has never been much doubt that the tech giants do not take government regulation seriously, but it is helpful to get confirmation of that from inside the corporations. This is the import of a whistleblower complaint from the former security head of Twitter that has just become public.

Peiter Zatko submitted a document to the SEC, the Justice Department and the Federal Trade Commission accusing top company executives of violating the terms of a 2011 settlement with the FTC concerning the failure to safeguard the personal information of users. The agency had alleged that “serious lapses in the company’s data security allowed hackers to obtain unauthorized administrative control of Twitter, including both access to non-public user information and tweets that consumers had designated as private, and the ability to send out phony tweets from any account.”

Zatko’s complaint, which will play into the company’s ongoing legal battle with Elon Musk over his aborted takeover bid, alleges that Twitter did not try very hard to comply with the FTC settlement and that it prioritized user growth over reducing the number of bogus accounts.

These accusations are far from surprising. In fact, three months ago Twitter agreed to pay $150 million to resolve a case brought by the FTC and the Justice Department alleging that it was in breach of the 2011 settlement for having told users it was collecting their telephone numbers and email addresses for account-security purposes while failing to disclose that it also intended to use that information to help companies send targeted advertisements to consumers.

Since Zatko was fired by Twitter in January, he is in no position to describe company behavior since the most recent settlement. It is difficult to believe that the $150 million fine will be sufficient to get Twitter to become serious about data protection.

Twitter is not the only tech company with a checkered history in this area. In 2012 Facebook and the FTC settled allegations that the company deceived consumers by telling them they could keep their information private and then repeatedly allowed it to be shared and made public. Facebook agreed to change its practices.

As with Twitter, it eventually became clear that Facebook was not completely living up to its obligations. The FTC brought a new action, and in 2019 the company had to pay a penalty of $5 billion for continuing to deceive users about their ability to control the privacy of their data. The settlement also put more responsibility on the company’s board to make sure that privacy protections are enforced, and it enhanced external oversight by an independent third-party monitor.

Zatko’s allegations may prompt the FTC to seek new penalties against Twitter that go beyond the relatively mild sanctions in the settlement from earlier this year.

The bigger question is whether regulators and lawmakers are willing to find new ways to rein in a group of mega-corporations. The effort in Congress to enact new tech industry antitrust measures seems to have fizzled out for now. Such initiatives need to be revived. We cannot let an industry that plays such a substantial role in modern life think it is above the law.

Parent Company Makeovers?

The addition of historical parent data to Violation Tracker, including a list of the most penalized corporations based on that data, may have led some p.r. executives to hope that their employer would look better on the new tally. Many of them will end up disappointed.

In last week’s Dirt Diggers, I compared the 100 most penalized current parents to the 100 most penalized historical parents and found limited differences. This week I expand the focus to the top 1,000.  

Among that larger group, nearly half have penalty totals based on historical parent-subsidy linkages that are lower than their totals based on current ownership relationships.

Yet the median difference for those with lower historical totals is just $14 million. Only 34 of the 1,000 companies ended up with zero penalties using the historical basis; another 33 ended up with totals below $1 million. The biggest beneficiary of the different approach is Viatris, almost all of whose $1 billion in penalties based on current linkages were incurred by Mylan and Upjohn before they merged in 2020 to form the new company.

Other parents that look good when switching from current to historical linkages include: Equitable Holdings, whose big penalties occurred when it was owned by AXA, and Daimler Truck, just about all of whose penalties date from the period when it was still part of Daimler AG, now known as Mercedes-Benz Group.

Among the 1,000 most penalized current parents there are more than 400 whose historical total is exactly the same, reflecting the fact that they neither acquired nor spun off penalized subsidiaries. Those in this group with the largest penalty amounts are Deutsche Bank, Purdue Pharma, GlaxoSmithKline, Toyota, Allianz, PG&E, and Barclays. The median penalty total for all the zero-difference parents in the top 1000 list is $59 million.

Sixty-seven of the top 1,000 parents look worse when switching from the current to the historical basis. That is because they divested a heavily penalized subsidiary. Those with the biggest penalty differences include: Abbott Laboratories, which spun off AbbVie with its $1.5 billion in penalties; AXA, which spun off Equitable and its $651 million in penalties; and Daiichi Sankyo, which sold Ranbaxy USA, which had accumulated more than $500 million in penalties.

Another 11 companies—such as BP, which sold its heavily penalized operations in Texas City, Texas to Marathon Petroleum, and General Electric, which has been downsizing in numerous sectors—have historical penalty totals at least $100 million lower than their current totals. Yet all of those still end up with historical totals of more than $300 million, and in four cases—BP, Johnson & Johnson, GE and Boehringer Ingelheim—the amount is above $1 billion.

The upshot of all this is that switching the focus from current to historical parent linkages does not show a dramatic difference in the misconduct track record of most large companies. While the new data may not help much for company makeovers, I hope it will prove useful for those taking a critical look at corporate behavior.

Note: the historical parent data now in Violation Tracker is accessible only to those who purchase a subscription. Searching and displaying the other data remain free of charge.