Here are two news tidbits that really shouldn't go together. This Wednesday, Facebook said it expected to pay a fine of $3 billion to $5 billion to the Federal Trade Commission (FTC) for violating its users' data privacy. Even the low-end estimate would be far and away the biggest penalty the regulator has ever imposed on a technology company. Also on Wednesday, Facebook's stock jumped 10 percent as its latest profits beat Wall Street's expectations.
How on earth could traders reward Facebook's share value even as it gets slapped with a record fine?
The answer is that, in the age of corporate giants and financial behemoths and Silicon Valley titans, one of the largest fines in FTC history just isn't all that impressive.
Subscribe to The Week
Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.
SUBSCRIBE & SAVE
Sign up for The Week's Free Newsletters
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.
The basic point of any fine is incentivization: to cause a company enough pain that it stops doing whatever it was doing to get itself fined in the first place. In this instance, the FTC was investigating how Cambridge Analytica, the now-shuttered British political consulting firm, was able to improperly access the data of some 87 million Facebook users. Facebook had signed a consent decree with the agency to settle a previous series of privacy mishaps, promising to give users clear notice about data policies, and to only share their information after obtaining their explicit consent. The FTC saw the Cambridge Analytica scandal as evidence Facebook hadn't lived up to its end of the bargain.
As you probably guessed, the potential size of the fine in comparison to previous regulatory penalties is what's been grabbing reporters. Politico called it "unprecedented," the New York Times said it was a "milestone," and the Washington Post marveled at the "sheer size" of the legal expense. The fine "could reset the baseline for future privacy investigations, putting the United States on par with Europe in its willingness to go after technology firms," the Post continued. But this is just the wrong comparison to be making.
The problem is that Facebook's first quarter profits were $2.43 billion, after accounting for the $3 billion it set aside to pay the penalty. In other words, even in the worst-case scenario of $5 billion, the FTC's fine won't even eliminate Facebook's profits for a single quarter, never mind the whole year.
Consider that profits are gravy: They're what a corporation spits out to Wall Street after its paid all the expenses — wages, operating costs, capital investments — that actually keep it functioning. Eliminating all the profits for a whole year, or even multiple years, might tick off shareholders. But it wouldn't actually threaten a company's financial health. To really get its attention, you have to knock out profits and cut significantly into operating revenue.
The metric that actually tells us something about a penalty's effectiveness is its size relative to profits and overall revenues. Looking at studies of anti-competitive behavior, for instance, The Economist suggested fines should be as high as 60 percent of annual revenue to seriously influence corporate behavior. It's not a perfect comparison, since Facebook was guilty of a different sort of malfeasance. But the company's annual revenue is around $56 billion. A penalty of $5 billion is less than nine percent of that. (Facebook also has around $40 billion in cash reserves.) The FTC's second biggest privacy-related fine ever was $22.5 million, levied against Google in 2012 — a year when that company made $50 billion in revenue and $10 billion in profits.
Sen. Richard Blumenthal (D-Conn.) was much closer to the mark when he dismissed the fine as "a mere slap on the wrist." Rep. David Cicilline (D-R.I.), the chair of the U.S. House Judiciary Committee's subcommittee on antitrust issues, echoed that phrase, and insisted that "if the FTC won't act, Congress has to."
This problem of paltry fines has been ongoing across multiple industries for a while now. In 2015, for example, media investigations disclosed that major U.S. banks paid a whopping $130 billion in fines and judgments between 2009 to 2014 for violations related to the 2008 financial collapse. That enormous sum amounted to just 26 percent of their total profits over that time period — as a share of their total revenue, it would've been far smaller. In 2018 and 2017, the European Union dropped both its biggest and second-biggest fines ever on Google, at $5.1 billion and $2.7 billion, respectively. In 2017, Google's revenue topped $100 billion. And the FTC's biggest fine ever for false advertising — a massive $14.7 billion for Volkswagen in 2016 — was enough to seriously curtail profits for a year or two, but less than eight percent of that year's total revenue.
It's possible the FTC could pursue other punishments against Facebook besides just monetary penalties, which could give Facebook more of a nudge to reform its ways. It could demand changes to the company's corporate governance, or insist on new and specific rules curbing future data collection and sharing. Marc Rotenberg, the president of the Electronic Privacy Information Center, suggested the FTC should force Facebook to spin off WhatsApp and Instagram as well.
As for Facebook's CEO, Mark Zuckerberg, he at least seems to realize the moment calls for the appearance of humble reflection. Also on Wednesday, Zuckerberg announced his company would shift its practices and platform design in a more "privacy-focused" direction.
But Slate's Ari Ezra Waldman pointed out that Zuckerberg's missive actually focused on encrypting individual messages, without really addressing the questions of collecting user data or sharing it with third parties. "There's no indication that, besides working to encrypt its merged messaging systems, the new Facebook would look any different from the old Facebook when it comes to these kinds of privacy-invasive practices," Waldman wrote.
As Wired caustically noted, Zuckerberg's been apologizing more or less nonstop for Facebook's various privacy and data screwups for over 14 years now, with the company paying plenty of fines and settling plenty of lawsuits along the way. Given the pain an FTC fine will inflict (or, more precisely, won't inflict) on Facebook's bottom line, there's every reason to think this latest "pivot to privacy" will be just one more stop on the endless apology tour.
Long summer days in Iceland's highlands
The Democrats: time for wholesale reform?
5 deliciously funny cartoons about turkeys
US election: who the billionaires are backing
US election: where things stand with one week to go
Is Trump okay?
The life and times of Kamala Harris
Will 'weirdly civil' VP debate move dial in US election?
1 of 6 'Trump Train' drivers liable in Biden bus blockade
How could J.D. Vance impact the special relationship?
Biden, Trump urge calm after assassination attempt
