Skip to Content

How Facebook’s $5 Billion Fine Stacks Up to Other Corporate Penalties

Facebook may be making history—and not only with the size of its fine.

The tech behemoth was fined a record-breaking $5 billion on Wednesday by the Federal Trade Commission (FTC) for data privacy violations.

Facebook CEO Mark Zuckerberg wrote in a post that the company agreed to pay a "historic" fine after being accused of misusing data and user privacy, tied to the Cambridge Analytica scandal where 50 million Facebook users' data was taken without permission.

The historic slap on the wrist is still only around a month's worth of Facebook's revenue (which totaled close to $56 billion last year), but the hefty fine is intended to prove a point, says Wedbush's Michael Pachter. “You have to make it hurt," Pachter told Fortune. Facebook was also fined $100 million by the Securities and Exchange Commission (SEC).

"The magnitude of the $5 billion penalty and sweeping conduct relief are unprecedented in the history of the FTC," said Chairman Joseph Simons in a statement. "The relief is designed not only to punish future violations but, more importantly, to change Facebook's entire privacy culture to decrease the likelihood of continued violations."

But Facebook's massive settlement comes as the most recent in a long line of other fines by government entities over the years.

Back in 2017, Dish Network paid a record-breaking FTC civil penalty—some $168 million to the federal government for violating consumer privacy with unwanted calls. Still, Dish's fine is still nearly 30 times smaller than Facebook's.

“These companies are just massive," Pachter said. "How do you make them feel some pain? You’ve got to get to numbers like this if they do in fact do something wrong.”

And as a major player in the tech space, Facebook comes as one of the largest settlements in recent years. But how does the social media giant stack up to previous settlements?

All eyes on big tech

Following a violation of a privacy agreement, wherein Google failed to inform users of Apple's Safari Internet browser that it wouldn't place "cookies" or use target ads, Google shelled out some $22.5 million to the FTC in 2012. Microsoft also had a run-in with the FTC in 2002, during which the company agreed to be monitored for 20 years over privacy concerns over personal information collection through its "Passport" web services.

In a similar vein to Facebook, Google's FTC settlement centered around privacy concerns with users. But the disparity in the fine amount indicates the severity of Facebook's misuses.

"I think [Facebook's settlement] takes on more historic proportions because it's involving the tech industry and there are a lot of concerns," says Thomas Cooke, distinguished teaching professor of business law at Georgetown University's McDonough School of Business.

From financial crisis to Facebook

While tech giants like Facebook have been feeling the heat in recent years, the years following the 2008 financial crisis saw a similar slew of fines and settlements on financial institutions.

As part of the continued fallout of the financial crisis, Citigroup was charged by the SEC for misleading investors in regards to subprime mortgage assets, and paid a $75 million fine to settle in 2010 (in addition, top executives also paid penalties).

Goldman Sachs also faced formidable fines in 2010 for misleading investors about financial products dealing with subprime mortgages—costing the firm a then-record $550 million. Others like Deutsche Bank paid a massive $7.2 billion settlement with the Department of Justice for misconduct in 2017—one of the larger fines in recent years. The bank was penalized for misleading investors and omitting information about loans in relation to mortgage-backed securities. Meanwhile Volkswagen paid some $4.3 billion in criminal and civil penalties to the Department of Justice for an emissions scandal in 2017.

But to many experts, Facebook's fine may be triggering a similar regulatory backlash to data collectors as the crisis did to financial institutions.

Facebook's fine is a game-changer for data collectors

While companies from the tech to financial service industries have had their fair share of fines in the past, experts suggest Facebook's $5 billion fine is not just historic for its amount.

“Regardless of the eye-popping number for the fine, what is also extremely significant is the creation of the independent committee to make the privacy determinations," says Jacob Frenkel, a former federal prosecutor and current government investigations and securities enforcement attorney at Dickinson Wright. "That is, in some respects, more significant than the dollar amount itself, because that sets a precedent for other companies.”

And to Cooke, companies that should be worried aren't relegated to the tech industry. In fact, he suggests it's "a wakeup call for anybody who is collecting data."

"That data is important, there are privacy rights at stake, and if you want to sell it, or use it, without the customer’s knowledge or approval, you run the risk of the FTC coming down on you as well,” Cooke said.

Wedbush's Pachter believes that since "the easiest weapon is a fine," there will be plenty more fines where Facebook's $5 billion came from.

And for the myriad of companies dealing with user data (even Uber, which paid $148 million to settle claims for a data breach in 2018, or Equifax which is facing up to $700 million in a settlement), the message is clear—it was Facebook today, but it might be them tomorrow.

More must-read stories from Fortune:

—Meet the A.I. landlord that’s building a single-family-home empire

—You might have longer than you think to invest for retirement

Facebook’s Libra currency could threaten the global financial system

—The surprising way Republicans used to use immigration to boost the economy

—One of Warren Buffet’s favorite metrics is flashing red. Corporate profits are due for a hit

Don't miss the daily Term Sheet, Fortune's newsletter on deals and dealmakers.