Crime Pays
(If You're a Corporation)
The formula is simple. Break the law. Make tens or even hundreds of millions. Maybe billions. Sometimes you get caught, and if you do, you might be fined. The fine might even be in the billions. But the pattern is always the same. The fine is a fraction of what you got by breaking the law and the rules. Keep the rest. Repeat.
This isn’t a loophole. It’s the business model, and we’ve seen it time and time again.
The Anti-Virus Company:
Avast sold antivirus software with the pitch: “Shield your privacy. Block third-party tracking. Reclaim your browser.”
What they didn’t mention in the marketing: they were the ones doing the tracking. And the selling. And the reclaiming - of your data, for their profit.
From 2014 to 2020, Avast collected every website you visited, every search you made, every click you performed. They knew when you looked up breast cancer symptoms. They knew what dating sites you used. They knew your political leanings, your religious beliefs, your location, your financial struggles. They stored 8 petabytes of your browsing history - that’s 8,000 terabytes - and funneled it through a subsidiary called Jumpshot.
Jumpshot’s sales pitch to corporate clients was equally blunt: “See where your audience is going before and after they visit your site. Track those who visit a specific URL. Every search. Every click. Every buy. On every site.”
They sold this data to over 100 companies including Google, Microsoft, Home Depot, Pepsi, McKinsey, Omnicom. One contract with Omnicom alone was worth $2 million per year for access to the browsing data of 50% of Omnicom’s customers across the U.S., U.K., Mexico, Australia, Canada, and Germany. Jumpshot was generating around $36 million annually, with the subsidiary valued at $177 million.
Just to rub it in: Avast’s software promised to protect you from exactly this kind of surveillance.
In 2024, the FTC finally stepped in. They fined Avast $16.5 million and banned them from selling browsing data.
The damage: Betrayed the privacy of 430 million users for at least six years.
The profit: Tens of millions in annual revenue, potentially over $200 million total.
The penalty: $16.5 million.The math: Crime paid. Handsomely.
This Isn’t a Bug. It’s the System.
Avast isn’t an outlier. It’s the template.
The Telecom Giants
In 2024, Verizon, AT&T, and T-Mobile were fined a combined $200 million by the FCC for illegally selling customer location data to third parties. The data could track your real-time movements; where you lived, where you worked, where you went for medical appointments.
Sounds like a big number. Until you remember these carriers generated billions during the years they were selling your location data.
Facebook: The Cambridge Analytica Special
In 2019, Meta paid a record $5 billion fine for the Cambridge Analytica scandal—where they allowed a political consulting firm to harvest the data of 87 million users without consent, which was then weaponized for voter manipulation.
$5 billion is a bigger fine than the others, but it still represented less than a quarter of Meta’s 2018 revenue. Mark Zuckerberg’s net worth barely flinched. The company didn’t restructure. The surveillance continued.
Critics pointed out the obvious: if you make $10 billion doing something illegal and get fined $5 billion, you still made $5 billion. That’s not a punishment. It’s a profit margin.
Big Pharma: The Serial Offenders
Between 2003 and 2016, a study found that 22 out of 26 large pharmaceutical firms engaged in illegal activities - mostly price-fixing, off-label marketing, and fraud. These violations resulted in $33 billion in fines.
Of course the illegal activities often generated far higher profits than the penalties. Companies like Teva and Glenmark were caught fixing the prices of generic drugs, inflating costs for patients who depended on affordable medication. The fines? Lower than the profits made during the period of inflated pricing.
When Purdue Pharma helped create the opioid epidemic by fraudulently marketing OxyContin, they made an estimated $35 billion. Their settlement? $8 billion, with the Sackler family personally protected from most liability.
The formula: Poison a generation, destroy hundreds of thousands of lives. Make $35 billion. Pay $8 billion. Walk away.
Volkswagen: The Diesel Lie
Volkswagen installed software in 11 million diesel vehicles to cheat emissions tests, allowing them to market cars as “clean diesel” while they were actually spewing pollutants at up to 40 times the legal limit.
They sold millions of cars on this lie. The fines eventually reached into the billions - but only after years of generating massive revenue from the fraud. And even then, the penalties were spread across multiple countries and settlements, softening the blow.
By the time the dust settled, Volkswagen was still profitable.
3M - Poisoning for Profit
For decades, 3M manufactured products containing PFAS—”forever chemicals” that don’t break down and accumulate in human bodies and water systems. They knew these chemicals were toxic. They sold them anyway.
The result: contaminated water supplies across the United States affecting millions of people. Cancer clusters. Developmental issues in children. Ecosystems destroyed.
3M’s penalty: $12.5 billion.
Sounds massive. Until you realize they made far more than that selling PFAS-containing products for decades. The settlement came only after the damage was done. Irreversible, generational harm to public health.
I could go on - there’s far more, but I’m sure you get the idea.
Why Fines Don’t Work
A 2021 study analyzing corporate fines found that for major corporations, penalties rarely deter future violations. Why? Because the math doesn’t add up.
Take Apple. In 2024, the EU fined them $1.9 billion for antitrust violations related to music streaming. Apple generates around $1 billion in revenue per day. The fine represents less than two days of operations.
Or Bank of America, which has paid over $87 billion in penalties since 2000 for various misconduct - mortgage fraud, improper fees, misleading customers. Despite the eye-popping total, these fines are treated as regular business expenses. The penalties never exceed the profits from the misconduct. So why stop?
The pattern is consistent:
Break the law in a way that generates enormous profit
Get caught (maybe - most don’t)
Pay a fine that’s a fraction of the profit
Issue a press release saying you “disagree with the characterization of the facts” but are “pleased to resolve this matter”
Continue business as usual
It’s not crime. It’s strategy.
The Real Victims
While corporations treat fines as line items in their budgets, real people pay the price:
Avast users who paid for privacy protection and got surveillance instead
Patients who paid inflated prices for generic drugs because of illegal price-fixing
Communities drinking PFAS-contaminated water
Families destroyed by the opioid epidemic
Consumers breathing Volkswagen’s diesel emissions
Everyone whose data was sold, resold, and weaponized without consent
The corporations get to keep operating. The executives get to keep their bonuses. The victims get nothing, or if they’re lucky, a class-action settlement check for $7.43 several years later.
The system is designed to absorb these fines. They’re tax-deductible. They’re insured against. They’re factored into multi-year financial planning. There’s no executive accountability. People rarely go to jail, and the fine is paid by the corporations, not individuals.
What we call “enforcement” is actually just a toll for doing business illegally. And the toll is cheaper than doing business legally. There’s no deterrent - the next company sees the cost-benefit and takes the same gamble
The Quiet Part
Regulators know this. They’ve known it for decades.
When the FTC fined Avast $16.5 million, they didn’t accidentally set the number too low. They calculated it based on legal frameworks designed by and for corporations. The law itself is structured to make crime pay.
The same politicians who write these toothless regulations receive campaign contributions from the companies they’re supposed to regulate. The same agencies tasked with enforcement are staffed by people who rotate between government and the industries they oversee.
It’s not corruption in the traditional sense. It’s the system functioning exactly as designed: to protect capital, not people.
So What Now?
The depressing reality is that nothing will change until the penalties exceed the profits. Meaningfully. Painfully.
A $16.5 million fine for a company that made tens of millions annually from the crime isn’t justice.
A $5 billion fine for Meta when they made over $20 billion that year isn’t a deterrent.
Real deterrence would look like this:
Fines that exceed total profits from the illegal activity (not just a fraction)
Personal liability for executives who approved the misconduct
Criminal charges where fraud occurred
Mandatory structural changes to prevent repeat violations
Actual dissolution of companies that are repeat offenders
Politicians that aren’t in the pocket of the corporations
Until then, the message to every corporation is clear:
Break the law. Make billions. Pay millions. Profit.
The Tagline They Won’t Print
Crime doesn’t pay - unless you’re a corporation.
Then it pays extremely well.
Just was talking about this last night, albeit too simplicity now that I read through this. My main point to people is that fines like “5 billion” sound like a lot but to regular people, but to these corporations it’s nothing. I like your breakdown of the 1-5 steps. Especially that they decide to do it and they know they might get caught or maybe not and then they’ll just settle, press release, and keep it moving. We need more personal accountability.