PL

Index — twelve companies

Companies

The 33 cases in the database are distributed across twelve companies. Five of them (Meta, Google, Apple, Microsoft, Amazon) account for 24 cases — roughly 73% of the total. Five more have one or two cases each.

Full company pages with case links, timelines and source indexes are available in the Polish edition. English summaries follow.

  • Meta

    10 cases

    Revenue: $156B (2024)

    HQ: Menlo Park, CA

    Facebook, Instagram, WhatsApp, Threads. Largest single operator in the database — 10 documented cases, from Cambridge Analytica to Local Mess. Record €1.2B GDPR fine (May 2023).

  • Google / Alphabet

    6 cases

    Revenue: $305B (2024)

    HQ: Mountain View, CA

    Search, YouTube, Android, Chrome, Maps, Gmail. Six documented cases: Street View Wi-Spy, Safari cookie workaround, Location History, Project Dragonfly, Brown v. Google (Chrome Incognito), API bugs.

  • Apple

    3 cases

    Revenue: $383B (2024)

    HQ: Cupertino, CA

    iPhone, iPad, Mac, Siri. Three documented cases: Batterygate (secret throttling), Siri grading (intimate recordings), CSAM scanning (proposed on-device surveillance, withdrawn).

  • Microsoft

    2 cases

    Revenue: $228B (2024)

    HQ: Redmond, WA

    Windows, Office, Azure, LinkedIn, Xbox. Two documented cases: Windows Recall (every-few-seconds screenshots) and LinkedIn AI training without consent.

  • LinkedIn

    1 case

    Revenue: $15B (2024, as part of Microsoft)

    HQ: Sunnyvale, CA

    Professional network. Owned by Microsoft since 2016. Activated AI training on user posts and messages in 2024, opt-out only. €310M Irish DPC fine (November 2024).

  • Amazon

    3 cases

    Revenue: $575B (2024)

    HQ: Seattle, WA

    E-commerce, AWS, Alexa, Ring, Prime Video. Three documented cases: Ring (employees watching customer video), Alexa (indefinite retention), Alexa COPPA (children's recordings).

  • Uber

    3 cases

    Revenue: $38B (2024)

    HQ: San Francisco, CA

    Ride-sharing, food delivery, freight. Three documented cases: "God View" internal abuse, Greyball (deceiving regulators), 2016 breach with $100K cover-up. CEO ousted, CSO convicted.

  • TikTok / ByteDance

    3 cases

    Revenue: ~$120B (2024, private)

    HQ: Beijing / Culver City, CA

    Short-form video platform owned by Chinese ByteDance. Three documented cases: addictive algorithm targeting teens, child accounts public by default (€345M fine), data access from China confirmed by internal recordings.

  • X / Twitter

    1 case

    Revenue: ~$2B (2024, down from $5B)

    HQ: San Francisco, CA

    Formerly Twitter. Acquired by Elon Musk (October 2022) for $44B. Half of staff laid off. Moderation and security teams dissolved. Grok Imagine deepfake controversy (August 2024).

  • Clearview AI

    1 case

    Revenue: Private, undisclosed

    HQ: New York, NY

    Face recognition firm. 50+ billion face photos scraped from public internet. Sold to 2,400+ US police agencies. Massive European fines (Italy €20M, France €20M, Greece €20M, UK £7.5M) — all unpaid.

  • Zoom

    1 case

    Revenue: $4.7B (2024)

    HQ: San Jose, CA

    Video conferencing. Marketed "E2EE" that did not exist. Keys stored on Zoom servers. Part of traffic routed through China data centers. $85M class-action settlement (2021).

  • Yandex

    1 case

    Revenue: ~$5B (before 2022 restructuring)

    HQ: Moscow / Amsterdam

    Russian search and advertising company. Partner in Local Mess case: Yandex Start browser used localhost to re-identify incognito sessions. Shut off the practice the day of publication.

See also: Polish company index with full metadata and case links.