The old Portuguese proverb claims that a thief who robs a thief wins a hundred years of pardon. It is a romantic, comforting notion. It suggests a cosmic balancing of the scales, a vigilante tax on the wicked, or at the very least, a victimless crime.
It is also complete nonsense. If you liked this article, you should read: this related article.
In the modern commercial arena, celebrating the exploitation of an exploiter is not just bad ethics—it is catastrophic risk management. The lazy consensus among commentators is that when bad actors prey on each other, the market self-corrects. We see this narrative everywhere: from tech founders cheering when a patent troll gets counter-sued into oblivion, to crypto enthusiasts smirk-tweeting when a predatory platform gets drained by a rogue hacker.
They call it karma. I call it a failure to understand systemic contagion. For another look on this development, see the recent coverage from Business Insider.
When you condone or build a strategy around capitalizing on someone else’s illicit or bad-faith behavior, you are not winning a pardon. You are simply absorbing their toxic liabilities into your own balance sheet.
The Contagion of Corrupt Assets
Let’s dismantle the premise with basic game theory and asset valuation.
In business, value is derived from clean title and enforceable rights. When Actor A steals an asset (intellectual property, data, or market share) and Actor B steals it from them, Actor B does not suddenly possess a clean asset. They possess hot property wrapped in a layer of compounding litigation risk.
I have spent fifteen years advising companies on distressed asset acquisitions and intellectual property disputes. I have watched boards blow millions of dollars buying up the assets of bankrupt, predatory competitors, thinking they were getting a steal. What they actually bought was a ticket to a multi-year deposition nightmare.
Consider a thought experiment. Imagine a software company that builds a product by blatantly violating open-source licenses and scraping proprietary user data. A competitor comes along, identifies the security flaws in this poorly constructed product, and scrapes the scraper—stealing the entire database and user base.
The industry cheers. The bad guy got hit.
But what does the second company actually own?
- A tainted database that violates global privacy regulations (GDPR, CCPA).
- A codebase built on structural theft that cannot be patented, sold, or leveraged in a clean M&A deal.
- A target on their back for every regulatory body looking to make an example of data laundering.
The transaction did not wash the asset clean. It merely transferred the liability to a player with more to lose.
The Myth of the Zero-Sum Game
The foundational error of the "hundred years of pardon" mentality is the belief that corporate warfare is a zero-sum game between two bad actors. It never is. The collateral damage always bleeds outward into the broader market.
When predatory entities fight over stolen goods, they create systemic instability. Look at the decentralized finance space. When a protocol with vulnerable, arguably predatory smart contracts gets exploited by a clever arbitrageur, the community calls it "code is law" and celebrates the hacker beating the sketchy founders.
Then the liquidity dries up. The retail investors lose their shirts. The entire sector faces a regulatory clampdown that stifles legitimate innovation for three years.
The thief robbing the thief did not fix the ecosystem. They accelerated its collapse.
The Operational Cost of Revenge Strategies
Building a business strategy around exploiting the weaknesses of unethical competitors is a trap. It shifts your internal focus from value creation to opportunistic predation.
Unconventional advice that actually works: Stop looking at your worst competitors as targets for retaliation or easy picking.
When you orient your R&D or legal team around exploiting a competitor's shortcuts, you adopt their vulnerabilities. You start playing by their rules. Your engineering team stops asking "How do we build a resilient infrastructure?" and starts asking "How do we exploit their messy API before they notice?"
This creates a culture of cutting corners. You become the very entity you sought to exploit.
The True Cost of "Free" Pardons
There are downsides to taking the high road, and let’s be brutally honest about them. Passing on the opportunity to raid a vulnerable, unethical competitor means you might lose short-term market share. Your quarterly numbers might look softer than those of a rival who has no qualms about playing in the mud.
It requires a high risk tolerance to watch a competitor thrive on bad behavior while you invest heavily in compliance, clean data sourcing, and legitimate talent. It is frustrating.
But the alternative is a ticking time bomb. The legal system, the regulatory environment, and institutional capital do not recognize the concept of a "pardon" for retaliatory theft. When the music stops, the entity holding the stolen goods pays the full bill, regardless of who stole them first.
Stop celebrating the destruction of bad actors by other bad actors. In the real world, the secondary thief does not get a hundred years of peace. They just get the primary thief's handcuffs.
