U.S. Markets closed

EU Heightens Scrutiny of Facebook

- By John Kinsellagh

European regulators continue to spar with Facebook Inc. (FB) in a process of oversight that seeks to reign in one of the largest tech companies in the world. The first shot across the company's bow occurred last June, when the European Commission implemented the provisions of the General Data Protection Regulation, aimed at protecting users' privacy rights. At the time, Facebook and other social media companies faced the specter of potentially large fines for noncompliance.

The latest EU provision will force Facebook to more fully, clearly and adequately disclose and in terms its users can understand, exactly how the company profits from the use of its customers' private data.

"Today Facebook finally shows commitment to more transparency and straightforward language in its terms of use," Vera Jourova, EU's commissioner for justice, consumers and gender equality, said.

Far too many research analysts focus on Facebook's latest earnings announcements and conclude the GDPR or other comparable regulations have had no impact on its bottom line. It is quite alluring to believe that all is well: the company's net digital advertising revenue in the U.S. increased dramatically from $17.42 billion in 2017 to $23.66 billion through 2018. It is quite easy to be seduced by such reassuring numbers.

Such reasoning is short-sighted, specious and ignores that the real risk to the company is not necessarily existing regulations, or those initially enacted last June, but rather the evolution or revision of existing regulation as well as new proposed initiatives. There is a natural lag between enactment of the regulations and the impact felt by the company being regulated. As the chart below indicates, Facebook's operating margins, long untouched in the 40% range, have declined.


In a perhaps foreboding sign, there are companies, due to Facebook's privacy abuses, that, for the first time, are leaving and trying out other social media networks. CNBC noted recently that George Popstefanov, founder and CEO of digital agency PMG, said the agency has seen clients who have pulled away from Facebook, and some that have begun testing other platforms like Pinterest, Twitter (TWTR) or Snap's (SNAP) Snapchat.

I commented earlier when the GDPR was initially enacted about the likelihood that original regulatory provisions would be modified and revised because they were inadequate to implement the intent of the legislation. I indicated one of the most important facets of the new regulations would be the manner in which social media companies obtained users' consent. I posed the question: would the disclosures to consumers be meaningful, sufficient with which to allow them to make an informed choice? Or would the tech companies fail to adequately disclose the ramifications of the opt-out/opt-in choices and continue to use surreptitious means to obtain consent?

Additional questions were raised. What language would be used on customers' screens as notice of their privacy rights? I argued that an important issue was the nature of the disclosure and the prominence with which it is displayed to users. In this regard, due to the fact these companies have had the benefit of operating in a total laissez-faire environment, Facebook and Alphabet's (GOOGL) Google, to date, have made disclosures as they see fit.

I noted at the time that the linchpin of the entire GDPR is how and in what manner will Google and Facebook obtain customers' consent for using their private data? These issues will be the subject of much contention. The effectiveness of the entire GDPR scheme, however, depends on how these questions are answered.

The latest initiative of the EU was drafted to address these exact issues.

In light of the continued growth in advertising revenue while under the regulatory oversight of the EU, a security analyst may mistakenly adopt the "nothing to see here, move along now" attitude of complacency with regard to the negative impact of any of the existing regulatory privacy provisions. After the enactment of the GDPR, many investors remained blithely unconcerned with the potential harm the existing and proposed regulations might have on the social media giant.

The latest EU regulations regarding disclosure is an example of how enlightened regulators can draft more appropriate, targeted and meaningful provisions that put the company's ability to operate its business model with impunity, in jeopardy. In case others have forgotten, Facebook's fantastically lucrative business model is entirely dependent on manipulating and harvesting its users' private data to sell to multiple third parties without its customers' knowledge or consent. Continuing regulatory intervention is going to eventually have a deleterious impact on the company's earnings.

It is difficult to know or ascertain exactly how much Facebook's earnings growth will be impaired. It is undeniable, however, that with each passing year, prior regulations promulgated, over time, are going to catch up and hobble the company's ability to conduct its original business model without restraints and without compensating users, in one way or the other, for selling their private data to third parties for enormous profits.

For those analysts who may continue to ignore these substantive changes in the regulatory environment, a few questions arise: Why did Facebook CEO Mark Zuckerberg emphasize recently that the future of the company lay with private encrypted messaging? Why did Zuckerberg and Chief Operating Officer Sherly Sandberg, behind the scenes, fight tooth and nail to kill the substantive California data privacy law?

However one views the future earnings potential of Facebook and how increasing regulatory scrutiny may diminish earnings growth, at present, it seems apparent that Wall Street has not fully priced in the coming regulatory risks to the company.

Disclosure: I have no positions in any of the securities referenced in this article.

Read more here:

Not a Premium Member of GuruFocus? Sign up for a free 7-day trial here .

This article first appeared on GuruFocus.