Skip to content

Facebook Stock: Too Good to Be True

Facebook has financial statements that Wall Street dreams are made of. Profit margins are at 40 percent, free cash flow outperforms due to low capex, and annual growth exceeds 20 percent year-over-year. In fact, FB posted 35 percent growth this past year with lots of runway to go. Meanwhile many of its FAANG peers struggle with high capex (Netflix) and diminishing growth (Apple).

To put it simply, Facebook’s cash flow and profit margins are not only some of the best in the S&P 500, but the best in the world. The ad dollar machine has incredible inertia and advertisers simply can’t turn away.  If you are looking at the income statements, then you have every reason to go all-in on this company.

The more insidious issue at hand is that Facebook is posting meteoric growth of 35% year-over-year in the middle of a tech slump, yet the stock price does not reflect the growth. The current earnings should have caused a rally, instead Facebook is at a PE ratio of 19 while posting better growth than Netflix with a PE ratio of 150, Google at 24 and Microsoft at 23.

In fact, Facebook is growing faster than 95% of the S&P 500 with margins higher than 90% of the S&P, but Facebook stock is hovering at post-Cambridge Analytics levels. If financials and free cash flow “never lie,” then this stock should be at $240 right now (well past the stock price it was when posting $40 billion annual revenue)

In April, I published “Facebook’s Challenges are Much Bigger than Cambridge Analytica.” You’d have to go back in a time machine to remember all of the stock investors insisting Cambridge Analytica was “priced into the stock” and Facebook would be the bull story everyone was betting on. Before the Q2 Facebook stock plunge, I insisted that the GDPR was a much bigger deal than investors realized and I broke down the various ways Facebook illegally (in the EU) takes data from users and non-users outside of Facebook. (Jeffrey Gundlach, the Bond God, may have stated the stock would be hurt by regulations, but he most certainly couldn’t explain why revenue would be affected or why investors should care. Likewise, Citron said Facebook was a long-term short, but has now reversed their recommendation to a buy with a fairly sensational report about Facebook being evil, which drove the price down making it a great opportunity – again, not explaining much in the way of the business model).

The goal of this article is to break down the risk of Facebook stock for any investor who wants to know. I realize a large majority of Facebook investors may not want to know, because, well, numbers don’t lie.

First-party data vs. Third-party data

Data extraction that is done inside the apps of FB, Instagram and Whatsapp is fair use and legal. You’ve given consent to use these apps, and how they use your data, within reason, is within the realm of a first-party relationship. This is very similar to how you engage with every company who you provide information to.

For the rest of this article, we are placing those applications aside. They are not at risk. What is at risk is that Facebook collects data from millions of applications and websites it does not own. This is called third-party data because you are not a party to the customer relationship in order to collect the data. As of May 25th, the European Union made this illegal in those geos.

Take a look at your smartphone right now. Facebook is collecting data from your applications through software called Audience Network. If you have 25 apps on your phone, Facebook’s software is tracking you inside 12 of those applications, for example. (Again, we are not talking about Facebook-owned apps – these are not apps owned by Facebook).

The GDPR is concerned with tracking that occurs outside of a first-party relationship, and Facebook’s revenue will be affected when third-party data collection is cut off.

Don’t believe me? You don’t have to. Facebook has stated they expect single digit losses and they list the GDPR and data regulation as a risk in their SEC filings. The window of opportunity here, if you like to bet against Facebook (like I did and will again), is that Facebook investors are walking towards a mirage of uninterrupted returns. They, again, think Facebook’s problems are in the rear view, and that these privacy issues are within Facebook’s domain, such as FB, Instagram and Whatsapp. Perhaps more concerning, is that investors don’t have a means of determining how third-party sites (that Facebook does not own) contributes to the $55 billion in revenue.

Germany is Hot on the Trail

Despite all of the investigations on privacy this past year, regulators and the press struggle to organize the issues into one clear thesis. Are we worried that Facebook is leaking data to profiling agencies like Cambridge Analytica? Is Facebook politically motivated and censoring posts or is this a free platform for people to express their ideas? Or what about the pixel we keep hearing about? Or that Facebook should censor what teenagers post? What was that thing about George Soros and Sheryl Sandberg? It’s a complete mess.

The FTC is unlikely to understand how a software development kit (SDK) works and what kind of device signals SDKs can extract, and why that threatens privacy[1]. The FTC is still reacting to fairly insignificant data leaks and the accusations of political brainwashing (this is what the FTC is likely to fine Facebook for). It clouds the actual practices that lie beneath, and it’s unintelligible as to why Facebook investors should care about any of this.

Not to fault the FTC. Since I wrote my article in April, hundreds of journalists have covered Facebook’s privacy issues, and not one reporter has clearly described how Facebook’s software extracts data across billions of users the company doesn’t have a relationship with, and why this is illegal in the EU as of May 25th, 2018.


My newsletter subscribers get this information first. Sign up here.


Germany, however, is hot on Facebook’s trail. Last month, I read an article that spelled out exactly how and why Facebook’s business models are at risk. If you’re an investor in Facebook, you’ll want to read it and follow what Germany is doing. As the article pointed out, Facebook is collecting data off-site from millions of applications and websites it doesn’t own, and Germany most certainly doesn’t want its citizens tracked by a company in the United States with this software.

Therefore, the approaching FTC fine for political issues or fake news is a red herring. The important regulations to watch are from the European Union as their concerns will have the greatest impact on Facebook’s revenue, which I believe is unsustainable in the current regulatory environment.

What is Audience Network and the Pixel Worth?

Hopefully, Facebook bulls have stopped reading the article by this point as they definitely will not want to hear the specifics on how much revenue is generated from the third-party data that Facebook doesn’t have consent to collect. (If bulls are still reading this article, I am sure to hear about it in the comments).

A few stats:

  • Facebook’s “third-party website and application” revenue is not in their SEC filing. Google clearly discloses this and the company makes $17 billion per year off third-party sites. (I think the fact FB didn’t break out this line item is a bit misleading, but that’s up to the SEC and anyone who experienced losses from Facebook stock to determine).
  • The official statistic I have in my research is that Facebook’s software is in approximately 40% of the mobile applications on the market. That exceeds Google’s third-party reach on mobile and would be about 2 million iOS and Android apps. If you look collectively at these 2 million applications, all of the 3-4 billion smartphones in the world today will have at least 1 of these 2 million applications installed.
  • Facebook Audience Network directly monetizes over 2 billion users (off-Facebook and off-Instagram) yet collects data on approximately 3-4 billion users. The value of this exceeds the value of Instagram (which has 1 billion users).
  • The data from the software informs the entire ad machine for higher average revenue per user. (Lookalike modeling is somewhat complicated but that’s the easiest way I can describe it within this article). I wrote about lookalike modeling a few years back. You can read about it here.
  • In 2016, Facebook executives warned of ad load issues. This means that the Facebook properties of FB and IG can only handle so many ads as there is finite inventory. The majority of the revenue made past this date would have relied on the Audience Network 2 million app-reach.

I put the value of Audience Network and third-party data at $20 billion in annual revenue. This is conservative considering Google makes $17 billion and when comparing apples to apples, mobile is worth much more than desktop (mobile can extract location, text/SMS and app activity across the device). You could probably add about $5 billion in brand reputation issues, as well, if/when third-party revenue is cut off. In addition, Facebook has added about $35 billion in revenue since the warning of ad load issues [2] in 2016, and at the time, Audience Network was stating massive user growth of over 1 billion users. Assuming half of this came from the new software with a reach 3-4 billion people is, again, conservative.

Is Facebook still a great stock at $30 billion annual revenue? Yes, in fact, I think it’s priced pretty close for a company with those financials. The adjusted expectations of the market could cause a shock for a year or two, but in the long-run, a $30 billion in annual revenue with low capex is still a solid business.

Takeaway: If you’re one of my readers who is invested in Facebook, keep a close eye on the EU and don’t get a false sense of confidence if the FTC clouds the press with fines for fake news or political ads while Germany and the EU pursues the software that collects third-party data.

The timing of this is probably 2020-2021, maybe even 2022 for all of the third-party data collection to be regulated. My prediction is that 2019 will be the year the European Union cuts off the third-party software and the United States may catch up during the election year or shortly thereafter. I’m watching the EU closely for a put option now. If they go forward, I’ll enter a short position again (as I did when the GDPR went into effect end of May 2018 and was rewarded for that courage).

[1] For reference purposes, an SDK has the capability to track every activity performed on the smartphone across ten device signals and sensors. They track everything you click, say or text inside the apps, and they can track your location whether you are inside the application with the SDK or not.

[2] Ad loads refer to the limited amount of ads social media feeds can show. For instance, one social media user may see a ratio of one ad per seven posts, which restricts the number of ads Facebook can serve within its own properties of Facebook and Instagram, creating finite limitations.


I write fundamental technology analysis for FATRADER, where top analysts and serious traders share market insights. Learn more about this premium community here.

Sign Up to Receive Bi-monthly Insider Analysis:

I’m an industry insider who writes free in-depth analysis on public tech companies. This year, I predicted Facebook’s Q2 crash, Roku’s meteoric rise, Oracle’s slow decline, and more. Be industry-specific. Know more than the broader markets. Sign Up Now. I look forward to staying connected.



Published inFinancial MarketsTech Stocks

12 Comments

  1. william william

    question ….

    [1] For reference purposes, an SDK has the capability to track every activity performed on the smartphone across ten device signals and sensors. They track everything you click, say or text inside the apps, and they can track your location whether you are inside the application with the SDK or not.

    does this mean that it is unsafe to conduct banking via mobile apps due to username/password being harvested by SDKs?

    • beth.technology beth.technology

      Hi William,

      Banking apps and passwords are generally encrypted and “scrambled” with cryptography and cryptographic keys. The general text you write can be scraped. For instance, the password to this website right now is protected through encryption but any software installed on WordPress could scrape these comments.

  2. william william

    your awesome!

    thanks

    • beth.technology beth.technology

      Thanks for your support! I appreciate you reading my articles!

  3. Always enjoy reading your well thought out reports.
    A total treat in a World crammed with simple sound bites.

    Well done

    • beth.technology beth.technology

      Thank you Robert!

  4. Yesudeep Mangalapilly Yesudeep Mangalapilly

    “What is at risk is that Facebook collects data from millions of applications and websites it does not own. This is called third-party data because you are not a party to the customer relationship in order to collect the data. As of May 25th, the European Union made this illegal in those geos.”

    That will prevent Google Analytics and its ilk to stop working as well. Services like these help third-party application creators to analyze their own traffic and application usage patterns to improve business. Why should a government make this perfectly legal/non-lethal business illegal? It is expensive to build what Facebook provides to app developers for free at scale. I think the EU has lost its mind. Barely anything new comes out of the EU now.

    Please keep writing. I enjoy reading your articles.

    • beth.technology beth.technology

      Hi there! Apologies for the delay. I was at conference last week. I think you have a good point in bringing up analytics and comparing it to programmatic ad technology because both are collecting data. I think the difference here is that Facebook is using first-party data on third party sites. So, Google Analytics can still exist in a privacy environment where first-party data doesn’t go beyond the first-party property. Facebook has very complex data on people and is continuing to collect more outside of Facebook. Why can they monetize this data and not health insurance companies? Or car insurance companies? Or Target? Or Wal-mart? Why is Facebook the exception? I think that’s what needs to be answered.

  5. Don Paquette Don Paquette

    Excellent article and you spell out quite succinctly the pitfalls associated with 3rd party data collection. I believe governments will step in at some point and stop this practice.
    I will exit my position in $FB over the next 6 months.

    • beth.technology beth.technology

      Thanks Don! It’s always up to your discretion as I merely provide the analysis 🙂 If Facebook could address the fact that they use first-party data on third-party sites, that would be ideal so that investors can evaluate the risks.

  6. Alex Alex

    Hello! Thanks for the post!
    I want to ask about one thing that does not add up. GDPR is in effect for almost a year, but quarterly revenues are growing like crazy (the massive decline in the stock last July was not associated with a revenue stumble). It looks like GDPR haven’t affected the revenue. What is your idea about that?

    • beth.technology beth.technology

      Hi Alex,

      You should read the Q2 2018 earnings call transcript as it goes through why that drop happened and why the GDPR continues to affect Facebook’s stock price. There are tie-ins and Facebook has warned investors so when this happens, they can’t be held responsible. This is why the stock price has not gone up much since Q2 2018.

Leave a Reply

Your email address will not be published. Required fields are marked *