When it comes to America’s biggest technology companies, it seems like regulatory risk has never been higher. Most large technology platforms are facing pressure from U.S. and European authorities, while lawmakers in Washington D.C. seem more inclined to do something — rather than nothing.
As an internet analyst, I am in perhaps the unusual position of having studied another intense regulatory cycle as a bank analyst: the Dodd-Frank legislative process in the wake of the global financial crisis. In 2010 the U.S. Congress passed the Dodd-Frank Wall Street Reform and Consumer Protection Act, marking one of the biggest shifts in financial regulation since the Depression. I spent many weeks on Capitol Hill meeting with key lobbyists and congressional staffers as part of my due diligence into the large U.S. banks.
Living through that experience has helped me calibrate my thinking on three key risks faced by Big Tech, which primarily fall into the categories of privacy, content and antitrust. Before I dive into those issues, I’ll share how my experience as a bank analyst has influenced my views.
1. Trying to predict the exact nature of regulatory outcomes is an inexact science. In my experience, it can be very challenging to develop a research edge on predicting regulatory outcomes. In my view, investors tend to spend too much time on it. I believe it is better to spend more time trying to assess how willing and able companies are to adapt to regulatory change.
2. Companies can survive, and even thrive, following intense regulatory cycles. The Dodd-Frank Act included almost 28,000 new rules and restrictions on banks! Revenue pools were curtailed, capital requirements doubled and compliance costs soared. At the time, some thought big banks just weren’t investable. But starting in 2013, a few large bank stocks went on to significantly beat the broader market over the rest of the decade.
3. Regulatory adaptation is a powerful and often underestimated force that separates winners and losers. In the years following the passage of Dodd-Frank, banks adapted to regulation. They restructured, changed their business mix, became more efficient, learned to optimize capital and developed new competitive edges in areas of technology and marketing.
4. Starting valuations matter a lot. A big reason that big bank stocks had such a great run after Dodd-Frank was their low starting valuations. In my view, among the large U.S. tech companies, Alphabet and Facebook are already pricing in a typical regulatory shock, based on past studies of other industries that faced such pressures. These tech giants also trade at cheaper valuations than Visa and Mastercard, both of which I consider to be high-quality companies with wide competitive moats and pricing power.
5. Politics often prevails more than economic logic in policymaking. I believe there are many examples in banking regulation of irrational policies and unintended consequences. For example, regulators realized that the SLR (supplementary leverage ratio) rule for big banks did not quite work as intended, but it took more than a decade and the risk of a deep recession to recalibrate it. (The rule stipulated the amount of common equity capital banks must hold relative to their total leverage exposure.)
When I look at the major regulatory risks faced by technology companies today, they fall in three broad categories: privacy and data protections, content monitoring and moderation, and antitrust action.
I believe that concerns related to privacy or content may actually strengthen, rather than weaken, the moats of the largest platforms. These companies often boast well-established protocols and have more resources to tackle privacy and legal matters. I’ll briefly address each of them here.
Privacy: This is a nuanced issue with lots of trade-offs, so legislation will be slow. Companies will do more to regulate each other and themselves, while regulation plays catch up.
What’s often missed in the headlines is that the privacy and data transparency restrictions enacted by companies have the potential to be more disruptive to the industry than governmental regulation. IDFA (Identifier for Advertisers) is a recent example, with Apple making changes to its operating system. The ad-tech industry relies heavily on individual data in the form of IDFA user data from Apple and third-party cookies to serve targeted advertisements. Google also plans to phase out third-party cookies on its Chrome internet browser.
Ultimately, competitive advantages will likely accrue to companies that have access to first-party data, or data collected on their proprietary platforms or ecosystems. Companies with capabilities in artificial intelligence and machine learning such as Google and Facebook might also be at an advantage.
What’s more, the regulatory landscape will likely become increasingly complex as more governments institute data privacy regulations. Therefore, I think that recent laws in Europe and the U.S. may have the unintended consequence of supporting the largest companies in the industry over their smaller rivals.
Content: There’s been plenty of debate about Section 230 in Washington, and I think it will most likely not be repealed but reformed.
Section 230 was enacted in the U.S. as part of the Communications Decency Act of 1996. It provides limited federal immunity to providers and users of interactive computer services. To date, internet companies have largely been shielded from the content posted on their platforms.
I anticipate bipartisan consensus will build around requiring internet platforms to increase transparency and reporting on content governance — and remove content within 24 hours if ordered by a court. This means compliance costs may rise and fines could be more frequent, but these rising costs will also widen the competitive moats for the biggest companies.
Antitrust: Going back to my Big Bank analogy, one big difference between the two regulatory cycles is that antitrust is a much bigger focus for the internet companies. Perhaps anticompetition for the big internet platforms now is what “safety and soundness” was for the big banks ― it’s the most important systemic problem regulators see.
Therefore, similar to the “too big to fail” framework for banks, we may see a framework implemented for internet platforms where differentiated anticompetition rules are applied based on size.
I don’t see any significant breakups of companies, but I think future M&A in the U.S. will become much harder to do on a meaningful scale. The U.S. House investigations into the ”monopoly power” of Apple, Amazon, Google and Facebook exemplify closer scrutiny of future dealmaking.
In one example of how difficult it can be to prosecute antitrust cases, a federal judge on June 28 dismissed antitrust lawsuits in the U.S. brought against Facebook by the Federal Trade Commission (FTC) and dozens of state attorneys general. The judge said the FTC's lawsuit did not support allegations that Facebook had gained monopoly status in the social media industry. It remains to be seen whether the FTC will amend its suit and refile.
As with most governmental or regulatory actions, it is important to remember that the first report or first version of a bill is almost never the exact text of the final regulation or law. It is very likely that any changes to antitrust law will look very different from the proposed bills.
Likewise, antitrust cases more often end in settlements or fines rather than the breakup of a company. The big companies may in the meantime work to mitigate any potential impact and self-regulate.
It’s worth noting that past M&A activity has allowed many smaller companies to grow and mature under the umbrella of the big parent companies.
For example, Facebook’s messaging service WhatsApp has more than two billion average monthly users in 180 countries yet provides only a fraction of the firm’s revenue. Alphabet derives the majority of its revenue and earnings from advertising; meanwhile, its autonomous driving unit Waymo and health sciences division Verily have essentially no revenues. But these technologies of the future might be worth billions of dollars to investors as stand-alone enterprises. This may make the companies attractive investments regardless of future regulatory actions, based on the secular growth of the industries in which they operate.
The major technology and internet platforms face a number of challenges ranging from privacy issues and content moderation to antitrust and regulatory pressures. However, I believe that concerns related to privacy or content may actually strengthen, rather than weaken, the moats of the largest platforms since these companies often boast well-established protocols and deep resources pertaining to privacy and legal matters.
Furthermore, regulatory outcomes are difficult to accurately predict and often less important to determining company success than factors related to the business itself, particularly adaptability of the management, ability to develop new innovative products and services, and current valuations. By focusing on these metrics and closely monitoring legal and regulatory developments, it is possible to find attractive investment opportunities in the companies facing these pressures.