McAfee Shareholder Meeting: Grand Visions, Few Specifics

McAfee's (MFE) shareholder meeting (Jluy 28, 2008) was a low key event. It appeared less than five non-employees attended. The food consisted of some cookies, what looked like a brownie, and sparking juice (berry flavor).
David Dewalt, McAfee's CEO, did the non-formal part of the presentation. No video presentation was involved--just Mr. DeWalt speaking at the podium for about six or seven minutes. See here for more on Mr. DeWalt.
McAfee is a security technology company that secures systems and networks. They are famous for their anti-virus software. The highlights of Mr. DeWalt's speech are as follows:

1. McAfee has 125 million downloads/sales.
2. McAfee has 4,500+ employees worldwide.
3. They have 1.2 billion in cash and no debt.

After these points, much of Mr. DeWalt's speech was difficult to understand because it was very general. I have been to many technology shareholder meetings, and it seemed as if this speech/presentation was designed to motivate employees and the Board rather than explain anything in detail. Mr. DeWalt talked about inter-locking security, securing the premises and new frontiers, and other terms relevant to McAfee's security focus.
I did catch one point about a partnership with VMWare, Inc (VMW). Mr. DeWalt mentioned McAfee being more involved in virtual machines, not just physical machines. (For more information, you can search Wikipedia for "virtual machine.") And just like that, the presentation was done.
Another shareholder, an Apple (AAPL) user, asked how Apple's continued popularity will affect McAfee. Apple users are known for boasting about their OS's superior safety; however, some engineers have said there is no salient difference in security. Their opinion is Apple enjoys an advantage against hacking because of its popularity (I have never met a programmer who likes Microsoft (MSFT)) and lower user adoption of the Tiger OS. In other words, Microsoft dominates the field, so it has more hackers gunning for it, and if Apple ever became too large, its security system would also be exposed. Mr. DeWalt said the company was researching Apple's Tiger system and would be prepared to handle any security needs. McAfee's "Avert Labs" is their research arm. Here is their blog.
I asked a few questions. I first asked how McAfee is different from Symantec (SYMC) and whether there was a "wide moat" (a barrier to being overtaken by competitors). Both McAfee and SYMC are known for their anti-virus software, but I've never been able to tell the difference between the two companies. Mr. DeWalt tried to answer my question, but was very general. I asked for more details, and he talked about McAfee's superior work in several areas, such as its Software-to-Services model ("SAS," pronounced "sass"). He said that McAfee had taken market share from SYMC over the past two years. He implied McAfee's encryption was better than SYMC's. He also referred to the involvement with virtual applications, not just physical applications. He ended by saying McAfee was also better in risk and compliance issues, such as understanding regulations and how to comply with new and existing laws. His speech had earlier cited HIPAA, SOX (Sarbanes-Oxley), and even Basel II.
Hence, my second question. I asked how McAfee was involved in the Basel II Accord. I asked this question because it made no sense for an online security company to refer to a system designed to improve and harmonize international financial dealings. Basel II is a very complex idea. Put simply, it is designed to create some consistency and trust in international banking regulations so one country does not create worldwide problems by poorly regulating their banks. The advanced, first world countries most likely envisioned Basel II as a way to decrease risk when dealing with less-regulated or emerging markets. Hilariously, America's Fannie Mae (FNM) and Freddie Mac (FRE), while not banks per se, just proved the need for a stronger Basel II Accord, or perhaps an entirely new Basel III.
Mr. DeWalt said that he was working with the U.K. and each country had different regulatory bodies. He focused on data security and data loss. Presumably, Basel II has some requirements for how to store customer data so a James-Bond-type can't download someone's bank account in Switzerland through a laptop.
Mr. DeWalt is an amiable man, but my overall feeling is that he wants to be a visionary and uses grand ideas to establish a vision a la John Kennedy's style. That's great if you want to be president of a nation--but for running a tech company, especially one based on credibility, one must be careful to use words in context and to have specific examples if necessary as support for the grand ideas. Mr. DeWalt didn't really explain whom he was working with in Europe to implement Basel II. The EU is implementing Basel II now, but most countries will be implementing Basel II by 2015. Mr. DeWalt's glib response might have been due to a lack of time or his general style, which is geared more towards enthusiasm than specifics. I came away thinking McAfee has grand visions but needs to work on being more specific in its business and expansion plans.
My last question had to do with a line in the "Risk Factors" section of the 10-K. California is auditing McAfee's 2004-2005 income tax returns. No specifics were listed in the 10-K. I asked about the audit, and the CFO indicated the audit involved apportioning income between states. Most states are experiencing budget shortfalls and are going after any source of untapped revenue. A company like McAfee that sells a lot of their products online to an anonymous end user may have a difficult time determining in which state it or its customers should pay taxes, thereby allowing an argument that it is underpaying certain taxes. For example, if someone downloads a program in Kentucky but uses it in California, which state should get the tax? It's also possible McAfee wasn't collecting any taxes at all during 2004-2005, but I am speculating. The CFO indicated there had been no claim and no settlement discussions with the State of California.
The CEO came up to me after the meeting and shook my hand. I handed him my business card, which lists me as a lawyer. His face sort of froze a bit. No one in business likes lawyers. I need to get a new card for shareholder meetings. Still, Mr. DeWalt, while amiable, needs to be more specific about future plans and how exactly he will take McAfee into the future. Having 1.2 billion dollars and no debt is impressive. Perhaps the numbers already speak for themselves or will speak for themselves. McAfee releases earnings on July 31, 2008.
After the meeting, I thought about McAfee's wide moat. I didn't really see one at first. McAfee has competition from not only SYMC, but AVG, which offers a free security application. I use a paid security service for my work computer, but AVG for a home computer. And that's when it hit me. McAfee did have some protection against becoming obsolete, because no business will entrust their enterprise or business software protection to a company that gives away its product.

Consumers are one small part of the pie when it comes to online security, and McAfee and SYMC probably duke it out for the corporate accounts the way Pepsi and Coke fight for market share. But unlike Coke and Pepsi, when times are tough, people won't cut back on online security. It's the last place any business will skimp on--after all, a business will lose days, maybe even weeks, if hackers access its intranet or files. The new essential product is online security, and a recession won't necessarily affect companies like Secure (SCUR), MFE, and SYMC. But the proof is in the pudding, and we will see on July 31, 2008 whether McAfee's numbers satisfy Wall Street.

Comments

[Rod Thomson:]

Copy of correspondence sent to the Securities and Exchange Commission (SEC)

Subject: File HO1240571, McAfee Inc.

Dear Ms. Sulzberg, as you are aware this matter began as a somewhat small, although not insignificant issue that has gradually reached international proportions. It now has even further relevance to the SEC and US investors because we are now bringing this matter to the attention of the World Trade Organization. Thus, due to more recent developments, namely in filing criminal charges with a foreign government against the CEO and Directors of McAfee who come under your jurisdiction, the SEC and the US government will have to address this issue sooner or later.

During the course of this endeavour, an attempt to retrieve funds that were defrauded from a charitable organization of the Thai Sangha (order of Buddhist monks) through internet fraud, mail fraud, and the illegal deletion of records, we found that dealing with McAfee was like dealing with people from another planet who had no concept of common sense or basic morality. Despite their claims of corporate responsibility and integrity, which we suspect is mainly composed of admitting to some of their earlier criminal activities that are totally undeniable anyway (see 10-K to SEC, 12/21/2007), they remain unchanged in their basic tactics of denial and hiding behind corporate lawyers and accountants.

As stated previously, we suspect that this denial, beginning almost five years ago, rather than either providing the goods and services paid for or offering a refund initially, stems from the fact that many records were deleted (our records were shown on McAfee’s website up to the end of October 2003, when they were deleted), and that this denial is part of the cover up for such illegal deletions of company records. While this denial has continued over the years, the truth is that McAfee were very well aware of the records of our purchase from the very beginning, as can be verified from the following correspondence:

6th January, 2004, from Marivi at McAfee
Please be informed that our Partner Company, Digital River has your records (Digital River then informed us that this was McAfee’s responsibility).

In due course McAfee asked us what we wanted as a resolution to this problem.


June 30th, 2007, from McAfee
What specifically are you wanting as a resolution to this problem?

June 30th, 2007, from us
As for resolution of this issue, we think that it is only fair that we allow you to put forward a solution. If we find such a solution unacceptable, then we will inform you in due course.

July 3rd, 2007, from McAfee
As I've stated previously, there are no records that show you've actually made a purchase from McAfee. You have failed to provide a confirmation of your purchase, therefore McAfee considers this issue closed. (Note that this was a basic contradiction of what McAfee said
three and a half years earlier.)

We later sent correspondence addressed to the CEO of McAfee. This letter, from the head of the foundation, outlined what he thought would be a resolution to this issue, which at that time was approaching four years in length. He said that McAfee should realize that other people’s time is as valuable as theirs, and that as a ‘friendly gesture’ he was proposing two months salary as compensation for the expenses incurred by the foundation in trying to recover their funds (an offer valid for 10 days only). However, as he did not receive a salary then it would be appropriate to use the CEO’s salary as a basis, namely, two months of the CEO’s basic salary amounting to $150,000. The reply to this letter was that our claim was not real and that they would hand this issue on to their legal department.

During this time we had also received counsel from various government officials and legal and law enforcement officers. Some time later, a letter was sent to the Ministry of Telecommunications in Thailand, together with a CD containing copies of all of the evidence. The head of the foundation, following counsel, recommended that McAfee be requested to offer an apology totalling US$17 million, made up of US10 million to the Royal Thai Government, and US$7 million to the charities of the Royal Family of Thailand. A copy of this letter was also sent to the Office of the Principal Private Secretary of His Majesty the King of Thailand.

While this amount may seem to be a lot of money to some, it was basically in lieu of court proceedings, which if followed through are expected to net McAfee employees around 10-12 years imprisonment each (most likely double that if they initially pleaded not guilty and were then found guilty). Note that in Thailand an additional charge would be added to those previously listed, insulting the integrity of the Thai Sangha, a national institution.

Needless to say, we also contacted the Japanese government (where similar legal action may also begin) and also informed the Prime Minister of Singapore, as well as the headquarters of the World Fellowship of Buddhists and many newspapers and organizations here and there.

We note that over the years McAfee appears to have had a ‘cosy’ relationship with certain officials within the government of Thailand, (not our speculation, but simply the opinion of government officials in general, perhaps yet another issue in need of daylight), however, politicians and government officials come and go, while the law remains the same.

Thus, we are committed to retrieving the funds and expenses that the supporters of our foundation have provided, no matter how long it takes. The fact remains that wanted criminals are running an organization under the jurisdiction of the SEC, and this in turn will affect the investors in this organization, either by arrest warrants and trials if necessary, and resulting site blockage and denial of export privileges.


Yours Sincerely,

Rod Thomson

P.S. Further details may be seen on a local US web site, the somewhat aptly and colloquially termed ripoffreport.com under McAfee.

cc World Fellowship of Buddhists, Bangkok; The Office of The R.H. Prime Minister of Thailand; The Office of the R.H. Prime Minister of Singapore; The Nation, Bangkok; Japan times, Tokyo; The South China Morning Post, Hong Kong; etc.

2008 Jul 29 09:21 PM