Clubhouse says reviewing data protection practices after report points to flaws

Platform News: Clubhouse audio and social media app

Clubhouse said it is reviewing its data protection practices, after a report by the Stanford Internet Observatory said it contained security flaws that left users’ data vulnerable to access by the Chinese government.

The app said in a response to the study, published by the research group at Stanford University, that while it had opted not to make the app available in China, some people had found a workaround to download the app which meant the conversations they were a part of could be transmitted via Chinese servers.

“With the help of researchers at the Stanford Internet Observatory, we have identified a few areas where we can further strengthen our data protection,” the company said in a statement published by the research group late last week.

“Over the next 72 hours, we are rolling out changes to add additional encryption and blocks to prevent Clubhouse clients from ever transmitting pings to Chinese servers. We also plan to engage an external data security firm to review and validate these changes.”

Clubhouse did not immediately respond to a request from Reuters for further comment on Saturday.

Launched in early 2020, the app saw global user numbers soar earlier this month after SpaceX Chief Executive Elon Musk and Robinhood’s Vlad Tenev held a surprise discussion on the platform.

Related Article:
Microsoft teams up with EU publishers amid Facebook's Australian spat

Masses of new users joined from mainland China, taking part in discussions on topics that included sensitive issues such as detention camps and Hong Kong’s National Security Law. But their access to the app was blocked last week, triggering frustration and fears of government surveillance.

The Stanford Internet Observatory said that it had confirmed that Chinese tech business Agora supplied back-end infrastructure to Clubhouse, and that Agora would likely have access to users’ raw audio, potentially providing access to the Chinese government.

It also said it observed room metadata relayed to servers it believed were hosted in China and audio to servers managed by Chinese business entities. It added, however, that it believed the Communist government of China would not be able to access the data if the audio was stored in America.

An Agora spokesman said the company had no comment on any relationship with Clubhouse, but that Agora does not have access to or store personal data, and does not route through China voice or video traffic generated from users outside China, including US users. Agora provides software that allows customers “to build their security and privacy infrastructure in a way that is both compliant and relevant to their end-users,” the spokesman wrote in an email.

Related Article:
Tencent aims to become biggest shareholder of video streaming rival iQIYI

The Cyberspace Administration of China, which regulates the country’s internet, did not respond to calls for comment made during China’s Lunar New Year holiday.

“SIO chose to disclose these security issues because they are both relatively easy to uncover and because they pose immediate security risks to Clubhouse’s millions of users, particularly those in China,” the report said.

Data analytics firm Sensor Tower said the app, which is only available on Apple’s iPhone, had about 3.6 million users worldwide as of early February, with 1.1 million registered in the prior six days.

The team at Platform Executive hope you have enjoyed the ‘Clubhouse says reviewing data protection practices after report points to flaws‘ article. Translation from English to other languages via Google Cloud Translation. Initial reporting via our official content partners at Thomson Reuters. Reporting by Brenda Goh. Editing by Clelia Oziel and Diane Craft.

Stay on top of the latest developments across the platform economy and gain access to our problem-solving tools, proprietary databases and content sets by becoming a member of our community. For a limited time, premium subscription plans start from just $16 per month.

Related Article:
Google closes deal to buy Fitbit as US Justice Dept probe continues
Share this Article