Clubhouse says reviewing data protection practices after report points
to flaws
Send a link to a friend
 [February 13, 2021] SHANGHAI
(Reuters) - U.S. audio app Clubhouse said it is reviewing its data
protection practices, after a report by the Stanford Internet
Observatory said it contained security flaws that left users' data
vulnerable to access by the Chinese government.
The app said in a response to the study, published by the research group
at Stanford University, that while it had opted not to make the app
available in China, some people had found a workaround to download the
app which meant the conversations they were a part of could be
transmitted via Chinese servers.
"With the help of researchers at the Stanford Internet Observatory, we
have identified a few areas where we can further strengthen our data
protection," the company said in a statement published by the
research group on Friday.
"Over the next 72 hours, we are rolling out changes to add additional
encryption and blocks to prevent Clubhouse clients from ever
transmitting pings to Chinese servers. We also plan to engage an
external data security firm to review and validate these changes."
Clubhouse did not immediately respond to a request from Reuters for
further comment on Saturday.
Launched in early 2020, the app saw global user numbers soar earlier
this month after Tesla CEO Elon Musk and Robinhood CEO Vlad Tenev held a
surprise discussion on the platform.
Masses of new users joined from mainland China, taking part in
discussions on topics that included sensitive issues such as Xinjiang
detention camps and Hong Kong's National Security Law. But their access
to the app was blocked last week, triggering frustration and fears of
government surveillance.
[to top of second column] |
The social audio app Clubhouse is seen on a mobile phone in this
illustration picture taken February 8, 2021. REUTERS/Florence
Lo/Illustration
The Stanford Internet Observatory said that it had confirmed that Chinese tech
firm Agora Inc supplied back-end infrastructure to Clubhouse, and that Agora
would likely have access to users' raw audio, potentially providing access to
the Chinese government.
It also said it observed room metadata relayed to servers it believed were
hosted in China and audio to servers managed by Chinese entities. It added,
however, that it believed the Chinese government would not be able to access the
data if the audio was stored in the United States.
Agora did not immediately respond to a Reuters request for comment while the
Cyberspace Administration of China, which regulates the country's internet, did
not respond to calls for comment made during China's Lunar New Year holiday.
"SIO chose to disclose these security issues because they are both relatively
easy to uncover and because they pose immediate security risks to Clubhouse's
millions of users, particularly those in China," the report said.
Data analytics firm Sensor Tower said the app, which is only available on
Apple's iPhone, had about 3.6 million users worldwide as of Feb.2, with 1.1
million registered in the prior six days.
(Reporting by Brenda Goh; Editing by Clelia Oziel)
[© 2021 Thomson Reuters. All rights
reserved.] Copyright 2021 Reuters. All rights reserved. This material may not be published,
broadcast, rewritten or redistributed.
Thompson Reuters is solely responsible for this content.
 |
