Is your data privacy assured on an audio-only social network?

• Audio-chat app Clubhouse has millions of users, millions of dollars, but very few privacy options
• The app has come under scrutiny for its aggressive collection of users’ contact lists

It was a normal weekend night in late January when audio-only social network Clubhouse had a boom in popularity. All it took was an interview with Elon Musk, founder of Tesla and SpaceX that took a turn when Robinhood CEO Vlad Tenev was brought onto the virtual stage. The app, despite being in beta mode, has already garnered millions of users. Unfortunately, Clubhouse has been found lacking in some basic privacy and security protections

For now, the app available only on iOS. It offers its users “rooms” that are essentially group audio chats. The Clubhouse is built on scarcity, a strategy that seems to be working effectively, whereby a person would have to be invited from an existing member in order to join Clubhouse. The invitee has to have the phone number of whomever they wish to invite, giving Clubhouse access to iPhone contacts. In simple terms, no access, no invites. 

In fact, Clubhouse has a few policies that aren’t exactly privacy-friendly, and to learn about that, one would have to dig deep beneath the surface of the privacy policies. To understand it further, one should know how the app works: it’s an invite-only app, structured as a series of “rooms,” where speakers lead discussions in front of audiences who can also be called on to participate.

As of February 20 alone, Clubhouse has surpassed 6.8 million users. At any given moment, thousands of conversations are taking place, most with nary a celebrity in earshot. Its hype has made Clubhouse a cultural sensation within the venture capital space, with some believing the startup’s next step is to outgrow its need for them.

What happens to users’ data privacy?

When a new user is accepted as a member, they have a chance to invite two others – and this is where the first of the data privacy concerns emerge. As part of the sign-up process, a user needs to give Clubhouse access to his or her phone contacts, so they can connect with other users of the social network.

Reports reckon that Clubhouse is using that information to build profiles of people who aren’t yet members. Additionally, the app allows users to participate in public or private audio chatrooms, with the assurance that the content has to be experienced live, and not recorded. 

However, that has not been the case according to Stanford cybersecurity researchers, where a user found a way to stream feeds from multiple chatrooms recently. Clubhouse then confirmed the spill, which is when data is released to a place that is not authorized to have access to it. The firm had banned the user and installed new “safeguards” to prevent conversations from being streamed again.

Clubhouse told BBC that recording or streaming without the explicit permission of the speakers violates the app’s terms and conditions. Then there are further concerns about Clubhouse recording the voice chats that are taking place on the service. The researchers were also concerned that the Chinese government could gain access to the raw audio files on Clubhouse’s servers because its back-end infrastructure is provided by a real-time engagement API firm called Agora, which has offices in both Shanghai and San Francisco.

Clubhouse’s statistics are a promising sign for the fledgling audio platform, which was launched in March 2020. Influential entrepreneurs and venture capitalists are bullish on crowning Clubhouse the next major social network; it’s reportedly valued at US$1 billion after its latest round of funding. The app is currently free to use and doesn’t show ads or offer paid services but Clubhouse founders indicated that they will introduce payment models “sooner rather than later.”

---

---

---

---