Since the beginning of this year, Clubhouse has been defined as the new trendy social network. It is an audio-based platform that, although it was launched on the iOS operating system in April 2020, recorded its biggest growth in January 2021. You can only join by invitation, although its creators have promised that it will open to the world in the coming months.
Its business model has attracted a lot of attention, but it also raises questions about privacy. For starters, this website records your conversations or can keep your data if a friend gives away his contacts without you having to know about it, and there are other policies regarding the use of Clubhouse that have raised doubts about whether the user is not putting his privacy at risk.
A few days ago an investigation by the Stanford Internet Observatory (SIO) said that the social network Clubhouse has presented security problems that have allowed the Chinese government to have access to user data. Specifically, the Stanford researchers have stated that it is even possible that the raw data of conversations was accessed, along with metadata that includes the application ID and the meeting or room ID. That data was transmitted unencrypted and in plain text.
Also, Clubhouse confirmed a few days ago that it experienced a data breach last Sunday, February 21 because a user realized he could be in multiple rooms at once, connected the Clubhouse API to its website, and shared his login with anyone on the web who wanted to listen to voice chats from the app.
In addition to these controversies, there are other issues with Clubhouse’s basic operation that may pose privacy concerns for its users.
Four Clubhouse practices that cause privacy concerns
- Clubhouse records your audio. One of the “features” of Clubhouse is that it is ephemeral. You can only listen to what is happening at the moment. You cannot save conversations for later, nor can you pause the room you are in. You have to show up live to participate in the experience. That’s something that differentiates it, for example, from podcasts, which are recorded and can be listened to at any time. However, despite that, Clubhouse can, and does, record what you say.
- Specifically, the app’s privacy policy states, “To support incident investigations, we temporarily record audio from a room. If a user reports a policy violation or security incident while the room is active, we retain the audio to investigate the incident and do not delete it until the investigation is complete. If no incident is reported in a room, we delete the temporary audio recording when the room ends.” Now, as Inc explains, if someone reports a problem, everything that happened in the room is recorded and saved, whereas Clubhouse doesn’t make it clear what happens then. It doesn’t say who can listen to it, or under what conditions.
- Other people share information about you without you having any control over it. This application is invitation-only. Even if you choose not to create an account to access Clubhouse, if a friend or acquaintance of yours has given your data, there is nothing you can do about it. It should be remembered that the application encourages users to upload their entire contact database to send invitations and does not give the possibility to share only specific contacts. You have to share all or none, that forces users to give much more data than they would want to, and not their own.
- Also, these people who decide to share their contact list do not only give the name. If they connect their profiles on social networks, that information is also collected. Clubhouse specifically says that when “you create your account, and/or authenticate with a third-party service such as Twitter, we may collect, store and periodically update information associated with that third-party account, such as a friend or follower lists.”
- Personal information and how this business will be financed. In general, how social networks market their users’ data to third parties to make money, while companies offer personalized advertising to each person, is a cause of controversy. The launch that Apple is preparing to help its users block Facebook’s ability to collect personal information has once again brought this issue to the table.
- How does Clubhouse make money? According to Inc, one of the biggest questions surrounding this social network is how it intends to make money. Looking at the privacy policy, it is clear that it will probably involve some sort of advertising or sponsorship system. To prepare for this, Clubhouse makes it clear that it “may share personal data with our current and future affiliates.” That same section makes it clear that Clubhouse “may share the categories of Personal Data described above without notice to you.” That means that it does not notify you when that personal information, previously provided to Clubhouse, is being used by third parties.
- Clubhouse tracks its users. The company’s privacy policy says that it uses cookies, pixels, and tracking technologies to monitor what you do within Clubhouse, across the web even though they are not currently monetizing the app. The company’s privacy policy explicitly says that they may “share Identifiable Data and Internet Activity Data with social media platforms and other advertising partners who will use that information to serve you targeted ads on social media platforms and other third party websites – under certain regulations.”
- So, everything points to the fact that, although now the trendy new social network is not making money, it is preparing to monetize the platform it is building, thanks to its users’ data.