Clubhouse, the invite-only (at present) audio chat iOS app, is reportedly tightening its security measures to minimize the potential for the Chinese government to eavesdrop on users, particularly those in China. The move is in response to a report by the Stanford Internet Observatory (SIO) that found potential vulnerabilities that could be used to gain access to activity on the app. Clubhouse was not made available on the App Store in China due to its data privacy record, but some users there found a workaround to access it before it was ultimately blocked by the Chinese authorities last Monday (February 8). Users who had already downloaded it, though, can theoretically continue using it with certain tech tools.
Clubhouse is far from unique in being banned in China, with its government routinely blocking those on which there is content to its disliking. That includes many of the biggest websites in the world, like Google, Facebook, Wikipedia, Instagram, Twitter, the BBC, the New York Times, and The Washington Post. Notably, TikTok is also banned in China despite its parent company ByteDance being Chinese and headquartered in Beijing.
The SIO explains that, while it was to be expected that Clubhouse would be blocked in China, its availability gave a brief glimpse of “rare unfettered Mandarin-language debate for mainland Chinese iPhone users.” It says conversation topics on the app during the period it was accessible included “Uighur concentration camps in Xinjiang, the 1989 Tiananmen Square protests, and personal experiences of being interrogated by police.” With this in mind, it raised concerns that Agora, a software and infrastructure supplier for Clubhouse, is based in Shanghai and that “a user’s unique Clubhouse ID number and chatroom ID are transmitted in plaintext.”
Clubhouse: China Threat & New Security Measures
The SIO says that Agora could be legally compelled to assist the Chinese government with any content it had access to, although the company says it stores no metadata or user audio. However, any data routed via servers in China would likely be accessible to the Chinese government regardless. Either way, users in China could be at risk if their discussions on the app are not to the liking of the Chinese government and they are identifiable via the IDs within the app. It’s thought that any audio chats stored in the US are unlikely to be accessible.
A response from Clubhouse was included in the report by the SIO in which it said that it would add additional encryption to data and blocks to prevent data from being routed via Chinese servers. It also said it would have its changes reviewed by an external data security firm.
