Clubhouse was the only US-based social media app that could be used officially in China. It provided a rare opportunity for cross border dialogue on contentious issues. Now, according to a report, Clubhouse contained security flaws which allowed the Chinese government to access user data.
U.S. audio app Clubhouse said it is updating its data protection policies after a study from the Stanford Internet Observatory (SIO) said it contained security vulnerabilities that left users’ data vulnerable to access by the Chinese government.
The app was launched in March 2020. Masses of users joined from Mainland China and took part in discussions on topics that included sensitive issues such as Xinjiang detention camps and Hong Kong’s National Security Law. But their access to the app was blocked last week, triggering frustration and fear of government surveillance.
A Chinese tech firm Agora Inc supplied back-end infrastructure to Clubhouse. Agora is likely to have access to user’s raw audio, potentially providing access to the Chinese government. Moreover, the metadata relayed to servers were hosted in China and so was the audio relayed to servers. Everything was managed by Chinese entities.
“With the help of researchers at the Stanford Internet Observatory, we have identified a few areas where we can further strengthen our data protection,” the company said in a statement published here by the research group on Friday.
“Over the next 72 hours, we are rolling out changes to add additional encryption and blocks to prevent Clubhouse clients from ever transmitting pings to Chinese servers. We also plan to engage an external data security firm to review and validate these changes.”
The report said, “SIO chose to disclose these security issues because they are both relatively easy to uncover and because they pose immediate security risks to Clubhouse’s millions of users, particularly those in China.”
Surveillance, censorship and government control have always been rife in China. But this time, the Chinese government allowed the app to gather massive user data. As most users were experiencing a free platform for the first time, a lot of topics and contentious issues, which is considered taboo in China, were discussed.
The warning signs were already looming before the censors struck. Global Times, a state-run nationalist tabloid, accused political discussions on Clubhouse of being “one-sided. “Political topics on the platform are not discussed as rationally as other topics like technology or culture,” the paper said.
If reports from the SIO are to be believed then the Chinese government has all the data, including raw voice data of the users pointing their concerns on Xinjiang, Taiwan and Hong Kong.
While people had believed they were safe from surveillance and censorship, the CCP let the app thrive to bait dissidents, accessed the data and then struck down the app, efficiently using the popularity of the US-based free speech platform to identify the dissidents.
While Clubhouse is banned in China, users are still able to use the app using VPN’s. After SIO’s report, the users will be wary of the content they talk about on the app. By censoring the app, the CCP destroyed even the marginal freedom of speech which existed. But it feels now, even that freedom of speech was created to lull the Chinese citizens into a sense of security and then used the ‘ole bait and switch.’