(TibetanReview.net, Feb15’21) – The invite-only audio chat app Clubhouse which was banned by China last week and has become popular globally may be leaking users’ audio data to the Chinese government, the IANS news service Feb 15 cited researchers at Stanford University in the US as saying. China banned the app after it found that China-Taiwan relations and the Uighur genocide were being discussed on it during a brief moment it became available in the country.
The Stanford Internet Observatory (SIO) has confirmed that Agora, a Shanghai-based provider of real-time engagement software, was the supplier of back-end infrastructure to the Clubhouse app.
“The SIO has determined that a user’s unique Clubhouse ID number and chatroom ID are transmitted in plaintext, and Agora would likely have access to users’ raw audio, potentially providing access to the Chinese government,” the report quoted SIO researchers as saying in a blog post.
The users’ metadata is sent over the internet in plaintext (not encrypted), meaning that any third-party with access to a user’s network traffic can access it.
“In this manner, an eavesdropper might learn whether two users are talking to each other, for instance, by detecting whether those users are joining the same channel,” the researchers have warned.
The report said that in at least one instance, SIO observed room metadata being relayed to servers believe to be hosted in the People’s Republic of China (PRC), and audio to servers managed by Chinese entities and distributed around the world via Anycast (a wireless display receiver).
“It is also likely possible to connect Clubhouse IDs with user profiles,” the researchers have noted.
The report noted that last week, the drop-in audio chat app enabled rare unfettered Mandarin-language debate for mainland Chinese iPhone users, before being abruptly blocked by the country’s online censors on Feb 8.
It said that alongside casual conversations about travel and health, users frankly discussed Uighur concentration camps in Xinjiang, the 1989 Tiananmen Square protests, and personal experiences of being interrogated by police.
“Clubhouse app’s audio messages, unlike Twitter posts, leave no public record after speech occurs, potentially complicating Chinese government monitoring efforts,” the Stanford team has emphasised.
The report cited Clubhouse as saying it was rolling out changes to add additional encryption and blocks to prevent its clients from ever transmitting pings to Chinese servers.