According to data protection authority of France, a complaint has been received against the Clubhouse app regarding the infringement of Europe’s GDPR  privacy & security legislation. Currently, the investigations against the app are on. As per the reports of CNIL, Clubhouse has failed to adhere to the compliances of General Data Protection Regulation (GDPR), which holds the significant legislation for offering protection for the citizens’ data.

CNIL has contacted Alpha Explorations, which is the head company of Clubhouse. The Clubhouse is an audio chat app, and it was questioned for assessing its compliance due to some legal issues. Introduced in 2016, the GDPR  was set up to ensure the privacy & security of the EU citizens’ data. The GDPR can be credited with bringing data protection legislation in the states of Europe & they also hold the responsibility for standardizing the requirements of bodies that handle the personal information of the public, along with stamping penalties in case of non-compliance with the rules.

Besides rolling out guidelines for countries located in Europe, GDPR also handles the regulations for organizations in the non-EU countries, which hold the responsibility of collecting & processing personal information about EU citizens. Now, many eyebrows & suspicions are being raised about the privacy of the content of Clubhouse. CNIL has filed a petition against Clubhouse regarding the possible breaches, and it has alerted the owners of the app regarding its security in China. According to the petition, it has been stated that by CNIL that ” if a person signs up, the names and numbers of all of their contacts will be uploaded to a secret database… which can then be sold to third parties.”

Key Aspects of GDPR

After further probation, CNIL has stated that after verification that Clubhouse does not have any operations in European countries & thus, the investigation is being carried out with the support of its new bodies from other member states. After the study, it will be stated whether Clubhouse has to face the case in the courts or not. As per the critical aspects of GDPR –

  • The necessary data will be gathered for only the required purposes;
  • The probing inside of the data of the people cannot happen without consent;
  • Individuals possess the right to ask organizations about the kind of data they can use & how they can use it;
  • The data transfer across borders should happen with utmost precision & safety;
  •  Everyone shall exercise the right to privacy & private data should be stored after designing it into organized systems;

If the organizations do not comply with the GDPR, it can result in a financial penalty of up to 4 percent of annual global turnover or Euro 20 million. Other actions that GDPR can take are also mentioned below-

  • Temporary or Permanent ban on the processing of data packets;
  • Suspending the transfer of data to several countries
  • Rectifying & Restricting data;
  • Reprimands or warnings;

Final Thoughts

It is not outside the reach of possibilities that a state-of-the-art app like Clubhouse located outside of the EU could suddenly contravene GDPR, especially one that has upgraded so fast. One risk may be that it has attained so much popularity quickly that the number of users involved could result in a  severe infringement, although the point that it is still in beta with customer sign-ups restricted to invite-only means that it is not the scenario. It is more likely that any contravention would be relatively small and that, accordingly, so too would any fine.

Hi, this is Elisa Wilson , a tech-savvy from the Canadian province, Alberta. I am a computer science graduate who is currently working as a tech research analyst at Kforce Technologies. Alongside providing detailed info-graphics to studies in question, I also create instruction manuals and troubleshooting guides as per the client’s requirement. Recently, I have created a Roku activation guide, and here’s the link you need to follow: