The French data protection authority CNIL has started investigations into the social media app Clubhouse. It should be checked whether the General Data Protection Regulation (GDPR) is applicable and, if so, whether it is misunderstood, the authority announced on Wednesday. In the event of a violation, the CNIL could order restrictions, it said.
Clubhouse is an audio app from the USA that allows users to listen to conversations like a live podcast or actively participate in discussions. In contrast to networks such as Twitter and Facebook, posts cannot be commented on in writing or “likes” given. The contributions cannot be listened to with a time delay on the platform. However, it is unclear how long the audio rounds are stored in the USA.
Headwind also from Germany
In Germany, the Federation of German Consumer Organizations had warned the US providers of the app, among other things, because of deficiencies in data protection. The clubhouse operator claims the right to make extensive use of the contact information uploaded by the users from the smartphone address books. This is a violation of the GDPR. If the operator does not respond to the warning from the German consumer advocates or if he refuses to sign the declaration of cease and desist, the association could file a lawsuit with the Berlin Regional Court and impose a fine there.
Hamburg’s data protection officer Johannes Caspar had already announced an examination in February and sent a questionnaire to the US operator Alpha Exploration. There are “some doubts” about the practices of the app among local privacy advocates, said Caspar.
One of the biggest points of criticism, namely that Clubhouse only allows invitations to other users if you allow access to your own contacts, should be over soon. This was announced by CEO Paul Davison last Sunday. Users who have released their address book should also be able to request the deletion of this data – directly from Clubhouse. A separate function should appear for this. (with material from the dpa) /