Clubhouse: How to Ensure Data Protection Compliant Use

Celebrities are using it, politicians are using it, and chances are, your employees are using it. But what is the Clubhouse app, the most popular app in the AppStore at the start of 2021? More importantly, what do companies need to be aware of?

The Clubhouse app creates shadow profiles of a user's contacts on its servers.
The Clubhouse app creates shadow profiles of a user’s contacts on its servers.
(Image by Nicola Fioravanti on Unsplash)

What Is the Clubhouse App?

Clubhouse is a new social media network, a social audio app. Clubhouse consists entirely of audio content and is essentially a cross between a live podcast or a conference call. It offers an interactive platform for lectures and discussions.

Downloading the Clubhouse app is by invitation only. One reason why the media and celebrities are talking so much about Clubhouse. With an invite-only way to join, the FOMO effect (Fear of Missing Out) is high. And that partially explains the app’s viral success.

Interestingly, Clubhouse is only available for Apple’s iOS devices so far. According to the app developers, Alpha Exploration Co., a U.S. start-up, an Android version is in the planning stage.

What Data Does the Clubhouse App Collect?

If you ask yourself what data Clubhouse collects, then you quickly find yourself confronted with the issue at hand. Why? Clubhouse asks anyone who signs up to share their complete phone contacts. Only people who grant Clubhouse access to their contacts can invite two other people. Once Clubhouse has access, it creates shadow profiles of the contacts on its servers.

By using the Clubhouse app, your contacts are transmitted to the servers in the United States.
By using the Clubhouse app, your contacts are transmitted to the servers in the United States.

And this is where companies need to pay close attention. As soon as employees have business contacts on their iPhone, the company, as in the employer, is responsible for protecting these contacts from any unauthorized access. As soon as this employee uses the Clubhouse app, they have transmitted data to Clubhouse.

How to Protect Business Contacts

But how do you protect the data from such unauthorized access and protect your business from potential penalties? Every employee who accesses business contacts on their iPhone needs to be managed by a mobile device management system. This is the only way you can ensure that you meet data protection requirements. In particular, the EU’s GDPR.

With Cortado MDM, mobile device management is quick and easy to set up. The areas on devices used for business and private purposes, including business and private contacts, can be separated from each other. A policy prevents the exchange of data between managed and non-managed apps. Cortado ensure that the contacts used for work purposes are therefore not transferred to the Clubhouse app and its servers.

The procedure here is very similar to securing WhatsApp. For more information on that, make sure you read our blog articles WhatsApp GDPR: Business Use in Accordance with GDPR and Ready for the EU’s GDPR with Managed Contracts.

So, make sure that you fully secure your data, the data of your employees, as well as their contacts when it comes to data protection.

If you are interested in a non-binding consultation, then simply drop us a line at [email protected]. We’ll be happy to answer any of your questions.