Clubhouse, the invitation-only chatroom app, has been gaining popularity in recent months. The iOS app now has over 8 million downloads, and boasts such high-profile users as Elon Musk, Mark Zuckerberg, Oprah Winfrey, Drake, and Kevin Hart.

But Clubhouse may not be the haven for private discussion it pretends to be.

China-based servers – what could go wrong?

The app’s servers are primarily provided by Agora, a China-based company, which doesn’t support end-to-end encryption for the app’s metadata. That means that (1) any conversations that take place over the app are not secure to begin with; and (2) all of the data processed by the site could potentially be subject to surveillance by the Chinese government. A recent report from the Stanford Internet Observatory related:

The Stanford Internet Observatory has confirmed that Agora, a Shanghai-based provider of real-time engagement software, supplies back-end infrastructure to the Clubhouse App… This relationship had previously been widely suspected but not publicly confirmed. Further, SIO has determined that a user’s unique Clubhouse ID number and chatroom ID are transmitted in plaintext, and Agora would likely have access to users’ raw audio, potentially providing access to the Chinese government. In at least one instance, SIO observed room metadata being relayed to servers we believe to be hosted in the PRC, and audio to servers managed by Chinese entities and distributed around the world via Anycast. It is also likely possible to connect Clubhouse IDs with user profiles.

The shamefully insecure state of the app was demonstrated this past week, when an unidentified user was able to gain access to supposedly private conversations taking place on the app and livestream them elsewhere. After this weekend’s hack, Clubhouse banned the user responsible, but refused to share what steps it was taking to prevent similar attacks from happening again.

What is Clubhouse doing with user data?

Though the company denies storing metadata, industry experts indicate the claim doesn’t hold water. SIO remarked that “the Chinese government could still theoretically tap Agora’s networks and record it themselves. Or Agora could be misrepresenting its data storage practices.” At the very least, SIO also indicated in its report that “Clubhouse’s Privacy Policy states that user audio will be ‘temporarily’ recorded for the purpose of trust and safety investigations.”

According to Bloomberg:

Users of the invitation-only iOS app should assume all conversations are being recorded, the Stanford Internet Observatory, which was first to publicly raise security concerns on Feb. 13, said late Sunday. “Clubhouse cannot provide any privacy promises for conversations held anywhere around the world,” said Alex Stamos, director of the SIO and Facebook Inc.’s former security chief.

The bottom line? Anyone using Clubhouse should not assume their conversations on the app are private.