Temu has been accused of violation of the National Data Protection Act in its activities.
The allegation was levelled at Temu by the federal government who has ordered immediate investigation into the data processing activities of the e-commerce platform.
The National Commissioner/CEO of the National Data Protection Commission, Dr Vincent Olatunji, announced the development via a statement he released where he stated that there were concerns around online surveillance through personal data processing, accountability, data minimisation requirement, transparency, duty of care and cross-border data transfer concerning Temu.
In the statement issued on Monday, Olatunji said preliminary investigations indicated that Temu processed personal information of approximately 12.7 million data subjects in Nigeria, with 70 million daily active users globally.
The National Commissioner warned that processors who engage in processing activities on behalf of data controllers without verifying their compliance with the NDP Act may be liable under the NDP Act.
But NDPC said the invisible trail of personal data they leave behind has become a focal point for national security and individual privacy.
Report added that the commission is investigating whether Temu’s app permissions—which often include access to contacts, photos, and location—align with the simple act of buying and shipping a product.
“If a platform asks for ‘Point A’ but records ‘Points B through Z’, it violates the principle of data minimization”, Daily Trust quoted a senior staff within the NDPC as saying.
“Nigerian users have the right to know exactly how their data is being used, who it is being shared with, and how long it will be stored. Accountability ensures that if a breach occurs, there is a clear trail of responsibility. The NDPC is probing whether Temu’s privacy policies are sufficiently transparent for the average Nigerian consumer or if they are buried under layers of complex legal jargon,” the publication cited another one.
