Nigeria’s Data Protection Commission (NDPC) has opened an investigation into Chinese-owned e-commerce firm Temu amid concerns about its data-handling practices. The NDPC said the probe was prompted by worries over online surveillance tied to personal data processing, accountability, compliance with data minimization rules, transparency, duty of care, and cross-border transfers.
The inquiry was ordered by NDPC chief Vincent Olatunji as Temu expands rapidly in one of Africa’s biggest markets. Olatunji warned that data processors who fail to comply with the Nigeria Data Protection Act of 2023 could face legal liability. Preliminary checks by the commission indicated Temu handled personal data for roughly 12.7 million Nigerians.
Temu has faced scrutiny in several other jurisdictions. Last October the European Commission opened an investigation after concluding Temu had not done enough to prevent illegal products from being sold; Irish authorities later searched its EU offices in Dublin. In the United States, multiple states have alleged breaches of data protection rules. Arizona’s attorney general has claimed the app tracked users’ movements extensively and suggested data could be compelled to be shared with Chinese authorities, warning that such tracking could reveal visits to doctors, libraries, political events and private homes.
The NDPC’s action adds Nigeria to a growing list of regulators scrutinizing Temu’s practices, reflecting broader international concerns about user privacy, product compliance and cross-border data flows.
Edited by: Louis Oelofse