The Nigeria Data Protection Commission (NDPC) has launched an investigation into the data processing activities of Temu, following allegations of possible violations of the Nigeria Data Protection (NDP) Act.
The National Commissioner of the Commission, Vincent Olatunji, ordered the immediate probe on Monday amid growing concerns over the platform’s handling of personal data belonging to Nigerian users.
According to the Commission, the investigation was triggered by issues bordering on online surveillance through personal data processing, accountability, data minimisation, transparency, duty of care, and cross-border data transfers.
In a statement signed by the commission’s Head, Legal, Enforcement and Regulations,Babatunde Bamigboye, Preliminary findings indicate that Temu processes personal information of about 12.7 million data subjects in Nigeria, while recording an estimated 70 million daily active users globally.
Olatunji cautioned that data processors who handle personal information on behalf of data controllers without first verifying their compliance with the NDP Act risk being held liable under the law.
The NDPC reaffirmed its commitment to enforcing data protection regulations and ensuring that organisations operating within Nigeria comply fully with statutory requirements governing the collection, storage and transfer of personal data.
