The Nigeria Data Protection Commission (NDPC) has commenced an investigation into the Chinese data processing operations of e-commerce platform Temu over suspected violations of the Nigeria Data Protection (NDP) Act.
The directive was issued by the NDPC’s National Commissioner and Chief Executive Officer, Vincent Olatunji, who ordered an immediate review of the company’s activities.
The statement was signed by Babatunde Bamigboye, Head of Legal, Enforcement, and Regulations at the NDPC.
According to the Commission, the probe was prompted by concerns relating to alleged online surveillance practices involving personal data processing, as well as issues surrounding accountability, data minimization, transparency, duty of care, and cross-border data transfers.
Preliminary findings suggest that Temu processes the personal information of approximately 12.7 million data subjects in Nigeria and records about 70 million daily active users globally.
The National Commissioner also cautioned data processors handling information on behalf of data controllers to ensure strict compliance with the NDP Act. He warned that processors who fail to verify their clients’ adherence to the law could face liability under the Act.
