Nigeria Probes Temu Over Massive Data Concerns

Nigeria’s fast-growing e-commerce scene is facing fresh scrutiny as Chinese retail giant Temu comes under investigation for an alleged Temu data breach affecting more than 12.7 million Nigerians. The inquiry, launched by the Nigeria Data Protection Commission, could expose the platform to penalties of up to two per cent of its global annual revenue if violations are confirmed.

The probe marks one of Nigeria’s most significant actions against a foreign digital marketplace operating without a local corporate presence. Officials are now examining how the company collects, transfers and protects customer information at a time when Nigerians rely heavily on online services for everyday transactions.

A statement from the regulator noted that preliminary checks showed the platform processes personal information for millions of users across the country, while attracting about 70 million daily active users globally. One official explained that the goal of the commission was not simply punishment but ensuring compliance. “We could take them through a remedial process; that is, if they cooperate with us,” the source said, stressing that companies willing to correct violations may only face moderate remediation fees.

Regulators Tighten Grip as Temu Data Breach Raises Questions

Although the investigation is still ongoing, officials revealed that decisions would depend on Temu’s cooperation and the final findings. Another senior source emphasised that no penalties had been confirmed yet, noting that the public would receive updates only through official commission channels.

The Nigeria Data Protection Act sets out clear consequences for companies found in breach, including fines reaching two per cent of their annual gross revenue or N10 million, whichever is higher. Yet, regulators insist they prefer corrective measures that push companies to adopt stronger protections rather than resorting immediately to sanctions. “We are not keen on issuing fines. What we want is for entities to do the right thing,” the official added.

The commission has a track record of tough enforcement. In 2025, it fined Meta $32.8 million after a major investigation into privacy violations. That enforcement drive generated over N5.2 billion from more than 200 compliance cases, signalling that the regulator has both the tools and the resolve to act when necessary.

Temu, owned by PDD Holdings, entered Nigeria in late 2024 and quickly became one of the country’s most downloaded shopping apps. Nigerians were drawn in by generous discounts, heavy advertising and its mobile-friendly shopping style. However, the company’s lack of a formal local entity has raised concerns, with analysts suggesting it complicates consumer protection and regulatory oversight.

The company confirmed that it had already received the inquiry from the NDPC. In an email statement, it said: “Protecting user privacy and data security is Temu’s top priority. We are fully committed to Nigerian laws and will maintain open dialogue with the NDPC to resolve all concerns.”