BY NKECHI NAECHE-ESEZOBOR—The Nigeria Data Protection Commission (NDPC) has ordered an immediate investigation into the data processing activities of Temu over alleged violations of the Nigeria Data Protection Act (NDP Act).
The directive was issued by the National Commissioner/CEO of the Commission, Dr Vincent Olatunji, following concerns about the platform’s handling of personal data belonging to millions of Nigerian users.
The probe will examine issues relating to online surveillance, transparency, accountability, data minimisation, duty of care, and cross-border data transfers.
In a statement by Head, Legal, Enforcement & Regulations, NDPC, Babatunde Bamigboye, the investigation of Temu was triggered by concerns around online surveillance through personal data processing, accountability, data minimisation requirement, transparency, duty of care and cross-border data transfer. Preliminary investigations indicate that Temu is an e-commerce platform which processes personal information of approximately 12.7 million data subjects in Nigeria with 70 million daily active users globally.
The National Commissioner warned that processors who engage in processing activities on behalf of data controllers without verifying their compliance with the NDP Act may be liable under the NDP Act.
