NDPC Orders Investigation Into Temu Over Alleged Breach of Nigeria Data Protection Act
- The NDPC has ordered an immediate investigation into Temu over possible violations of the Nigeria Data Protection Act.
- The commission identified concerns around online surveillance, transparency, data minimisation, and cross-border data transfers
- While Temu has not issued a response, the NDPC warned that processors who fail to verify compliance with the NDPA could face legal consequences
Oluwatobi Odeyinka is a business editor at Legit.ng, covering energy, the money market, technology and macroeconomic trends in Nigeria.
The National Data Protection Commission (NDPC) has launched an immediate probe into the e-commerce platform Temu over alleged breaches of the country’s data privacy law.
Source: UGC
The country’s data protection regulator said it commenced an investigation into Temu following concerns that the company’s data processing practices may contravene the Nigeria Data Protection Act (NDPA), Business Day reported.
In a statement, Vincent Olatunji, national commissioner and chief executive officer of the commission, said preliminary findings pointed to possible violations involving online surveillance, accountability, data minimisation, transparency, duty of care, and cross-border transfer of personal data.
Over 12 million Nigerian users on Temu
Temu, which reportedly processes personal information for about 12.7 million users in Nigeria and records roughly 70 million daily active users globally, is now under regulatory scrutiny.
The commission also cautioned that data processors acting on behalf of data controllers without confirming compliance with the NDPA risk facing legal consequences under Nigerian law.
Babatunde Bamigboye, head of legal, enforcement and regulations at the NDPC, stressed that all digital platforms operating within Nigeria must comply with the provisions of the data protection framework.
Bamigboye noted that non-compliance could trigger enforcement measures.
The investigation follows increasing concerns over how foreign e-commerce platforms collect, store, and transfer users’ personal information, especially across national borders.
Last year, the European Union accused the Chinese-founded online shopping company of breaking the bloc's digital rules by not "properly" assessing the risks of illegal products.
EU regulators argued that Temu was not doing enough to protect European consumers from dangerous products and that it may not be acting sufficiently to mitigate risks to users.
MultiChoice faces N766m fine for breaking data privacy act
Meanwhile, Temu is not the first foreign company to come under the scrutiny of the NDPC in recent times. The commission recently fined MultiChoice the sum of N766.24 million for violating data privacy laws and processing data of Nigerian subscribers and even non-subscribers.
NPDC found MultiChoice’s actions intrusive and disproportionate, and deemed its remedial steps unsatisfactory. It therefore ordered a compliance audit of all MultiChoice data collection channels in Nigeria.
Source: UGC
FG launches tool for Nigerians to report breaches
Legit.ng earlier reported that the federal government launched the Nigerian Data Protection Act General Application and Implementation Directive (NDP ACT-GAID), in the quest to safeguard the rights of Nigerians to data privacy and protection.
The government also unveiled a tool that allows Nigerians to immediately report suspected breaches in applications or websites to the NDPC
The Act includes provisions that cover areas like Lawful Bases of Data Processing, Data Protection Principles, Data Subjects’ Rights, Material and Territorial Scope of the NDP Act, Data Ethics and Emerging Technologies.
Source: Legit.ng
