TDThe Nigeria Data Protection Commission (NDPC), the nation’s primary regulator for data privacy, has announced a formal investigation into Temu, the fast-growing global e-commerce platform, over alleged breaches of the Nigeria Data Protection Act (NDP Act), 2023.
The NDPC disclosed that the probe was ordered by its National Commissioner/CEO, Dr. Vincent Olatunji, after mounting concerns about Temu’s handling of personal data.
Key issues flagged include online surveillance through data processing, accountability gaps, failure to meet data minimisation requirements, lack of transparency, inadequate duty of care, and questionable practices in cross-border data transfers.
Preliminary findings reveal that Temu processes the personal information of approximately 12.7 million Nigerians, while operating with an estimated 70 million daily active users globally.
The Commission cautioned that data processors acting on behalf of controllers without verifying compliance with the NDP Act could face liability under the law.
The press release was signed by Babatunde Bamigboye Esq., CDPRP, Head of Legal, Enforcement & Regulations.
It underscores the gravity of the matter and signals the NDPC’s intent to enforce Nigeria’s data protection framework with vigor.
Broader Implications
This investigation represents one of the most high-profile enforcement actions since the NDP Act came into effect in 2023.
It highlights Nigeria’s determination to assert digital sovereignty and protect citizens’ rights in an era where global e-commerce platforms are expanding aggressively into African markets.
Temu, known for its low-cost products and rapid market penetration, has faced scrutiny in other jurisdictions over its data practices.
The NDPC’s move places Nigeria among countries taking a firm stance on consumer privacy.
It aligns with global trends where regulators are increasingly holding tech and e-commerce giants accountable.
The outcome of this probe could set a precedent for how foreign digital platforms operate within Nigeria’s regulatory environment.
It may also influence how businesses approach compliance with the NDP Act, especially regarding transparency and cross-border data transfers.
For millions of Nigerian users, the investigation raises critical questions about how their personal data is being collected, stored, and shared — and whether adequate safeguards are in place to protect them from misuse.
