Nigeria’s data protection regulator has opened an investigation into Chinese e-commerce platform Temu over concerns about the handling of personal data belonging to millions of Nigerians.
The probe was ordered by Dr. Vincent Olatunji, National Commissioner and Chief Executive Officer of the Nigeria Data Protection Commission (NDPC), following preliminary findings that the platform processes personal information of approximately 12.7 million Nigerians.
In a statement signed by the Commission’s Head of Legal, Enforcement and Regulations, Babatunde Bamigboye, the NDPC cited concerns related to transparency, accountability, data minimisation, online surveillance and cross-border data transfers.
“Preliminary investigations indicate that Temu processes personal information of approximately 12.7 million data subjects in Nigeria with 70 million daily active users globally,” the Commission said.
The regulator stated that the scale of data collection raises questions about compliance with the Nigeria Data Protection Act (NDPA) 2023.
Dr. Olatunji also warned data processors handling information on behalf of other organisations to verify that their clients comply with Nigerian privacy laws, noting that processors could face liability for unlawful processing activities.
The investigation follows heightened enforcement activity by the NDPC. In August last year, the Commission launched a sector-wide compliance review targeting 1,369 organisations across banking, insurance, pensions and gaming industries. The companies were given 21 days to demonstrate compliance with the NDPA or face potential sanctions.
The latest probe signals increasing regulatory scrutiny of global digital platforms operating in Nigeria, particularly those managing large volumes of consumer data across borders.
