Chinese e-commerce platform Temu has pledged to cooperate with Nigerian authorities after the country’s data regulator launched a formal investigation into its data-processing activities, adding fresh pressure to a company that has already paid nearly $3 million in penalties across other jurisdictions.
Nigeria’s National Data Protection Commission (NDPC) this week ordered an immediate probe into Temu’s operations under the Nigeria Data Protection Act (NDPA) 2023, citing potential breaches related to online surveillance, accountability, data minimisation, transparency, duty of care and cross-border data transfers.
Preliminary regulatory findings indicate that the company processes the personal information of approximately 12.7 million Nigerian users, part of its roughly 70 million daily active users worldwide.
Read more: NDPC launches probe into Temu over alleged data protection breach
Responding to the development, Temu said it remains committed to compliance.
“At Temu, protecting user privacy and data security is a top priority. We are committed to complying with applicable laws and regulations in our data practices. We will continue to engage in open and constructive dialogue with the NDPC to address any questions or concerns,” the company said in a statement provided to regulators and the media.
The company has not yet provided further details on the specific issues raised by the commission.
Nigeria’s investigation comes after enforcement actions in other markets. In May 2025, South Korea’s Personal Information Protection Commission fined Temu approximately $978,000 over violations including undisclosed cross-border data transfers and inadequate oversight of third-party processors.
In September 2025, the U.S. Federal Trade Commission imposed a $2 million civil penalty under the INFORM Consumers Act, accusing the company of failing to provide clear information about high-volume third-party sellers and not offering adequate reporting mechanisms for suspicious or counterfeit goods.
Read more: Jumia bullish on Egypt rebound, sees easing competitive pressure from Temu
Meanwhile, the European Commission has issued preliminary findings that Temu may have breached the Digital Services Act, with potential fines that could reach up to six percent of global annual turnover if violations are confirmed.
Together, confirmed penalties in South Korea and the United States amount to nearly $3 million, while exposure in Europe remains unresolved.
Nigeria’s regulatory signal
The NDPC has warned that organisations found in violation of the NDPA will face enforcement actions, including fines and sanctions. The commission also cautioned that data processors acting on behalf of controllers could be held liable if they fail to verify compliance with Nigerian law.
Nigeria has in recent years stepped up enforcement of its data protection regime, signalling that global digital platforms operating in its market are expected to meet the same standards applied elsewhere.
For Temu, the Nigerian probe represents both a regulatory test and a reputational challenge in Africa’s largest economy. With millions of local users and a fast-growing e-commerce base, the country is a significant market for the platform’s low-cost, high-volume marketplace model.
The NDPC has not announced a timeline for concluding its investigation. For now, Temu’s public stance centres on cooperation and compliance, as scrutiny of its global operations continues to widen.
Join BusinessDay whatsapp Channel, to stay up to date
Open In Whatsapp
