Nigeria’s data protection regulator has opened a formal investigation into Chinese-owned e-commerce platform Temu, putting one of the world’s fastest-growing online marketplaces on notice that aggressive data harvesting strategies that have faced little accountability elsewhere will not be tolerated in Africa’s largest internet market.
The Nigeria Data Protection Commission (NDPC) ordered an immediate probe into Temu’s data processing activities on Sunday, February 16, 2026, citing concerns over possible online surveillance, accountability deficits, failure to uphold data minimisation principles, lack of transparency, inadequate duty of care, and questionable cross-border data transfers involving the personal information of an estimated 12.7 million Nigerian users.
Temu confirmed receipt of the inquiry on February 17, 2026, and indicated it would cooperate. “At Temu, protecting user privacy and data security is a top priority. We are committed to complying with applicable laws and regulations in our data practices. We will continue to engage in open and constructive dialogue with the NDPC to address any questions or concerns,” the company said.
The investigation carries serious financial consequences. Under the Nigeria Data Protection Act (NDP Act) of 2023, companies found in breach face substantial fines. The NDPC demonstrated its willingness to act in July 2025, when it imposed a 766.24 million naira fine on MultiChoice Nigeria, Africa’s largest pay-TV operator, following a year-long probe into intrusive data processing and illegal cross-border transfers.
The NDPC’s enforcement record extends well beyond that single case. In March 2025, the Commission ordered investigations into TikTok and Truecaller over their data practices. A separate 32.8 million dollar fine against Meta over behavioural advertising was resolved through a consent judgment in October 2025, with Meta committing to specific corrective privacy measures for Nigerian users. The Commission probed more than 1,369 firms last year for data infractions and launched sector-wide audits targeting fintechs and other high-risk processors.
The NDPC also placed local businesses on alert, warning that delivery companies, payment processors, and other Nigerian firms working with Temu could face direct liability under the NDP Act if they did not independently verify the platform’s compliance before entering into data-processing arrangements on its behalf.
Temu faces parallel scrutiny beyond Nigeria. South Africa’s National Consumer Commission launched a formal investigation into Temu and Shein in late 2025, probing compliance with the Consumer Protection Act and raising concerns over the companies’ reliance on algorithms and data-mining practices to drive consumer engagement.
Temu, owned by Nasdaq-listed PDD Holdings, operates a heavily discounted online marketplace spanning fashion, electronics, and household goods that has expanded rapidly in Nigeria over the past two years. The platform recorded approximately 70 million daily active users globally at the time of the NDPC’s announcement.
