NDPC investigates Temu for alleged data breach

 

The Nigeria Data Protection Commission (NDPC) says it will investigate Temu, an e-commerce online marketplace, over an alleged data breach against the Nigeria Data Protection Act (NDPA).

This is contained in a statement by Babatunde Bamigboye, Head, Legal, Enforcement and Regulations of the commission, on Monday in Abuja.

Bamigboye said that Dr Vincent Olatunji, National Commissioner, NDPC, gave the directives following concerns relating to online surveillance, personal data processing practices and compliance obligations under the Act.

He said the probe was triggered by issues surrounding accountability, data minimisation requirements, transparency, duty of care and cross-border transfer of personal data.

Bamigboye said that preliminary findings indicated that Temu processes personal information of about 12.7 million data subjects in Nigeria, while the platform recorded approximately 70 million daily active users globally.

He said the commission warned that data processors, who carried out processing activities on behalf of data controllers without verifying their compliance with the provisions of the NDPA could be held liable under the law.

“Findings on the investigation would be made public as it progressed.”

Bamigboye reiterated the commission’s commitment to protect the privacy rights of Nigerians and ensure that organisations handling personal data operate within the framework of the country’s data protection regulations. (NAN)