Follow Us on Google
By Chinenye Anuforo
[email protected]
Data breaches are rising globally and individual nations are taking steps to tackle the menace.
In the country, the Nigeria Data Protection Commission is fighting to keep cyber criminality in check.
Recently, NDPC announced its decision to investigate global e-commerce platform Temu over alleged data protection breaches and it is being lauded across the country, given that Nigeria’s digital marketplace is growing rapidly.
Already, there is a raging debate on how foreign technology companies collect, process, monetise and transfer the personal data of millions of Nigerian users who increasingly rely on online platforms for shopping, payments and services.
For many consumers drawn to Temu’s ultra-discount pricing, flash sales and heavy social media advertising, the probe raises an important question: what happens to the personal information shared in exchange for convenience and low prices?
The NDPC’s action reflected what industry stakeholders described as a tightening of regulatory oversight within the country’s digital ecosystem.
In recent years, the Commission has repeatedly emphasised that companies operating within Nigeria whether physically present or serving Nigerian users digitally must comply with the country’s data protection laws.
A cybersecurity expert, Obadare Peter Adewale, said the probe signals a maturing regulatory environment.
“This investigation reinforces the message that Nigeria is no longer a passive consumer market for global digital platforms.
“Any company collecting Nigerians’ personal data must demonstrate accountability, transparency and compliance with local data protection obligations”, he said.
He noted that cross-border data transfers remain one of the most complex areas of digital regulation.
“When personal data leaves national jurisdiction, regulatory enforcement becomes more complicated. That is why organisations must clearly disclose how data is collected, where it is stored, who has access to it and the safeguards in place”, he added.
Temu’s rapid growth in Nigeria mirrors broader global expansion. The platform’s business model relies heavily on data-driven advertising, algorithmic product recommendations and personalised marketing, all of which depend on large volumes of user information.
Like most e-commerce platforms, it collects names, phone numbers, email addresses, delivery details, payment credentials, device identifiers and browsing behaviour.
Experts say such data, when aggregated, can create detailed digital profiles of users.
Other News
Data protection advocates argued that while data collection is a normal part of digital commerce, compliance with the nation’s legal framework is non-negotiable.
Digital rights advocate, Gbenga Sesan of Paradigm Initiative, has consistently maintained that strong enforcement strengthens trust in the digital economy.
“Data protection is about protecting citizens’ rights and dignity in the digital age. When regulators take action where necessary, it reassures citizens that their digital rights are not secondary to corporate interests”, he noted.
Beyond Temu, analysts believe the investigation could have far-reaching implications for other international technology companies operating in Nigeria without significant local data infrastructure.
Obadare explained that regulatory action against one major platform often triggers compliance reviews across the sector.
“If compliance gaps are identified and corrective measures imposed, other companies will likely conduct internal audits to avoid similar scrutiny.
“This is how regulatory culture evolves through precedent and consistent enforcement.”
Industry observers also note that local technology startups, fintech firms and telecom operators already operate under significant compliance obligations. Ensuring that foreign platforms are held to the same standards could promote fairness and regulatory parity within Nigeria’s digital economy.
The country’s digital transformation has accelerated in recent years, driven by increased smartphone penetration, improved broadband connectivity and the rise of online financial services. With millions of citizens now transacting, streaming and shopping online daily, personal data has become one of the country’s most valuable economic assets.
In the digital economy, data fuels targeted advertising, predictive analytics, artificial intelligence systems and behavioural profiling. However, cybersecurity professionals warn that weak safeguards can expose users to identity theft, phishing attacks, financial fraud and unauthorised surveillance.
As digital adoption grows, so too does the responsibility of regulators to ensure that innovation does not outpace consumer protection.
Experts say the current probe should also serve as a wake-up call for consumers.
While regulatory investigations are ongoing, users are advised to review privacy policies before signing up for platforms, limit unnecessary data sharing, avoid storing payment details on unfamiliar apps, enable two-factor authentication and regularly monitor bank transaction alerts.
“Digital literacy is as important as digital access. Users must understand that personal data has value. Once shared, control over that data can become limited”, Obadare said.
For regulators, the Temu investigation may become a litmus test of Nigeria’s resolve to assert digital sovereignty in a borderless technological landscape. Enforcement outcomes whether in the form of sanctions, compliance directives or public advisories could shape how global technology companies approach the Nigerian market in the future.
For consumers, the case highlighted a stark reality of the modern economy: while digital platforms offer affordability and convenience, personal data is often the currency that powers the transaction.
