Arizona has become the latest state to sue Temu and its parent company PDD Holdings Inc. The lawsuit, announced by Arizona Attorney General Kris Mayes on Tuesday, focuses on allegations that the Chinese online retailer is stealing customers’ data. Mayes stated that the app misleads customers about the quality of its inexpensive products while secretly collecting an extensive amount of sensitive data without user consent. This collected information includes GPS location data and a list of other applications installed on users’ phones.
A major concern outlined in the lawsuit is that Temu is subject to Chinese laws that could require the company to surrender data to the Chinese government upon request. Furthermore, the state is concerned that the application’s code is designed to evade standard security reviews. Mayes emphasized the extensive nature of the privacy violation, noting that the app can track a user’s movements to sensitive locations like a doctor’s office, a public library, political events, and private residences. She called the alleged data theft possibly the gravest violation of the Arizona Consumer Fraud Act ever seen in the state.
Beyond privacy concerns, Arizona’s top prosecutor also wants to protect local businesses from being harmed by the online retailer. The state alleges that the company has copied the intellectual property of various brands, including prominent entities such as the Arizona Cardinals and Arizona State University. This legal action in Arizona follows similar lawsuits filed in recent years by attorneys general in other states, including Kentucky, Nebraska, and Arkansas, all raising comparable issues with the platform.
While there have been some legislative attempts at the federal level to address China’s influence, particularly regarding technology and intellectual property, Mayes suggested that greater intervention by the federal government is necessary to adequately protect American consumers. In her remarks, Mayes deemed the allegations against Temu to be more serious than those that have been made against the popular social media platform, TikTok, highlighting the severity of the alleged violations.
A forensic review conducted by Arizona investigators revealed concerning aspects within the application’s code. Experts identified portions of the code as being similar to malware or spyware, designed to secretly exfiltrate data from a user’s mobile device while simultaneously concealing this activity. The review also found that the app contained large sections of code that had previously been banned from the platform’s precursor application. In response to these findings, Mayes strongly advised all Arizonans to immediately delete their Temu accounts, uninstall the app from their devices, and run a scan for any potential malware.
Reference:
