Dive Brief:
- Temu is facing another class action lawsuit which alleges that the fast fashion giant misled consumers about the scope and reach of its data access and collection and intentionally loaded dangerous malware and spyware onto users’ devices, according to court documents filed last week.
- Attorneys for the plaintiffs claim that Temu collects data “beyond what is necessary for an online shopping app,” including biometric information such as facial characteristics, voiceprints and fingerprints. The lawsuit quotes experts who said that Temu gains access to “literally everything on your phone,” and the suit further alleges that Temu is able to read private messages, make changes to a phone’s settings and track notifications.
- The complaint also argues that Temu misled users regarding the scope of the data collected, as well as the ways the data had been used.
Dive Insight:
The case, filed in the United States District Court Northern District of Illinois, comes on the heels of a similar class action case filed in September. That case, which is ongoing, alleged that Temu failed to secure its customers’ personal and financial data, wiretapped the electronic communications of its website visitors, and failed to alert customers of a data breach.
The new complaint cites experts who have studied the Temu app and concluded that it “is purposefully and intentionally loaded with tools to execute virulent and dangerous malware and spyware activities on user devices.” The complaint further alleges, “great efforts were taken to intentionally hide the malicious intent and intrusiveness of the software.”
Attorneys representing the plaintiffs also argue that Temu has sought to maximize its access to user data through “unfair and deceptive trade practices” by manipulating users to recruit others to join the app by offering prizes and discounts for referring friends.
More generally, the lawsuit claims that Temu’s low-priced products entice users to the platform.
The complaint additionally references an ongoing congressional investigation into Temu’s sourcing practices, which asked the company to provide information into its compliance with the 2021 Uyghur Forced Labor Prevention Act, a law that bans products from Xinjiang region in China.
Temu is owned by PDD Holdings, based in China. Last week’s complaint states that because Temu is a China-based company, the government of China can demand data possessed by, controlled by, or accessible to entities in the country at any time under the country’s law.
Prior to Temu, PDD Holdings had another online shopping app, Pinduoduo. In March, Pinduoduo was suspended from the Google Play Store due to the presence of malware on the app which exploited vulnerabilities in Android operating systems.
"The class-action lawsuit's allegations are largely derived from a report by a short-selling firm, which has vested commercial interests in disseminating negative misinformation," a Temu spokesperson said in an email to Fashion Dive. "We strongly oppose the allegations contained within it. Furthermore, the same law firm has recently initiated class-action lawsuits against companies such as Amazon and Apple."
Though filed in Illinois, the class action complaint is nationwide and alleges violations of the Computer Fraud and Abuse Act, Electronic Communications Privacy Act, and the Massachusetts Wiretap Act, among others. Plaintiffs named in the complaint are from Illinois, California, Massachusetts and Virginia.
Editor’s note: This story has been updated with a comment from a Temu spokesperson.
