Temu, the Chinese shopping app under scrutiny, is facing serious allegations from the Arkansas Attorney General Tim Griffin. Griffin claims the app is “dangerous malware” that monetizes unauthorized user data, as detailed in a lawsuit filed on Tuesday.
The complaint cites reports suggesting that Temu covertly gains unrestricted access to users’ phone operating systems, including their camera, location, contacts, texts, and documents. Griffin alleges that Temu’s design makes these activities undetectable, even to experienced users.
Potentially risk-laden behaviors include Temu accessing data from people communicating with users of the app, and allegedly selling this data to third parties. Additionally, concerns are raised about the legal obligations of Temu’s parent company, PDD Holdings, to share data with the Chinese government due to local laws.
A report by Grizzly Research last September further fueled the allegations, labeling PDD Holdings a “fraudulent company” and describing Temu as “cleverly hidden spyware.” Griffin posits Temu attracts users with misleading promises of quality goods to gain access to personal data, while the app’s true goal may be to profit from unauthorized data sales.
Temu’s parent company, PDD Holdings, has previously been in trouble for privacy issues with another app in its portfolio, Pinduoduo, which was suspended from Google Play last year for similar privacy concerns.
Responding to the lawsuit, Temu expressed surprise and disappointment. The company issued a statement claiming the allegations are based on misinformation and vowed to vigorously defend itself. They also suggested a willingness to adapt based on constructive criticism, citing their commitment to long-term development.
For more details, refer to the full article on Ars Technica.