Last week Arkansas Attorney General Tim Griffin sued Chinese e-commerce platform Temu for

The A.G.’s legal team brought the lawsuit under the Arkansas Deceptive Trade Practices Act, which carries a penalty of $10,000 per violation.

Temu is marketed as an online shopping platform launched in 2022, and it is widely regarded as similar to Amazon or In 2023, the Temu was reported to be the most widely downloaded app in the U.S., and its multibillion dollar marketing campaign — which included an advertisement during the 2024 Super Bowl — has contributed to its success.

But as a Chinese-based tech company, the Arkansas Attorney General’s office has pointed out that security and privacy experts are concerned about Temu.

The A.G.’s lawsuit asserts that Temu “collects a shocking amount of sensitive user data” beyond what is necessary for an online shopping app — including users’ GPS locations and fingerprint data. The lawsuit alleges that the Temu app is able to bypass phone security systems, which potentially grants Temu access to a user’s private messages.

The A.G. says these security concerns are compounded by the fact that Temu is owned by a Chinese company subject to Chinese laws — including “laws that mandate secret cooperation with China’s intelligence apparatus regardless of any data protection guarantees existing in the United States.”

The A.G.’s allegations against Temu are very similar to points the A.G.’s office has made in its lawsuits against TikTok — a widely popular social media platform that is also owned by a Chinese company.

Below is a statement from Attorney General Tim Griffin regarding the lawsuit against Temu.

Griffin: ‘Temu is not an online marketplace like Amazon or Walmart. It is a data-theft business that sells goods online as a means to an end’

LITTLE ROCK – After announcing he is suing Chinese e-commerce company Temu for violations of the Arkansas Deceptive Trade Practices Act (ADTPA) and the Arkansas Personal Information Protection Act (PIPA), Attorney General Tim Griffin issued the following statement:

“Temu is not an online marketplace like Amazon or Walmart. It is a data-theft business that sells goods online as a means to an end. Today I have filed a first-of-its-kind state lawsuit against the parent companies of Temu—PDD Holdings Inc. and WhaleCo Inc.—for violating the ADTPA and PIPA. Though it is known as an e-commerce platform, Temu is functionally malware and spyware. It is purposefully designed to gain unrestricted access to a user’s phone operating system. It can override data privacy settings on users’ devices, and it monetizes this unauthorized collection of data.

“While this is the first state lawsuit against Temu over its deceptive trade practices, it is not the first time Temu’s tactics have been called into question. Apple suspended Temu from its digital app store in 2023, prompting multiple investigations into the company’s dealings, including an ongoing investigation being conducted by the U.S. Congress. 

“Temu is led by a cadre of former Chinese Communist Party officials, which raises significant security risks to our country and our citizens. For my part, I will aggressively fight Temu’s efforts to profit at the expense of Arkansans’ privacy rights.”

The lawsuit, filed in Cleburne County Circuit Court, seeks an order enjoining Temu’s deceptive trade practices and violations of users’ privacy, imposing civil penalties, and providing all other monetary and equitable relief to which the State is entitled.

To read a copy of the lawsuit, click here.

For a printer-friendly version of this release, click here.