Chinese shopping app ‘is spying on Western customers’

The popular shopping app Temu has been accused of spying on Western customers’ text messages by a US state.

Prosecutors in Arkansas have sued the company, claiming the ecommerce service in fact functions as “malware and spyware” that can access contacts and text messages. Temu denies the allegations.

The business, run by Chinese-owned PDD Holdings, has exploded in popularity in the last two years by offering free delivery and cut-price goods shipped directly from China.

US congress has already raised concerns about the company and its rival Shein, which is planning a London Stock Exchange listing, over whether forced labour is used in their supply chains.

Tim Griffin, Arkansas’s attorney general, sued the company this week for breaking state privacy and deceptive trade laws.

He said: “Temu is not an online marketplace like Amazon or Walmart. It is a data-theft business that sells goods online as a means to an end.

“Though it is known as an ecommerce platform, Temu is functionally malware and spyware. It is purposefully designed to gain unrestricted access to a user’s phone operating system. It can override data privacy settings on users’ devices, and it monetizes this unauthorised collection of data.”

Mr Griffin also claimed that “Temu is led by a cadre of former Chinese Communist Party officials, which raises significant security risks to our country and our citizens”.

The lawsuit repeated several claims by Grizzly Research, an investment company that has taken out a short selling position against US-listed PDD. Grizzly Research has claimed that the app has “hidden functions that allow for extensive data exfiltration unbeknownst to users”.