Temu Watch #2: Under Fire - Compliance and Complaints
Regulatory challenges and merchant protests
Contents
Things that caught our attention
Tech Buzz China’s Ed Sander was a guest on the ‘The Negotiation’ podcast, which was recorded in two episodes. In the first episode, Ed and host Todd Embley discussed ‘The Meteoric Rise of Pinduoduo and Temu’. You can listen to the podcast here.
Luckin Coffee has plans to (further) expand in Southeast Asia and the USA. Read Ed’s summary here.
There is just one week left to book one of the remaining seats on the ‘China’s Breakneck Modernization’ study tour in October with Kaiser Kuo of the Sinica podcast and Ed Sander of Tech Buzz China. Find more information here.
Introduction
As Temu has become more popular and acquired more customers, it has attracted the attention of branch organisations, consumer protection organisations, and regulators. Scrutiny has increased over the past half year. Certainly, there is a lot that Temu can and should improve, and it is responding by shifting gears on compliance.
In this issue of Temu Watch, we explore the challenges Temu has faced regarding compliance and how it is responding. We will also take a closer look at Temu’s penalty system and the changes that were made to this system. Finally, we discuss how these penalties have triggered recurring protests by merchants at Temu’s offices and Temu’s responses.
This report has been compiled from expert interviews facilitated by Six Degrees Intelligence. We also include a video of an interview with tech expert Vincent Nys, who investigated and shared security concerns about the Temu app. Remarkably enough, he is now working with Temu to solve some issues.
As we will see, Temu has been actively responding to issues, but one might question whether they shouldn’t have been compliant from the start. As described in our May article, Temu ‘got on the bus without buying a ticket’. The time to buy the ticket has come.
The first section on data security and the interview with Vincent are accessible to all subscribers. The rest of the report is available for our paid subscribers. Please consider supporting our research (and your knowledge level) by also subscribing.
Ed Sander, Research Editor
Regulatory challenges
TikTok's challenges in the US market do not seem to have affected Shein and Temu's progress and plans. However, Temu has taken preventive measures to address potential regulatory risks. It is accelerating its localisation process in the United States, including strengthening cooperation with local legal teams to ensure that advertising and marketing strategies comply with local regulations. Shein started the globalisation process earlier, gradually replacing local operations and logistics leaders with Chinese Americans or international talents. Although Temu's pace is slower, it is also adjusting progressively.
To cope with regulatory challenges, Temu has adopted a dual strategy. On the one hand, it is well prepared to respond to policy changes, and on the other hand, it is strengthening its compliance management.
Data security
Ever since it arrived in the Western e-commerce space, Temu has faced criticism about its data security.
In March 2023, Pinduoduo was removed from Google for 48 hours because of user privacy concerns (allegations of leaking user data), but access was restored after consultation with the US legal team. This didn’t hurt Temu much because few consumers know the two apps are by the same company.
In April 2024, Temu was banned from advertising for two weeks in France for violating an advertising law.
The European Consumer Organisation BEUC, representing 45 regional European consumer protection organisations, filed a complaint against Temu with the EU. The complaint focuses on trader traceability requirements, rules against manipulative design and transparency around product recommender algorithms.
In May 2024, shortly after the BEUC complaint was filed, Temu was designated a VLOP (Very Large Online Platform) since it was reported to have more than 45 million users in the EU (Temu had 75 million and Shein 108 million users in Europe). [1] As a result, Temu must comply with DSA (Digital Services Act) requirements for accountability and transparency of algorithms.
The consumer protection organisations were also worried about the effect of the combination of low prices and gamification on minors. “Ultimately, the high number of dangerous products sold on Temu by untraceable traders, through manipulative practices and opaque recommender systems, are ingredients of a toxic cocktail likely to impair minors’ privacy, safety, and security.” [2]
In the EU, penalties for confirmed breaches could add up to 6% of the global annual turnover of the parent. Temu sent a statement, describing itself as a “newcomer” to the region and saying it’s been taking feedback from customers, regulators and consumer groups. It claimed to have been adjusting its operations to align with local expectations. [2]
Temu separated its business operations and data management from those of the domestic business. Its operating models and algorithm technologies also differ from the domestic app (Pinduoduo) to avoid possible data security issues. In addition, its business operations and data security management have been independently operated from the domestic app.
The media are full of reports on what’s wrong with the Temu app. But while it is good to be critical, you rarely hear about what Temu is doing to solve the complaints. In a recent podcast, I listened to a discussion with Vincent Nys, a Belgian IT specialist, about the issues with Temu’s app. [3] I noticed how Vincent mentioned that Temu had done a lot to improve, but the presenter quickly skipped over this remark. So, I decided to contact Vincent. I pointed out some unfounded assumptions in his claims, and we agreed to do an interview about the security issues with Temu and what has changed.
Early 2023, Vincent screened the code of Temu’s Android app (version 1.55) and found a number of worrying things that Temu could do on your phone: [4]
check a list of your Wi-Fi networks
records audio (denied by Temu)
check your photos
make screenshots (denied by Temu)
install software
transfer your contact list
unlock your phone at night (denied by Temu)
Temu’s official response, one week after the media storm that started March 21st 2024 was: [5]
Temu collects information for the sole purpose of providing and improving its e-commerce service to users. Temu’s data practices are no different from those of other apps like Amazon or Etsy. The Temu app collects less user information than other apps like Amazon. Temu does not ask for system permissions to access things like your photos, contacts, or location. Temu does not sell customer data. Temu does not share payment information with its merchants or logistics partners. When customers use payment methods like Apple Pay or PayPal, Temu receives no payment information. The Temu app is available for download from the Apple App Store and the Google Play Store. Both the App Store and Google Play have strict measures in place to ensure the app's integrity and the user's security.
By the time of the response, Temu had already moved to version 2.53 of the app.
In the interview below, available as video and podcast, Vincent and I discuss these security issues, how the app has improved and how Temu actively seeks cooperation to enhance compliance.
The rest of this report is available to paid subscribers.