Virginia Attorney General Jason Miyares has joined a 21-state coalition in demanding answers from online retailer Temu regarding its alleged ties with the Chinese Communist Party, data collection and sharing practices, and possible violations of the Uyghur Forced Labor Prevention Act.
“Virginians deserve to know if their personal data is being funneled to a foreign government and if they’re purchasing items manufactured on the backs of exploitative Uyghur slave labor,” Miyares said. “We won’t stand by while any company, especially one with ties to the Chinese Communist Party, deceives our citizens.”
In a letter sent Thursday to the president of Temu and the CEO of PPD Holdings Inc., Temu’s parent company, the attorneys general outlined their concerns with the company’s business practices following reports that the company may not be following federal law or various state consumer protection laws.
Last year, the U.S. House Select Committee on the Chinese Communist Party revealed disturbing information about Temu’s failure to comply with American laws prohibiting the use of forced labor by Uyghurs. The company admitted that it “does not have a policy in place to prohibit the sale of goods from Xinjiang – the location of the CCP’s ongoing genocide against the Uyghurs.” Then, Temu took it a step further, claiming that the company is not subject to the UFLPA.
The same House Select Committee also found that Temu has no real compliance system and concluded that “shipments from Temu containing products made with forced labor are entering the United States on a regular basis, in violation of the UFLPA.”
The attorneys general are asking Temu to answer the following questions within the next 30 days:
- Does Temu or PDD Holdings collect U.S. consumer data? If so, please explain the type of data collected from U.S. consumers, including but not limited to data regarding consumer preferences, biometric data, political leanings, health data, race, religion, or sex. Please explain the rationale for the different types of data collected and the manner in which you notify consumers of the type of data collected.
- How is U.S. consumer data retained and stored? Please provide documentation of Temu’s or PDD Holdings’ cybersecurity and data retention and storage policies for U.S. consumer data. What security measures are in place to prevent unauthorized third parties from accessing U.S. consumer data acquired or retained by Temu?
- Has the CCP, or any of its officials, members, or affiliates, required or requested that Temu or PDD Holdings turn over any data collected on U.S. citizens? If so, please state how many directives or requests you received and explain what data was requested and whether any (or all) data was turned over to the CCP.
- What consumer data does Temu or PDD Holdings retain when an individual consumer requests their data be deleted, or their account deactivated?
- Does Temu or PDD Holdings sell U.S. consumer data? If so, who does Temu or PDD Holdings sell that consumer data to, and are any measures employed to safeguard the identities of U.S. consumers? What percentage of profits are attributable to retail sales, and what percentage of profits are attributable to data sold to third parties?
- Various reports indicate that several former CCP members are on PDD Holdings’ executive leadership team. Do these members have access to any U.S. consumer data possessed or acquired by Temu? If so, please explain the nature of the members’ access to that data.
- How does Temu certify that the products sold on its platform are not produced by slave labor?
- Please identify all measures Temu has taken in the past and any measures currently being employed, including but not limited to any internal or external audits, or any rules and guidelines imposed on third party vendors or suppliers.
- How does Temu warrant to consumers that products sold on its platform do not involve the use of slave labor?
- CNN reports that Temu’s sister app (Pinduoduo), also owned by PDD Holdings, was removed from Google Play in 2023 after experts discovered malware that could be used to spy on users. Did the same app developer create the Temu app? Please explain in detail all measures Temu has taken in the past and any measures currently being employed to ensure the app is free of malware or any other programs that would allow Temu or anyone else to spy on U.S. users.
- What steps do Temu or PDD Holdings take to notify consumers that products sold on its platforms are subject to safety recalls? What steps do Temu or PDD Holdings take to warrant to consumers the safety of products sold on its platforms?
In addition to Virginia, attorneys general from Alabama, Alaska, Florida, Georgia, Idaho, Indiana, Iowa, Kansas, Louisiana, Mississippi, Missouri, Montana, Nebraska, New Hampshire, North Dakota, Oklahoma, South Carolina, South Dakota, Tennessee and West Virginia also joined the letter.