We have repeatedly warned our readers about the risks associated with TikTok. We are reminding our readers that the popular Temu app raises the same concerns.

The risks have prompted almost two dozen attorneys general to file lawsuits against Temu, alleging that it is “dangerous malware” that secretly monetizes user data in an unauthorized manner.

Arkansas Attorney General Tim Griffin filed one of the first lawsuits against Temu on June 25, 2024, alleging that the app:

[I]s purposefully designed to gain unrestricted access to a user’s phone operating system, including, but not limited to, a user’s camera, specific location, contacts, text messages, documents, and other applications. Temu is designed to make this expansive access undetected, even by sophisticated users. Once installed, Temu can recompile itself and change properties, including overriding the data privacy settings users believe they have in place. Even users without the Temu app are subject to Temu’s gross overreach if any of their information is on the phone of a Temu user. Temu monetizes this unauthorized collection of data by selling it to third parties, profiting at the direct expense of Arkansans’ privacy rights.

The lawsuit claims that Temu was “the most downloaded app in the United States” in 2023, “with users spending almost twice the amount of time on its platform than on rival Amazon.” It then provides several concerns and risks associated with downloading Temu, including:

• Apple suspending Temu from the App Store “for misrepresentations Temu made regarding the types of data Temu can access or collect from users” including how it collects and uses the data.
• Google suspending the Pinduoduo app (another app designed by the Temu app’s owner) from its Google Play app store in March 2023 because it contained malware.
• Security researchers concluding that the Temu app is purposefully and intentionally loaded with tools to execute virulent and dangerous malware and spyware activities on user devices that have downloaded and installed the TEMU app.
• Temu collecting a shocking amount of sensitive user data beyond what is necessary for an online shopping app. Some examples include users’ granular location using the Global Positioning System and even biometric information such as users’ fingerprints.
• Temu having “a complete arsenal of tools to exfiltrate virtually all the private data on a user’s device and perform nearly any malign action upon command trigger from a remote server gaining access-without permission or even notice-to ‘literally everything on [a user’s device].’”
• The Temu app’s code, purposely designed to evade front-end security review and change once it has been downloaded to a user’s phone.
• Great efforts taken to intentionally hide the malicious intent and intrusiveness of the software.

If these facts are not enough to deter you from downloading or removing the app from your phone, here is another chilling article to review, one of many others just like it. The bottom line is to understand the risks before you download or maintain the Temu app on your device. Take a look at the Arkansas complaint against Temu and the most recent one this week filed by the Attorney General of Kentucky to dig deeper into the facts behind the app.