The popular shopping app Temu is facing growing questions about user privacy amid lawsuits from several states that allege the company collects large amounts of personal information without consent.

Temu, which launched in 2022 and is owned by a Chinese company, quickly became known for low‑cost clothing and gadgets. But some cybersecurity experts say the bargains may come with risks.

"People are opting in and signing up, downloading this app, not realizing that they're being surveilled," cybersecurity expert Scott Schober said. "Their location, some of the content, some of things they search, that all goes out the window when you give them permission."

Attorneys general in four states are suing the company's parent firm. One lawsuit in Arizona alleges the app will "collect users' sensitive personally identifiable information ('PII') without their knowledge or consent." The complaint also says "the Temu app is purposely designed to evade detection—even going so far as being able to reconfigure itself and its properties on an individual's phone without anyone's knowledge."

Schober said the concerns are serious. "They modify the code once it gets onto the phone so they can't be detected," he said. "If they alter it so it can't be detected that they're surveilling and pulling in information, to me, I would just avoid the platform."

In a written statement, Temu said, "Temu has always been transparent about our data practices, which align closely with those of other leading e‑commerce platforms. The allegations in the complaints lack merit and we've filed motions to dismiss."