Riddle Me This: When Is Cheap Stuff Too Expensive?
When the Cheap
Stuff Steals All the Info on Your Phone:
The Terror of Temu,
Part 2
It is astonishing that much of the Digerati is seemingly coming to the defense of Chinese shopping app, Temu. In a post dated, July 7, 2024, Bloomberg, authored by Catherine Thorbecke, and titled "The US Is Going After Temu for the Wrong Reasons," was highly critical of the lawsuit brought by the Attorney General of The State of Arkansas, which was discussed in-depth in The Dispatch, dated June 30, 2024. As seems to be a consistent theme in this rising chorus of Temu defenders, the evidence cited in the Arkansas lawsuit relies too heavily on the published results of Grizzly Research. Grizzly Research is roundly criticized as a short seller who stands to profit if a certain stock declines in value. None of these Temu defenders, who are so critical of the motivations of Grizzly Research, think it relevant to mention the most damning of the findings published by Grizzly Research. According to the findings of Grizzly Research, the Temu app has a compiler function that has the capability of launching other applications besides the Temu shopping app alone.
Another criticism Bloomberg makes about the Arkansas lawsuit is that AG Griffin quotes Kim Komando from a post dated, April 15, 2023, titled, "Get Temu, the popular shopping app, off your phone now." Bloomberg author Thorbecke derisively characterizes Ms. Komanado as a mere "talk show host." The mere talk show host has been a recognized authority of digital technology since 1992. Komando also has written a column for USA Today on all things digital since 2002. Her latest column in USA Today appeared July 4, 2024 with the title, "Don't let AI voice scams con you out of cash," . Neither did Thorbecke address what were the accusations Komando made against Temu in her April 2023 post. Which were:
Temu collects, among other things:
The info you provide,
like your name, address, and phone number.
Details you enter, like
your birthday, photo, and social media profiles.
Your phone or
computer’s operating system and version, IP address, GPS location (if
you allow it), and browsing data.
It also gathers more about you from third-party sources, including Temu sellers, public records, social media, data brokers, credit bureaus, and marketing partners. To make matters worse, Temu does not support two-factor authentication (2FA). That makes your account so much easier for thieves to breach. No Bueno!
Nonetheless, according to Bloomberg's Thorbecke, this is all one more example of the blatant Asian racism so rampant in many circles in the American political culture today. The Bloomberg author makes the valid point that most online resellers, besides selling the goods offered on their websites, also sale information that is collected on its customers. While though certainly true, in two other class action lawsuits filed against Temu, Plaintiffs agree with Komando by making the point that the data collection techniques employed by Temu far exceed those of other online shopping apps, and thus are far more likely to harm consumers. And these alleged victims of Temu intend on proving that claim in courts of law.
Other well respected sources have also sounded the alarm over Temu and its uniquely unscrupulous data collection practices. In a article posted by Politico posted July 24, 2023, and titled, "Booming Chinese shopping app faces Western scrutiny over data security," quoted Jeroen Becker, an analyst for cybersecurity firm NVISO, who had criticized Temu because: “The app was quite complex to look into and has obfuscations, making the code difficult to analyze, which could indicate that they have something to hide.” One focus of the Politico article were issues many IT security professional have about Temu.
Other IT security professionals have also questioned Temu data collection practices. On its website, an article titled, "Temu App Poses Potential Data Risk for Consumers," dated June 30, 2023, Compass IT Compliance posed the key question concerning Temu and how the app performs on users actual systems.
Users should also question the need for e-commerce apps to access Wi-Fi information. If a user is connected to a corporate Wi-Fi, the data could provide a pathway for cybercriminals to infiltrate potentially sensitive information. The question then arises: why does an e-commerce app need such access?
Clearly, if any degree of due diligence and research is done, there is a far greater group of IT professionals who have expressed concern over Temu and how its app actually performs beyond Grizzly Research and Kim Komando. Those journalists, who are acting as cheerleaders for Temu, seem to be practicing journalistic malpractice. Besides the postings noted herein by well respected sources, simply ignoring the fact that three class action lawsuits have been filed against Temu, and dismissing the Arkansas suit out of hand, and without any analysis of the issues raised by AG Griffin, does tend to raise suspicions about the motivations of those Temu boosters. These cases cannot reasonably be ignored in any objective evaluation of Temu.
Besides the lawsuit brought by the Attorney General of The State of Arkansas, which was discussed in-depth in The Dispatch, dated June 30, 2024, three other lawsuits, each predating the Arkansas case, have been filed against Temu. Each are class action lawsuits. These three class action cases were summarized well in a posting made by Romano Law, titled, "The Class Action Suits Challenging Temu’s User Privacy Practices," dated April 12, 2024.
source: https://www.classaction.org/media/hu-v-whaleco-inc.pdf
The first class action lawsuit was filed in the State of New York, September, 20, 2023. This New York action claims Temu caused its customers harm by not taking appropriate measures to secure the personal information of its customers. Temu is accused of not implementing standard security controls that other legitimate online stores do implement in the regular course of their business. This lack of standard security protocols resulted in a serious data breach. Plaintiff outlines this in paragraphs 2 and 3.
2. Plaintiff brings this proposed class action against Defendant for its failure to secure and safeguard its customers' personal data, including name, address, email address, phone number, financial information (credit card information) and biometrics data (fingerprinting), enabling hackers to steal personal and financial data from Defendant and put Class members' personal and financial information at serious and ongoing risk (the "Data Breaches" or "Breaches").
3. The Breaches were caused and enabled by Defendant's knowing violation of its obligations to abide by best practices and industry standards in protecting customers' personal information. Defendant grossly failed to comply with security standards and allowed its customers' financial information to be compromised, all in an effort to save money by cutting corners on security measures that could have prevented or mitigated the Breach.
Among the information that was compromised by the breach "include multiple reports of credit card information and bank information being sold or leaked after use on Temu."[p.4] At paragraph 53, Plaintiff cites warnings by the Better Business Bureau about Temu's data collection techniques, while referencing a report made by CBS News Chicago, dated September 21, 2023.
53. According to a September 15, 2023 CBS Chicago Investigation, entitled "Savings or Scam? BBB warns Temu takes personal info, citing hundreds of complaints," by Dorothy Tucker, the consumer group Better Business Bureau has issued a warning about Temu. Specifically, Temu "collects all kinds of information, from your name, phone number, and address to your birthdate, social media photos, and social security number." "It also automatically collects data from your phone, tablet, or laptop information like the operating system, browsing history, and location data."
Ultimately, Plaintiff Eric Hu, alleges at paragraph 92 that the data collection techniques employed by Temu are in violation of the Federal Wiretap Act, 18 U.S.C. §§ 2510, which prohibits the interception of "any wire, oral, or electronic communications without the consent." Futhermore, Plaintiff maintains his cause is righteous because of the provision below:
The statute confers a civil cause of action on "any person whose wire, oral, or electronic communications is intercepted, disclosed, or intentionally used in violation of this chapter." 18 U.S.C. § 2520(a).
At paragraphs 93-94, Plaintiff asserts that a personal computer is protected under the statute above when "the device is used in or affecting interstate or foreign commerce or communication." Plaintiff further contends that his cellphone is also a protected device under the statute.
94. Plaintiff's cellphone device is protected computer used in interstate commerce because it is connected to the internet. See United States v. Trotter, 478 F.3d 918, 921 (8th Cir. 2007) ("With a connection to the Internet, the ... computers were part of a system that is inexorably intertwined with interstate commerce."). or affecting interstate or foreign commerce or communication." Id. § 1030(e)(2).
Beginning at paragraph 107, Plaintiff Hu also alleges that Temu had violated "The Computer Fraud and Abuse Act, 18 U.S.C. § 1030, referred to as "CFAA."
107. The Computer Fraud and Abuse Act, 18 U.S.C. § 1030,
referred to as "CFAA,"regulates fraud and related activity in connection
with computers, and makes it unlawful to intentionally access a computer
used for interstate commerce or communication, without
authorization
or by exceeding authorized access to such a computer, thereby obtaining
information from such a protected computer, within the meaning of U.S.C.
§ 1030(a)(2)(C).
108. Defendant violated 18 U.S.C. 1030 by
intentionally accessing Plaintiff's and Class Members' computers without
authorization or by exceeding authorization, thereby obtaining
information from such a protected computer.
Plaintiff Hu cites 3 additional causes of action. Plaintiff prays for monetary damages as relief. All available research says the case is still pending.
This second case was originally filed in Illinois, November 23,2023, but has since been moved to New York. The case is brought on behalf of individuals in a number of different states. In the complaint, Plaintiffs cite violations Temu has made of not only federal statues, but various state laws as well. The amended complaint, dated February 16, 2024, cites twenty separate instances of violations of law. Thus, the complaint has expanded to 119 pages.
Similar to the Arkansas case, and the Hu class action case that is cited above, Plaintiffs' attorneys rely heavily on the Grizzly Research report. Central to Plaintiffs' allegations is the chart below, displayed at page 27 of the Amended complaint, and is included in the original Grizzly Research report.
The chart compares the data collections and device access that various shopping apps employ. At paragraph 71, Plaintiffs summarize the device access concerns that are further detailed in paragraphs 72-77. Citing Grizzly, Plaintiffs contend that the Temu app does the following:
71. The analysis further found that the Temu app has the capability to hack users' phones and override data privacy settings that users have purposely set to prevent their data from being accessed: "So in exchange for that super low, too-good-to-be-true price on some gadget, we warn you that TEMU is able to hack your phone from the moment you install the app, overriding the data privacy settings you think you have in place, as well as your intentions, helping itself to your contact list, your precise location, in some cases, control of your camera, screenshots of the apps running on your screen, and, depending on the permissions you may have given when you installed the app, your SMS text messages and other documents you may have on your phone."
Herein lies the hidden threats the Temu app poses to its users. If the allegations made in this lawsuit and the others are true, then Temu's cheap products, in reality, come at a very high price to its users. This lawsuit cannot be easily dismissed as overly zealot lawyers seeking a big payoff by harassing an otherwise legitimate business. The firm bringing the case, law firm Hagens Berman, has brought the action at no cost to Plaintiffs. As the case docket shows, considerable legal work has been invested by Plaintiffs' attorneys. On the Hagens Berman website, the attorneys bringing this action clearly state their motivations for prosecuting their case against Temu, and how they intend to be compensated.
Taking legal action ensures that companies will be held accountable for violating consumer rights. The firm’s lawsuit against Temu brings claims of violations of several consumer protection laws designed to thwart this very kind of deception.
In the event Hagens Berman or any other firm obtains a settlement that provides benefits to class members, the court will decide a reasonable fee to be awarded to your legal team.
Moreover, to prosecute a civil action like this case, expert witnesses will need to testify at additional considerable cost to Plaintiffs' attorneys. To that point, Grizzly Research, whose published work cited in both of the civil suits mentioned above, will most likely be called upon to defend their finings in court and under oath — and then will be subjected to rigorous cross-examonation.. That should give some pause to those among the Digerati who dismiss Grizzly Research as merely opportunistic short sellers only motivated by profits to be gained if and when PDD Holdings stock plummets in value.
source:
https://tcpaworld.com/wp-content/uploads/2024/07/Whaleco-Complaint.pdf
The allegations made in a third class action civil filed against Temu, although of a quite different nature, do indeed relate to the first two actions. This third class action lawsuit is brought against Temu's parent company, Whaleco, Inc. The relationship between Temu, Whaleco, Inc, and PDD Holdings is best described as semantical. The website Gritdaily summarized the relationship between the three business names most succinctly. In an article titled, "Who Is Temu’s Parent Organization PDD Holdings?", dated February 13, 2023, author Greg Grzesiak explains well the relationship.
• Temu is the operating company incorporated under Whaleco, a
Delaware company.
• Whaleco is a subsidiary of PDD Holdings.
•
Temu is a subsidiary of PDD Holdings.
Essentially, Plaintiff alleges Temu had violated the "Telephone Consumer Protection Act (the “TCPA”), 47 U.S.C. § 227(c)(5)" when Temu sent Ms. King unsolicited text message even though her cellphone number had been registered with The Do Not Call list. At paragraph 4, Plaintiff asserts:
4. In April 2024 Defendant sent telemarketing text messages to Plaintiff’s personal cellular telephone for the purpose of selling its products to Plaintiff. Defendant sent such text messages despite Plaintiff having registered her telephone number on the national do-not-call registry two years prior in 2022, and without Plaintiff’s prior express written consent.
The crux of Plaintiff's allegations lie in paragraphs 17 and 18; and then in paragraphs 20 and 21.
17. At no point has Plaintiff sought out or solicited
information regarding Defendant’s products or services prior to
receiving the telemarketing text messages at issue.
18. Plaintiff has
never consented in writing, or otherwise, to receive telemarketing calls
or text messages from Defendant. Plaintiff has never provided Defendant
with her telephone
number.
20. Plaintiff registered this
telephone number on the national do-not-call registry in 2022.
21.
Despite this, Plaintiff received four telemarketing text messages from
Defendant on April 9, 2024 and April 10, 2024 from telephone number
52927. See Ex. A
If this case is successful, the case has two larger ramifications that might have an impact on Temu beyond the monetary damages sought by Plaintiff. The first is that Plaintiff seeks an injunction that will forbid Temu from contacting anyone who is not already a Temu customer and has registered their cellphone number on the Do Not Call list. And that might well limit the reach of Temu's marketing efforts.
Prayer for Relief, item E.
An order enjoining Defendant from making telemarketing calls and text messages to numbers on the national do-not-call registry, absent an emergency circumstance; ...
The greater impact of the present case here is, if Plaintiff never had any prior contact with Temu, then did Temu harvest telephone numbers from the contacts list saved on the cell phones of its otherwise legitimate customers? If so, then does that fact not bolster the claims asserted in the two civil fraud cases discusses herein above? Of course, Temu could have purchased Ms. King's telephone from anyone of dozens of data brokers. That is a matter of fact for the court to determine as the case proceeds.
One would think that if a reporter was honest in its reporting, then when writing, what is purported to be a critical analysis of the subject written about, some mention of the fact that the subject of the writing is being sued in four different jurisdictions within the United States would be in order. Yet, its article titled, "Is Temu legit? Everything to know before you place your first order," dated May 23, 2024, posted by ZDNet, no mention is made of the three lawsuits filed against Temu. Author Jada Jones, Associate Editor at ZDNet, does offer some valid advice about staying safe when shopping online, but nowhere does Ms. Jones address the findings of Grizzly Research that lie at the heart of the two civil suits discussed herein, and also the suit brought by Attorney General Griffin in the state of Arkansas.
The online boosters of Temu among the Digerati may indeed all be acting in good faith. I have no way of evaluating their intentions. There is, however, more than a whiff of their writings are clear examples of "puff pieces," that are meant at the least, to paint Temu in a more favorable light than Temu might otherwise deserve. In its informative article about puff pieces in journalism posted on PressPitch.io, titled, "PUFF PIECE MEANING, ORIGIN, PURPOSE, CHARACTERISTICS, & EXAMPLES," the following explanation of what a puff piece is has been offered.
At its core, the purpose of a puff piece is to promote somebody or something, and that’s exactly why it’s called a “puff piece” because it puffs up the positive side and doesn’t talk about the negative side”.
At the very least, that is a good description of some of the incomplete reporting made regarding Temu. Given all that is known and yet unknown about the business practices of Temu, it is this reporter's opinion that the advice given by Kim Komando is the best to follow if one is considering a Temu purchase.
Americans using Temu are selling the country out for bargains that really aren’t worth it. I say you delete it.
Gerald Reiff
| Back to Top | ← previous post | next post → |
| If you find this article of value, please help keep the blog going by making a contribution at GoFundMe or Paypal | ||