TL;DR: Texas Attorney General Ken Paxton filed five lawsuits in four days against companies he says are funneling Texans’ data to the Chinese Communist Party. The targets: Temu, Shein, TP-Link, Lorex, and Anzu Robotics. The allegations range from secret backdoors in shopping apps to baby monitors containing components from a Chinese military contractor. If you’re using any of these products, here’s what Paxton says they’re doing with your data, and what you can do about it.

Five Companies, Four Days

Between February 17 and 20, 2026, Paxton’s office announced lawsuits against five companies in what he called a “coordinated effort to hold China accountable under Texas law.” Each lawsuit uses the Texas Deceptive Trade Practices Act (DTPA), seeking up to $10,000 per violation, or $250,000 per violation when targeting consumers 65 and older [1].

Here’s the scorecard:

Company Product Core Allegation Filed
TP-Link Routers, networking Allows CCP access to devices Feb 17
Anzu Robotics Drones Rebranded DJI drones to dodge bans Feb 18
Lorex Baby monitors, cameras Hides Dahua military components Feb 19
Temu Shopping app “Communist spyware” with backdoors Feb 19
Shein Fast fashion Data pipeline to CCP, toxic products Feb 20

Temu: “Communist Spyware Disguised as a Shopping App”

Paxton didn’t mince words. He called Temu “Chinese communist spyware disguised as a shopping app” and accused PDD Holdings (Temu’s parent company) of “turning the consumer into the product” [2].

What the lawsuit alleges:

  • Temu uses “dangerous software functions that are completely inappropriate for a simple e-commerce retailer”
  • The app “bypasses security protocols and creates a backdoor into user’s private data”
  • It harvests “vast swaths of data to be stored on servers in China”
  • Once granted storage permissions, the app can access “chat logs, images, and content from other applications”
  • It requests permissions for device logs, external storage, installation packages, and precise location data

PDD Holdings was founded in China with headquarters in Shanghai before relocating to Dublin, Ireland, but Texas says it maintains “significant operations in China,” which means Chinese national data laws requiring companies to cooperate with intelligence services still apply [2][3].

Installed Temu? Go to your phone settings and check what permissions it has. If it can access your storage, photos, or precise location, it has access to far more than a shopping app needs.

Shein: Toxic Clothes and a Data Pipeline

The Shein lawsuit combines product safety claims with data privacy allegations. Paxton says Shein clothing contains “toxic chemicals at levels exceeding safety standards,” particularly items marketed for newborns, pregnant women, and children. Toys allegedly contain “hazardous toxic chemicals and heavy metals” [4].

But the surveillance angle matters here too. The lawsuit calls Shein “a data siphon leading directly to the Chinese government.” Because Shein operates partly in China, customer personal information “can at any time be commandeered by the CCP” [4].

Paxton had already announced an investigation into Shein’s labor practices in December 2025. This lawsuit expands those concerns to data and product safety.

Lorex: Baby Monitors with Military Components

This one’s particularly unsettling. Lorex sells baby monitors and home security cameras. Paxton says those devices contain components from Dahua, a company designated as a national security risk by the U.S. government and listed as a Chinese Military Company [6].

The timeline:

  • 2018: Dahua acquired Lorex
  • November 24, 2022: Dahua sold Lorex to Taiwan-based Skywatch Inc., one day before an FCC ban on further Dahua product approvals took effect
  • Present: Despite the sale, Dahua allegedly remains involved in Lorex’s operations

Paxton says Lorex “exploited parents’ desire to protect children while concealing security risks.” The lawsuit warns that “the Chinese government could exploit Texans’ home security systems at any time” [6].

Making safety a “slogan” without delivering genuine protection? That’s deceptive trade practice under Texas law.

Anzu Robotics: DJI Drones Wearing a Disguise

DJI is the world’s largest drone manufacturer. It’s also been blacklisted by the U.S. government over national security concerns. Enter Anzu Robotics, which Paxton calls “a 21st century trojan horse” [7].

What the lawsuit alleges:

  • Anzu functions as a “passthrough entity” for DJI
  • The partnership lets DJI circumvent state and federal restrictions by rebranding products
  • Anzu drones use DJI hardware, firmware, and software, perpetuating the same vulnerabilities
  • The company “failed to disclose its business relationship with DJI”
  • It made false statements about CCP ties

Texas is seeking to halt sales and impose civil penalties. If you bought an Anzu drone thinking it was a safe alternative to DJI, the state says you were misled [7].

The Pattern: Cheap Products, Hidden Costs

All five companies share a profile: mass-market consumer products at aggressive prices. TP-Link undercuts competitors on routers. Temu and Shein run constant sales. Lorex offers affordable security cameras. Anzu drones cost less than American alternatives.

Paxton’s argument is that the price you pay at checkout isn’t the full cost. The rest gets paid in data, data that Texas alleges flows back to servers in China and, under Chinese law, can be accessed by intelligence services on demand.

Whether you believe these allegations or see them as political theater, the technical claims are testable. Apps either request invasive permissions or they don’t. Supply chains either run through blacklisted companies or they don’t. Firmware either phones home to Chinese servers or it doesn’t.

What You Can Do

Audit Temu and Shein Permissions

Go to Settings > Apps > [Temu or Shein] > Permissions. Revoke access to storage, photos, location, and contacts. Better yet, use their websites in a browser with tracking protection rather than their apps.

Check Your Router

If you have a TP-Link router, consider whether you’re comfortable with the risk. Alternatives from American companies like Netgear or Ubiquiti exist. At minimum, update firmware, change default passwords, and disable remote management.

Research Your Security Cameras

If you have Lorex cameras or baby monitors, check the model numbers against Dahua component lists. Consider whether you want devices in your bedroom or nursery that may have security vulnerabilities tied to a Chinese military contractor.

Verify Drone Manufacturers

If you’re in the market for a drone and national security matters to you, verify the supply chain. Anzu isn’t the only company that’s been accused of being a DJI front. Skydio is a U.S.-based alternative.

Political Context

These lawsuits fit into a broader push by Republican attorneys general against Chinese tech companies. The timing (five lawsuits in four days) suggests a coordinated political effort as much as a legal one. Whether that undermines or reinforces the allegations depends on your perspective.

What’s not debatable: Chinese national security laws do require companies operating in China to cooperate with intelligence services when asked. That’s not Paxton’s opinion. It’s Chinese law. Whether these specific companies are actively cooperating, or whether the risk is theoretical, is what the courts will have to decide.

In the meantime, 33 million Texans are being told their shopping apps, routers, baby monitors, and drones may be surveillance devices. Some of them will take action. The companies will have to respond.

References

  1. Texas Attorney General - Fourth Anti-CCP Lawsuit: Temu (February 19, 2026)
  2. Texas Scorecard - Texas Sues Temu for Deceptive Marketing and CCP-Linked Data Harvesting (February 2026)
  3. Law360 - Texas AG Launches Latest Suit Over Temu Data, China Ties (February 2026)
  4. Texas Attorney General - Fifth Anti-CCP Lawsuit: Shein (February 20, 2026)
  5. Texas Attorney General - First Anti-CCP Lawsuit: TP-Link (February 17, 2026)
  6. Texas Attorney General - Third Anti-CCP Lawsuit: Lorex (February 19, 2026)
  7. Texas Attorney General - Second Anti-CCP Lawsuit: Anzu Robotics (February 18, 2026)
  8. Cyber Insider - Texas AG Sues TP-Link and Anzu Robotics Citing China-Linked Security Risks (February 2026)