Charlie Morgan#7061

Charlie Morgan

Senior Associate, International Arbitration, Herbert Smith Freehills
  • Charlie is a senior dispute resolution lawyer specialising in international arbitration. He helps clients effectively and efficiently to resolve complex international disputes across a broad range of jurisdictions.
  • Charlie is a senior dispute resolution lawyer with a focus on international arbitration. He also co-founded the firm's Digital Law Group.
  • Charlie has acted as counsel and advocate in ad hoc and institutional arbitrations in a number of jurisdictions and under various governing laws. He has broad experience of advising on international disputes, particularly in the energy and technology sectors.
Contributed to


Arbitration—data protection and GDPR considerations
Arbitration—data protection and GDPR considerations
Practice notes

This Practice Note considers the UK and EU General Data Protection Regulation (GDPR) regimes, the Data Protection Act 2018 (DPA 2018) and other data protection considerations that should or may be considered in connection with international arbitration proceedings. In the context of arbitration proceedings it provides UK focused guidance on: the background to the GDPR regimes and DPA 2018, the scope and territorial reach of the GDPR, key definitions such as personal data, processing and identifying controllers and processors, data protection principles including: the possible lawful grounds for processing in arbitration (such as consent, compliance with a legal obligation, legitimate interests), fairness and transparency, data minimisation, storage limitation (or data retention), integrity and confidentiality and accountability, as well as exemptions to the GDPR regimes. The Practice Note also takes into account article 29 Working Party and ICO guidance and looks at data subjects’ rights, data mapping, data protection impact assessments, redaction, pseudonymisation and anonymisation, client compliance, transfer of data out, extra territorial reach and sanctions for breach of the GDPR regimes.

Cybersecurity in international arbitration
Cybersecurity in international arbitration
Practice notes

This Practice Note considers the issue of cybersecurity (cyber-security or cyber security) in international arbitration proceedings. The Practice Note provides an introduction to cybercrime (cyber-crime or cyber crime) (eg hacking) and cybersecurity in arbitral proceedings, considers the importance of cybersecurity in arbitral proceedings, the potential targets of cyberattacks (cyber-attacks or cyber attacks) in arbitration, the perpetrators of cyberattacks in arbitration (and cyber threats, cyber-threats) and the potential consequences of cyberattacks in arbitration. The Practice Note also considers where the responsibility lies for dealing with (managing, providing for, taking account of) cybersecurity in international arbitration as well as the steps (procedures and processes) that may be appropriate to take to combat cyberattacks (increase cybersecurity) in arbitration proceedings. The Practice Note also considers some of the developments in this field of practice, including draft and final protocols on cybersecurity in international arbitration.

Practice Area


  • Contributing Author

If you expected to see yourself on this page, click here.