This is a photo of Charles Morgan Photo

S. Morgan



Contact by email at [email protected]

t. +1 514-397-4230


Law School

McGill University

Bar Admission

Québec, 1998

A nationally recognized leader in technology law, Charles brings deep understanding of disruptive technologies, providing practical advice to help clients fully exploit the promise of innovative solutions while managing risk.

Charles is the co-leader of McCarthy Tétrault’s Information Technology Law Group, which was selected as “Technology Law Firm of the Year” by Chamber’s Canada in 2019. He is also co-leader of the firm’s national Cybersecurity, Privacy and Data Protection Group and a member of the Financial Technology (Fintech) group. Charles’ practice is focused on advising many of our firm’s largest clients on their most complex commercial transactions involving IT outsourcing, systems integration, cloud, financial technologies, data security, data monetization, privacy, licensing, e-commerce and telecommunications. Charles also regularly serves as "breach coach" for our clients who have experienced a cyber-incident. 

Charles has extensive international experience. As President of the International Technology Lawyers Association (iTechLaw), he has developed a network of trusted correspondent counsel that allow him to provide seamless client service around the globe, alerting clients to new developments and helping them to manage risks worldwide.

A recognized thought-leader, Charles provides practical advice and protects clients against a broad range of risks in a manner that allows them to continue to innovate and meet the needs of their customer base. Clients say:

" He has an excellent sense of tech, especially in a commercial context.” He is “a great negotiator who knows everything about the market.” … “He is an exceptional lawyer. "

Some of his recent experience includes:

Technology Transactions

  • advising Bombardier Aerospace and Bombardier Transportation in a $700 million global outsourcing project, involving implementation in 47 countries worldwide;
  • advising a global engineering company in an outsourcing project implemented in over 20 countries worldwide;
  • advising National Bank of Canada in relation to their $150 million debt issuance (with JP Morgan), with a parallel simulation of issuance using blockchain technology;
  • advising a participant in the $250 million SCALE.AI supercluster initiative to bring artificial intelligence enhanced solutions to help solve complex supply chain management challenges;
  • advising a leading financial institution in relation to procuring AI-powered cloud solutions from market leading global service providers, helping to mitigate the associated privacy and IT security risks;
  • advising a leading Canadian financial institution in negotiating a joint venture related to a digital wallet and mobile payment solution;
  • advising telecommunications regulation authorities in over 10 countries worldwide on issues such as market liberalisation for mobile telephony, universal service and net neutrality;
  • advising a leading national retailer in relation to the development of a new, AI-enhanced, integrated e-commerce platform, warehousing (automated pick and pack) and logistics platform to serve third-party retailers;
  • representing a financial institution during the negotiation of a fibre network build and telecommunications services outsourcing agreement;
  • assisting a leading digital and print media company negotiate an IT outsourcing agreement;
  • assisting Salesforce with their $326 million acquisition of Radian6, a social media monitoring company;
  • negotiating an offshore call centre outsourcing agreement with a leading Québec-based broadcasting and telecommunications company on behalf of an Egypt-based service-provider; and
  • assisting Desjardins in relation to their acquisition of the State Farm Canada insurance business.

Cybersecurity, Privacy and Data Governance

  • advising Canada’s largest financial services cooperative in the wake of the largest data breach in Canadian history in the financial services sector, advising on all aspects of privacy regulatory compliance in relation to the joint investigation by the federal and Quebec privacy commissioners, as well as its privacy and cybersecurity remediation plan
  • assisted a leading Canadian health services provider in the context of the largest data breach in Canadian history (regardless of sector), advising on all aspects of breach response including interactions with affected health authorities, privacy commissioners and other affected third parties
  • Acted as breach coach to a financial services provide in its response to a ransomware incident
  • assisted a leading provider of “assisted living” residences for seniors respond to a major ransomware incident
  • assisting a retail innovation foundry with the implementation of privacy by design principles in relation to a consumer behavioural analysis project involving anonymous video analytics (AVA);
  • assisting a multinational railway company in relation to data governance, IT security for critical infrastructure, risk disclosures re positive train control (PTC), drone and satellite regulation;
  • advising a leading Canadian financial institution on data monetisation strategy;
  • advising a leading Canadian insurance company on big data, artificial intelligence and recent developments on insurtech regulation;
  • advising rapid growth fintech start-ups regarding constraints on the use of personal information, including the management of risks related to screen-scraping and the use of APIs;
  • assisting a multinational retailer in implementing a novel program to facilitate direct communication between sales representatives and customers via social media;
  • assisting over 30 companies with their CASL (anti-spam law) compliance efforts, including constitutional and substantive defence of CompuFinder (currently before the Federal Court of Appeal), the first Canadian company to receive a notice of violation under CASL; and
  • assisting over a dozen Canadian companies assess the applicability of GDPR to their business operations and implement compliance programs.
  • advising clients on implementation of cyber-security response readiness policies and procedures;
  • negotiating dozens of IT security and data processing agreements to protect client data while hosted or processed (including in the context of complex cloud hosting or service agreements);
  • assisting a financial institution with managing a major data privacy breach incident;
  • assisting a leading telecommunications company's response to a privacy breach incident;
  • assisting a leading North American retailer with managing a major cyber breach incident; and
  • assisting a broad range of clients (online travel services company, automobile purchase finance company, retailers) with breach notification efforts.

Charles is a regular conference speaker regarding novel and innovative marketplace trends, tying recent developments in the law and his direct experience navigating these issues to provide practical insights to clients and conference participants. He has recently been an invited speaker at technology law industry conferences in Hong Kong, Stockholm, Austin and Bangalore. He has also co-authored several books including Information Technology Law — E-mail (LexisNexis Canada, 2008), Halsbury’s Laws of Canada — Communications (LexisNexis Canada, reissue 2019) and Responsible AI: A Global Policy Framework (ITechLaw, 2019).

Charles is currently President of the International Technology Lawyers Association (iTechLaw). Charles is a member of the Quebec Autorité des marché financier’s Technological Innovation Advisory Committee. He is also the President of board of directors of the contemporary dance company RUBBERBAND. Charles received his BCL/LLB in 1997 from McGill University and was admitted to the Québec Bar in 1998.