The GDPR has significantly altered the landscape of data protection. Its broad scope and potentially severe penalties have forced those who hold and process data to take note of its provisions. In certain instances, that will include many in the international arbitration community, such as arbitral institutions. In parallel, cyber attacks and instances of hacking in the arbitration context have brought cyber security issues to the fore.

As a result, data protection and cyber security are now hot topics in international arbitration. A majority of respondents in the 2018 Queen Mary International Arbitration Survey listed “security of electronic communications and information” as an issue which should be addressed in arbitration rules. This clearly demonstrates that the users of arbitration are concerned about data security. While there are signs that the market is listening, users seem to think that arbitral institutions, counsel and tribunals could do more to address cybersecurity.

In our article published in the latest International Arbitration Report, we examine three areas of data protection and cyber security in arbitration:

  • The EU’s GDPR and how it bears on international arbitration;
  • Data breaches in arbitral proceedings and cyberattacks on institutions, and how institutions are responding; and
  • How hacked evidence might appear in arbitration, and how tribunals have dealt with this issue.

The full article is available here.