Best Practices for Non-Disclosure Agreements
A secret is only a secret if you don’t tell anyone—or maybe if the person you tell is bound by a non-disclosure agreement. This post will define an NDA and describe the essential elements of NDAs, then explore in detail some of the most important considerations for entering into an NDA.
Non-disclosure agreements (NDAs) are contracts that create legal obligations to privacy and are fairly common practice in business settings. They are used to protect trade secrets, client details, patent rights to new inventions, and other confidential information. The type of information that can be covered by an NDA is virtually unlimited—sales and marketing plans, test results, system specifications, passwords, customer databases, etc. Using an NDA ensures that your business secrets will stay secret—or that you’ll have legal recourse if information is leaked.
Essential Elements of an NDA
Regardless of the type of NDA or the information it safeguards, any NDA should contain a few specific elements: definitions (and exclusions) of protected information, obligations of involved people or parties, and time limitations.
The definitions section spells out the rules of the contract and establishes the types of information that are confidential without actually releasing the information concerned. For example, this section might list categories such as customer contact information, credit card details, and purchase history. Stated exclusions might be information that is generally considered common knowledge, or data exchanged before the contract was signed.
NDAs explicitly state that the person signing the agreement is to keep the confidential information private and limit its use, and often require that “reasonable efforts” be taken to protect the other party’s information. Reasonability in this case may vary widely depending on how large or advanced a particular enterprise is, so NDAs should usually express what specific protection measures must be used.
It is common for NDAs to be time-bound, i.e. that the signee is bound to confidentiality for a certain number of years. It is common for confidentiality agreements to continue after a relationship is terminated, such as when the person leaves the common.
The principle behind NDAs is straightforward, but there are a number of important factors to consider when creating and entering into an NDA to avoid legal disputes and unwanted disclosures in the future.
It’s important to realize that relationships may sour. That’s the purpose of the contract: one partner in a new joint-venture probably doesn’t set out intending to steal ideas and betray the other to a competitor, but an NDA should take the possibility into account and draft with all possible future forms of the relationship in mind.
Don’t overcommit too soon. NDAs are often executed when parties are exploring a potential relationship, but ensure that the NDA does not seal the deal prematurely. It might be beneficial to articulate that the NDA does not bind either party to the relationship.
Next, consider whose information is being protected, and the scope of information covered. Will both parties will be sharing confidential information? If so, ensure that the scope of protected information is reasonable for both sides. One party should not impose confidentiality requirements without being willing to adhere to the same level of confidentiality. Also, be aware of terms that require you to protect the other party’s non-confidential information; this could increase your risk of facing breach-of-contract claims in the future. An NDA should usually state that information that is independently developed or readily-attainable is not protected.
Be mindful of what is included in the terms, “as required by law,” so that you know when you may legally disclose the other party’s confidential information, and when they may disclose yours. An obvious application is when a court orders disclosure, but a growing number of whistleblower protections create additional exceptions.
- The federal Defend Trade Secrets Act protects the disclosure of information to private attorneys or government officials for purposes of reporting or investigating suspected violations of law
- The Securities and Exchange Commission (SEC) prohibits any contract that limits an individual’s ability to communicate directly with the SEC about a possible securities violation
- Areas of U.S. Code govern disclosures of fraud, waste, abuse, public health or safety threats, and illegality (5 U.S.C. §7211 and §2302)
- Some states disallow an employer from prohibiting certain disclosures by employees, such as of unlawful acts in the workplace (e.g. California Government Code § 12964.5)
If applicable, establish third party access rights and rights to assign. For example, you may want to share the other party’s information with your legal and/or financial advisors. The NDA should clearly define to which third parties, if any, information may be disclosed, and third parties’ obligation to protect confidentiality. It may be wise to include a provision requiring each party to notify the other before disclosing information to a third party; this way, if a third party is one of your competitors, you can prevent it from gaining access to your information. Also consider including provisions that require mutual consent before assigning the NDA to affiliates or third parties who will then have access to the proprietary information.
Some contracts include audit rights in the NDA, so that one party has the right to inspect the other party’s business operations and records to determine how its information is being used and how well it is being protected. In the future, this may become important if someone suspects misuse or negligence. But be aware that this is very intrusive, particularly when there is no longer a business relationship between the parties, and that this exposes other confidential information to someone who is now a third party.
Finally, pay special attention to the NDA’s provision designating which state’s or jurisdiction’s law will interpret and enforce the NDA, especially if it concerns international ventures.
At the conclusion of NDA negotiations, there are a few final steps to complete to demonstrate reasonable efforts to comply with the NDA. It is important to educate employees about the NDA, particularly those who will have access to the other party’s confidential information, and to obtain their acknowledgement that they completed the training. Businesses should control access to the other party’s information to avoid accusations of improper use. For example, keeping careful and methodical documentation during the development of a new product could be important to demonstrating that it was developed without incorporating the other party’s trade secrets.
At the termination of the relationship, each party should return or destroy the other’s confidential documents in a timely manner, in compliance with the terms of the NDA. Paying close attention to all of the terms included in the NDA will help protect you from accusations of misappropriation or improper disclosure, and will help keep your own secrets safe.
Featured Image by Rebecca Sidebotham.
Because of the generality of the information on this site, it may not apply to a given place, time, or set of facts. It is not intended to be legal advice, and should not be acted upon without specific legal advice based on particular situations