I don’t know why, but I’ve had a spate of NDAs cross my desk in the last week. Seemingly innocuous little documents, Non-Disclosure Agreements (sometimes also known as Confidentiality Agreements) are usually the starting point for all new contract negotiators.
Perhaps it’s because they’re generally short in length (usually no more than a page or two)… or perhaps it’s because they’re usually not very contentious (both parties desire to keep some set of secrets). But whatever the reason, all of the ones that I’ve done in the last week have had some sort of difficulty factor that just seemed out of the ordinary. So, let’s see if we can address common NDA concerns.
Starting with the basics, NDAs should clearly state the purpose for which the NDA is going to apply. You usually don’t want a generic NDA – it simply becomes difficult to manage the obligation over time… and since they’re usually easy to negotiate, doing another one for a future obligation isn’t seen as too problematic. Additionally, once you create a contract based on the purpose (ie: the NDA was the precursor agreement to a bigger, more involved relationship), you also usually have confidentiality language in the bigger “master” agreement anyways.
A NDA should also clearly define what is being kept confidential. This would seem to be a simple task – what you bring to the table is yours, what the other party brings to the table is theirs. This, of course, is too generic (too simple, I suppose). So get more specific… “documents, templates, source code, plans, drawings” etc. And if your business involves the capturing or use of information from your customers (such as via a financial institution, an insurance organization, a health-care company or any other business, too), you will want to detail that your customer information is confidential.
But then you have to carve away those bits of knowledge that are generally known in the world/industry. And you need to remove from obligations of confidentiality those bits that you learned from somewhere else (who provided it to you “lawfully” and not while they were under an obligation to keep it secret). Getting confused yet? What you end up with is a list of things that are confidential… and a list of exclusions for ways in which you obtained information and don’t have to keep it confidential.
Then you need to add a list of reasons why, even for information that is confidential, you can disclose it anyways. This would include a valid court order, for example. (But wait! You usually first have to tell the other party that you’re being compelled to disclose the information so that they have the time to try to fight the order.)
Of course, you also need to list who can see the Confidential Information and for what purpose they may use the information. You don’t want your new business partner to take your information and develop something based on it without your permission, for example.
Next, don’t forget remedies in the event that your Confidential Information is disclosed in a way not allowed under the agreement. The usual analogy here is to Pandora’s Box and the inability to put the secrets back in the box once released. It’s simply impossible. Legally, you’ll want to file an injunction to prevent further disclosure… but you also may have monetary damages as a result of the disclosure (for example, if another company steals your great idea for a new product, you can attempt to sue for lost profits). So I generally like to use a conversational phrase with my counterparts when discussing this section… just in case there’s any confusion.
“If you disclose my Confidential Information, I am going to own your company.”
In other words, the penalty for disclosing my information is going to cost you so much, that you’re going to go bankrupt in the process of trying to put the lid back on the box. This is especially true if you’re in one of the aforementioned Customer Information industries… and REALLY REALLY true if you’re dealing with Protected Health Information or Financial Information – which are both protected by various federal and state laws as well. Which, by the way, means that if you’re the recipient of this kind of information – of any Confidential Information for that matter – you need to take the obligations very seriously.
Lastly with respects to NDA basics, you need to know what to do with Confidential Information once the NDA terminates. Usually it’s “return or destroy”. Some organizations want one over the other. And some also want “certification from an officer” of the other party that destruction, if the chosen option, has been completed in a timely manner.
OK. So let’s review:
- Definition of Purpose
- Description of Confidential Information
- Exclusions from stuff that’s otherwise Confidential Information
- Reasons why you could disclose Confidential Information
- Who can use the Confidential Information (and for what reason)
- Remedies in the event of disclosure.
- Return or Destruction of Confidential Information after NDA ends
“Are we there yet?”
What’s left, of course, is the boilerplate contract language that you find in many other agreements. Sections on assignment, governing law, severability, term (again, how long should this thing go on?), party relationship and even a section on signature counterparts all get included, too.
Phew, maybe NDA’s aren’t that simple, eh?