Like Rodney Dangerfield, Non-Disclosure Agreements (“NDAs”) often get no respect. Business persons may plunge into negotiations, revealing confidential information with no agreement in place, or Legal may issue the same form agreement in every case, as if one-size-fits-all. Well, like any contract, the NDA can provide vital protection, but should be drafted with care. Here are 10 tips to consider.
1. Nature of the Obligation. Naturally, the heart of the NDA is language prohibiting one party from wrongfully using or disclosing certain information received from the other. The agreement should require the recipient to use at least the same degree of care that it would use to protect its own confidential information, but at least a reasonable degree of care.
2. Mutual v. Unilateral. Legal should inquire with Business to learn what types of information will be disclosed by each party. Obviously, the disclosing party wants stronger protection; the receiving party wants fewer restrictions. Nonetheless, in almost every case each party will disclose some sensitive information, so it almost always makes sense to include mutual confidentiality obligations.
3. Protected Material. To protect Confidential Information one must first define it. Often the NDA gives examples, such as “technical, financial and business information” and states that it may be in oral, written, physical or electronic form. It may be defined as anything that should “reasonably be deemed confidential” or may grant protection only if the information is marked as confidential.
4. Marking Requirement. The receiving party may insist upon a marking requirement, but the disclosing party may reject such a requirement, as some employees or agents may fail to mark before disclosing and some information cannot easily be marked. As a compromise, one can state that Confidential Information must be marked as such, or identified as confidential in a subsequent writing.
5. Carved-Out Exceptions. The exact wording may vary, but it’s only fair that certain types of sensitive information are excluded, such as information available to the general public, or previously known, independently developed or rightfully received by the recipient, through legal means.
6. Permitted Use. The NDA should state that Confidential Information may be used only for a particular purpose, such as exploring the possibility of a business relationship between the two parties, and no other purpose. Of course, the terms of that relationship will be laid out in a separate agreement.
7. Permitted Disclosure. NDAs typically contain an exception, permitting disclosure by the recipient to its attorneys, accountants or employees who have a legitimate need to know or in response to a court order, or the like. Counsel should make sure the legitimate need to know requirement is explicit. One may also insist that prior notice may be required before any disclosure and any third-party recipients must agree to confidentiality obligations at least as strict as those stated in the NDA.
8. Duration of Obligation. It’s probably best to state two terms in the NDA. First, state a term for the entire NDA, because a contract with no stated term is often found to be terminable at will. Then, the confidentiality obligation may be described as lasting, “For the Term of this Agreement and __ years thereafter.”
9. No Warranties/As-Is. While it has nothing to do with confidentiality, it may be prudent to state in the NDA that all information is disclosed “As Is” and without warranties. Such language may not ward off legitimate claims for fraud or concealment, but may give some protection against unmerited claims.
10. Remedy for Breach. The NDA should state that in the event of a breach monetary damages would not be sufficient and the parties agree injunctive relief is proper. Heck, even injunctive relief would not be sufficient in most cases, but certainly it seems critical in most cases of wrongful use or disclosure.
Did I miss anything important?
For assistance with contracts, please contact our Taiwan contracts lawyers.
It is important to state the jurisdiction in case of controversy between the parties, which is most often the one that corresponds to the disclosing party.
Thanks, Aida, good point. You’re right, that will save considerable time and expense in the event of a dispute.
It’s interesting to consider whether a confidentiality agreement template should be negotiated for each transaction between parties, or, if they are frequently doing business with each other, would it make more sense to sign a master sample confidentiality agreement? In many industries, such as technology, Big Pharma and medical technology, major companies often have 20-40 confidential disclosure agreements in place with each other, each with such wide ranging, overlapping definitions of confidential information that you can’t easily tell which agreement applies to which transaction. Given that all of these contracts likely cover similar terms, perhaps it would be wiser to use just one, overall agreement with a marking requirement and the broad standard exclusions. What do you think?
Interesting question. Thanks. I worked for a major tech manufacturing company and 2/3 of the total workload in Legal Dept was trying to keep up with negotiating, drafting and reviewing thousands of contracts per year. I don’t know the exact figures, but it seemed half the contracts were NDAs. Our constant struggle was to reduce the number and complexity of contracts we required, by using more master agreements and standard form agreements, so I can definitely see an argument in favor of negotiating a separate Master NDA with each particular counterparty and simply adding a new Addendum for each new project with that party, defining the new Confidential Information to be disclosed. I can’t see much risk in such an approach.
Of course, NDAs are so much simpler than most other agreements that it wouldn’t save as much effort as using a Master Purchasing Agreement, for example, but it still sounds like a good idea.
How to enforce NDA particularly recovery of data after closure Whether payment of stamp duty is also required.
I agree, Amber, that enforcing an NDA is the hard part. Once your sensitive data has been used improperly it’s hard to quantify the harm or undo the damage. But at least it’s good if you’ve got an NDA in place so you can seek injunctive relief and try to recover appropriate damages. However, the NDA is just backup: the first strategy should be to minimize the dissemination of confidential data in the first place, by careful practices with employees, suppliers, customers and other parties.
Sorry I’m not sure I understand your question about stamp duty.
Indemnity clause under NDA:- Many a times I have struggled wherein Indemnity clause is sought under an NDA. Is there any scope or utility to have such a clause agreed in the NDA? My preliminary stand is not to have it as the parties will never be able to ascertain the value of the harm directly caused due to the unauthorized disclosure and such a scenario would always be subject of a dispute. Clause for equitable relief by way of injunction along with a mutually agreed dispute resolution clause is adequate. Would look forward to views on this subject.
I agree that it’s extremely hard proving the damages and equitable relief is probably more important, but there’s no harm in stating that the breaching party shall indemnify the other for all damages caused by a breach, is there? It would be easier if one had a liquidated damages provision, too, but I can imagine that might be deemed unenforceable in some cases, so better have option of indemnification of actual damages, just in case, no? Moreover, if you include an indemnification provision you can expressly refer to attorney fees, which probably wouldn’t be available otherwise.
You have not covered dispute resolution method in event of breach of terms of the agreement, Professional agreement should have dispute resolution mechanism to save process involved therein
I agree 100%. Every agreement should carefully state jurisdiction, venue and governing law, as those will be the first defenses/obstacles one will encounter if forced to rely on the agreement. I guess next time I’ll have to put Top 15 Points. 😉
Thanks, that’s helpful for Russia as well, since many agreements tend to be subject to English law here. One addition: what about obligation to return / destroy information without delay following a request from the Disclosing Party? And a usual exemption to keep a copy for auditors? Thanks, Andrey
Good points. Thanks.
Could you please kindly further explain on the point 9 (NO Warranties). I could understand that your principle is there should not be any warranties in NDA. but it is hard to image in a NDA, how to set the warranties? (It is common there is warranties clause in purchasing or service agreement)
Sure. If the parties sign an NDA before entering into a deal, but the deal goes bad and one party alleges damages caused by reliance on false or misleading representations in documents disclosed by the other, the disclosing party will be thankful if the NDA states explicitly that the documents are being disclosed as is, without warranties. Warranties or lack of warranties really don’t belong in the NDA; the NDA really should address only confidentiality obligations. And, probably there are deal documents that address warranties or lack of warranties. But, out of an abundance of caution, it can’t hurt for the disclosing party to gain additional protection by inserting such a disclaimer in the NDA, also, if possible. I don’t know how common it is, but it can’t hurt to try.
I agree with Chris’ suggestion of trying to include a disclaimer in the NDA as there is probably no other written document between the parties at this initial stage to exclude that legal risk (by implication or conduct as the receiving party may otherwise argue). We sometimes include an obligation on the part of the receiving party to certify in writing that the materials have been destroyed but this is often resisted. There is no harm including this in the template and depending on the counterparty and bargaining power, this can be taken out in the course of negotiations. Apart from keeping copy for the auditor, we may include an exception for regulatory compliance purpose.