Why use an NDA?
There can be many instances where a business may want to share confidential information with another party. Doing so safely so that the receiving party respects the confidentiality of the information and does not use it to the disclosing party’s detriment is very important.
The usual way to protect the secrecy of confidential information given to another party is by the use of a Non-Disclosure Agreement, also referred to as a Confidentiality Agreement or NDA.
When to use an NDA
Essentially, whenever you wish to convey something valuable about your business or an idea, and want to ensure that the recipient does not use or disclose the information without your approval.
Example scenarios might be:
- Presenting a business opportunity to a potential partner, investor, or distributor
- Sharing sensitive financial or other information with a prospective buyer of your business
- Demonstrating a new product or technology to a prospective customer
- Prospectively receiving services from a company or individual who may have access to sensitive information in demonstrating those services
- Where a business is a start-up trying to raise funding from venture capital investors
NDAs: Two-way traffic or one-way street?
NDAs are in one of two forms:
- Mutual: where each party discloses their own confidential information and receives confidential information of the other party; or
- One-way: where one party is the discloser of confidential information and the other (who will disclose nothing) is the receiver of confidential information.
NDAs: What’s under the hood?
The appropriate form and length of an NDA depends on the nature of the disclosure and the materiality of the information, although making NDAs long and complicated can risk rendering them over-engineered and with potential for ambiguities. For example, a well-constructed NDA for a simple exchange of business information to explore a particular opportunity, need not be more than a few pages long.
The basic elements of and NDA are:
- Who? – accurate identification of the parties
- What? – a definition of what is deemed to be confidential information
- What’s not? – exclusions from confidential information
- How? – the scope of the confidentiality obligations of the receiving party
- To whom? – other persons or authorities with whom the receiving party is permitted to disclose confidential information
- When? – the duration of the agreement
Taking each of these in turn:
Who? – accurate identification of the parties
Like most contracts, the parties to the agreement are set out at the beginning of the NDA. If the NDA is one -way only, then the disclosing party and receiving party can simply be referred to as such.
What? – a definition of what is deemed to be confidential information
The NDA should set out with as much clarity as possible what confidential information means and in what format it is in, e.g., written, electronic, oral, marked confidential, etc.
Whether a party is receiving or disclosing, will inform any required negotiations of the confidential information definition. A disclosing party will want the definition to be as wide as possible to make sure the receiving party doesn’t exploit any loophole and on the other hand, a receiving party has a legitimate desire to ensure that any information it must keep secret is clearly set out so that it can understand the scope of its obligations.
What’s not? – exclusions from confidential information
NDAs usually need certain exclusions from the information to which the NDA applies and, therefore, the obligations of the receiving party. Such exclusions are intended to address situations where it would be unreasonable or too burdensome for the other side to keep the information confidential.
Typical exclusions include information that is:
- Already known to the recipient
- Already publicly known (often this is qualified so long as the recipient didn’t wrongfully render it publicly known) or enters the public domain during the term of the NDA
- Disclosed to the recipient by a third party who has no duty of confidentiality to the disclosing party
- Independently developed by the receiving party without reference to or use of the confidential information of the disclosing party
How? – the scope of the confidentiality obligations of the receiving party
The core NDA obligation on the receiving party is in two parts, firstly, to keep the confidential information confidential; and secondly, not to use the confidential information itself (except, of course, for the agreed purpose).
As to keeping the confidential information confidential, this usually means that the receiving party must not disclose it to others. The NDA may also contain obligations relating to the security of the information. The scope and extent of what is required by the draft NDA to achieve this varies from the reasonable and typical, to the onerous. A typical example would be a limited number or category of people within the receiving party’s company having access to the confidential information and the receiving party ensuring that they are all informed of the nature of the confidentiality restrictions.
The second part as to non-use of the confidential information is equally important as the disclosing party will of course not want the receiving party to gain from the confidential information to the disclosing party’s detriment. Related to use of the confidential information, receiving parties may wish to have a residuals clause inserted in the agreement which allows the right to use or disclose any residual knowledge gained during the course of the relevant matter or discussions and retained in the memory of its employees (i.e., unaided, without notes or records). These should be strongly resisted by disclosing parties.
To whom? – other persons or authorities with whom the receiving party is permitted to disclose confidential information
Where others, such as affiliated companies or professional advisers may need to share the confidential information, provision can be made within the NDA for such permitted disclosees, usually on the basis that the receiving party is responsible for any breach of the terms of the NDA by such a permitted disclosee. However, other more onerous obligations can be required, such as for such persons to enter an NDA with the disclosing party directly.
The NDA can also deal with the situation in which the receiving party is forced to disclose the information by legal or regulatory process. The receiving party should be allowed to do that without breaching the NDA, usually, so long as where legally permitted to do so, the receiving party has warned the disclosing party in advance.
When? – the duration of the agreement.
How long should the NDA last? Usually but not always, the duration will begin from the date the NDA is entered into. As to its termination, some disclosing parties may say that the NDA should last forever -why should someone have the right to use their confidential information after a fixed period so long as it remains confidential?
However, in most circumstances, after a number of years, most confidential information becomes of little or no use and the cost of policing confidentiality obligations can become expensive and unreasonable for a receiving party if the obligations run in perpetuity. As such, most receiving parties insist on a definite term as to when the agreement ends, and this is common practice.
As to what is a reasonable term is usually informed by the industry the parties are in and what information and its type is disclosed. In some sectors, a few years may be acceptable, say because technology may change so fast; or a business opportunity may only be available for a prospectively limited time, in either example which would render the confidential information broadly worthless.
As a broad guide, most NDAs tend to have a duration of between one and five years.
Additional typical provisions
Disclosing parties often want to add some other useful provisions to their NDA to protect themselves from further issues, depending on their situation. There are more, but here are a few such clause type examples:
- Non-solicitation: If a receiving party has significant access to disclosing party employees, the disclosing party may want to insert a clause that prevents the receiving party from soliciting or hiring the disclosing party’s employees for the duration of the NDA (or as may be negotiated). The receiving party may agree, subject to exceptions. For example, the receiving party may want the limitation to apply only to those employees that they have come into contact with during their review of the confidential information. A receiving party would typically seek to exclude any employment that results from a genuine recruitment campaign by the receiving party.
- Law and Jurisdiction: If you are the disclosing party, you should ensure that if there is any dispute as to whether the other side has lived up to its obligations, the dispute will be handled exclusively in your city (or country if disclosing cross border). It is usually etiquette that the disclosing party dictates the law and jurisdiction as any required enforcement of the NDA should be at its convenience.
- No Rights: Just because a disclosing party is going to share confidential information, the receiving party shouldn’t get any rights to the disclosing party’s ideas, intellectual property or to enter into a deal with it.
This piece is a broad overview not a substitute for legal advice suited to your specific circumstances.