A Whistle-Stop Tour of NDAs
You’re working hard to build your business. You’re speaking to a prospective partner or supplier and need to share confidential information with them – like client lists, proprietary processes, or supplier and customer agreements – but you’re worried about the information being misused.
Non-disclosure agreements (NDAs) are used to protect the disclosure of information between two or more parties. Their aim is to prevent confidential information from falling into the wrong hands.
A well-drafted NDA will:
- identify whether the information is being shared by both parties or just one party (i.e. whether it is one-way or mutual)
- define what type of information is covered and why it’s being shared
- make clear how long the duty of confidentiality will last
- explain the circumstances under which confidential information may be disclosed
- detail the level of protection that should apply to confidential information
- address breaches of the agreement
An NDA stipulates the type of information that is confidential but will only protect information that is actually so. Information that is already in the public domain can’t be made confidential simply by referring to it in an NDA.
The definition of confidential information is important and will differ from business to business. Generally, however, most parties will seek to protect their intellectual property rights, know-how, trade secrets and information about the market in which they operate. It is also wise to make clear that information can be classed as confidential whether disclosed orally, in writing or electronically; and whether exchanged prior to the NDA being signed.
One of the most important features of an NDA is the inclusion of a specific description of the purpose for which the confidential information may be used. Paired with a blanket ban on using it for anything other than this purpose, it prevents the receiving party from making inappropriate use of the information. Typical purposes include carrying out certain professional services or exploring the terms of a potential joint venture or business opportunity.
How long does confidentiality last?
Most NDAs make clear that the obligations of confidentiality continue even after the relationship between the parties has come to an end. Some argue that this obligation should continue indefinitely, however it is usually more appropriate to set durations based on how long the information is likely to remain valuable. The cost of policing confidentiality can become expensive if it’s a forever obligation. At Stephenson Law we usually recommend a period of between two and five years from the date of disclosure.
Can confidential information ever be disclosed?
An NDA should specify that the confidential information of the disclosing party may be shared with the receiving party’s employees, representatives and affiliates as necessary for fulfilling the agreed purpose, provided that whoever has access to the information is also under an obligation of confidentiality. The obligation of confidentiality should not exist where the receiving party is compelled to disclose information by law or court order.
What level of protection should apply to confidential information?
It is not uncommon for a receiving party to propose that it will use the same measures to protect the disclosing party’s confidential information as it uses to protect its own. Unfortunately, this type of subjective standard is not always enough. As the disclosing party in this instance, you may want to include specific measures such as:
- a requirement that information be kept in a secure location
- limits on access to information, including its disclosure to employees or professional advisers
- a requirement to be notified in the case of unauthorised disclosure
- limits on copying information or transmitting it electronically
- an obligation to destroy or return confidential information once the purpose under which the NDA was agreed has ended
Breaches of the NDA
As with any contractual agreement, NDAs are legally enforceable and a party can claim damages in the event of a breach. It is also possible to obtain injunctive relief to prevent an anticipated or threatened breach, although this is more difficult in cases where some – or all – of the information is already in the public domain, or where there is a legitimate public interest in its disclosure.
Attempts to enforce an NDA may be defeated by demonstrating that the disclosing party had knowledge of the private information prior to signing the NDA, or that the information was obtained outside of its scope.
Venture Capitalists: the exception to the rule
Venture Capitalists (VCs) have an unwritten rule on NDAs: they don’t sign them.
It’s partly about bargaining power, and partly about not being interested in your ideas – VCs want to invest in your business but let you do the work. They don’t want to take your idea and run it themselves. VCs also invest in so many businesses, that it would be almost impossible for them to police their obligations if they signed an NDA every time they made an investment.
VCs, however, are the exception.
In most situations, an NDA will be a vital part of your negotiations and any commercial transactions or discussions you enter into. In each case, you want to ensure that the NDA you sign is not so restrictive that you can’t use the information in the way you want, but that it is restrictive enough to protect your ideas.
And that is the tricky bit.