A non-disclosure agreement (NDA) is a contract restricting the use of confidential information. “Confidentiality Agreement” = “Nondisclosure Agreement” = "Confidentiality and Non Disclosure Agreement" = “NDA”. These are all different nick-names for the same type of commercial agreement.
You don’t necessarily need an NDA to have legal protection for your confidential information. Legal remedies do exist even without an NDA. But having a written confidentiality agreement puts you in a better position to enforce your rights. It provides evidence that the other party knew they were receiving confidential information and the terms that apply (for example, what is protected, for how long is it protected etc).
NDAs are a useful formality when the stakes are high. Like when disclosing sensitive information prior to filing a patent. Or when dealing with people who could have incentives to use the information contrary to your interest. For example, in an arms length commercial discussion, where the other party could decide to work with a competitor or compete with you directly.
What is in an NDA?
While NDAs are a common document, there is no standard format. You will find a wide range of different legal drafting expressing the same commercial positions. For a detailed run down of different drafting options in NDAs see here. To identify which commercial positions are being proposed, you need to review the legal drafting each time. You also need to check whether any unusual or inappropriate clauses have been included.
Key features you will usually see include:
- a definition of the "Confidential Information" protected by the agreement;
- an obligation to keep the Confidential Information secret;
- an obligation to only use the Confidential Information for the purpose it was disclosed (eg evaluating whether or not to purchase a business); and
- some exceptions or exclusions when disclosure is permitted (eg when required by law, if the information enters the public domain).
You will then see a range of different clauses, depending on the commercial positions being proposed and the way the document has been drafted.
However, a true NDA should generally be confined to the handling of confidential information. Once you add other obligations (for example, transferring ownership of Intellectual Property or dealing with the provision of services) this starts to cross over into a different type of contract. For example, adding IP ownership provisions into an NDA makes it closer to a research and development or trial agreement. Those agreements require a little more thought and drafting and shouldn't be described as just a simple NDA.
When to sign an NDA
You should sign an NDA when you:
- intend to disclose sensitive confidential information to someone outside your organisation; and
- they could use that information to cause you commercial damage.
To get value out of your confidential information you generally need to disclose it to some third parties. Your manufacturer needs to know (at least part of) your secret recipe in order to produce your product. Your sales channel partner needs to know information about the product and your projections in order to promote and sell it. A big company looking to acquire your business needs to look over your books before committing to a deal. In these situations the contract with the third party generally contains protections for your confidential information.
But often, confidential information needs to be disclosed before those contracts are signed. Indeed in order to negotiate the right terms for your deal, you need to disclose confidential information in the negotiation itself. Even the fact that a party is in negotiations with someone (e.g. over the acquisition of a business) may be highly sensitive and confidential, before any agreement is reached.
One of the most common uses of an NDA is as a preliminary agreement to cover the negotiation a more complex deal. For example, if you need to disclose confidential information to a services provider to allow them to accurately scope work and propose a price in a final services agreement. You might have some preliminary conversations with that service provider to talk about working together. But before giving them access to your data or systems, you might ask them to sign an NDA.
This rationale can apply to many commercial negotiations. Common examples include:
- procurement deals (including services agreements, licence agreements, asset purchase agreements, manufacturing agreements, outsourcing agreements, managed services agreements);
- sales deals (including customer agreements, SaaS Agreements, asset sale agreements, master service agreements (MSA), software licences);
- commercial partnering transactions (including joint venture agreements, reseller agreements, distribution agreements, IP licenses, marketing and promotion agreements, joint development and revenue sharing agreements); or
- the sale of a business (for example, agreements for the sale and purchase of a business, assets or shares).
Other examples where you might want to use an NDA include where you are providing information to someone (like an auditor, consultant or professional adviser) who you don’t have a direct services contract with. For example, if they are using your information to produce a report for someone else (e.g. a potential investor/acquirer or a commercial partner attempting to lobby for regulatory change). If you are engaging the consultant or service provider directly, then you would usually have a services agreement in place which will regulate confidentiality, but if they are producing the report for a third party or for publication purposes, then you may require an NDA which addresses confidentiality and not the other terms regarding provision of services.
When not to sign an NDA
Don't sign an NDA if:
- the above criteria do not apply (it is not necessary);
- you are already protected by other confidentiality obligations;
- you can avoid disclosing sensitive confidential information; or
- the form of NDA contains commercial positions you don’t agree with or unusual/onerous obligations.
In hard situations (or where you don't have much leverage) you may need to weigh these factors up against the alternative options and make a pragmatic call. The alternatives may include:
- holding back sensitive information and engaging in only high level discussions;
- signing a different form of confidentiality agreement;
Often these options can be an interim or temporary step, that enables you to agree a better form of confidentiality agreement later. For example, you don’t sign the NDA you are originally provided with because you don’t agree with the terms. However, you hope to manoeuvre the situation to a more appropriate template at a later date. Or you hold information back until discussions have reached a more advanced stage, at which point you re-introduce the NDA.
Specific examples of when not to sign an NDA include:
- Existing suppliers or customers. If you already have a services agreement in place with your supplier or customer which covers the disclosure of confidential information to them. You don’t need to sign an NDA, as well. This is already covered by the confidentiality clauses in your agreement.
- Employees. You already have an employment contract with your employees. This means you don’t need to make them sign an NDA before including them on a new secret project. You are already protected by the employment agreement. You could instead just confirm in an email to the employee how confidential the information is and refer to their obligations in their agreement (if needs be).
- Form of NDA. You do not agree with the commercial positions proposed by the other side (for example, they have proposed an NDA that only protects their information when you also intend to disclose your own confidential information) or the NDA includes unusual or onerous provisions.
- Refusal to sign. The other side won't sign an NDA and it would undermine your commercial objectives to insist on it (i.e. by damaging the relationship). You will need to be careful here and ensure you can avoid disclosing particularly sensitive information to them (for example, if you're a startup pitching an investor).
If you don’t agree with the commercial positions being proposed by the other party (e.g. because they have proposed a one way agreement), you shouldn't sign the NDA. Instead, negotiate those positions, by asking them to send through a mutual agreement, providing a neutral template as a starting point (for example, a standard non disclosure agreement published by a law firm, a traditional document automation provider's NDA agreement) or using a service like Haggle.
Don't over-optimise for legal terms
In most cases, the outcome you are looking to achieve with an NDA is to quickly record the confidentiality obligations so you can get on with your primary goal (the eventual deal). With that in mind, it is usually a mistake to over-optimise for legal terms. A good NDA is a clear confirmation of confidentiality obligations, with no unexpected or onerous clauses, that can be agreed as quickly as possible. In most cases it is not the best use of time to tailor every clause to your scenario - avoid templates that require this. It just delays the eventual deal and only marginally (if at all) improves your legal position.
Complex situations involving multiple parties, nuanced information categories and different usage rights may require bespoke drafting and substantive legal advice. But these situations are the exception, and in most cases getting in place a few key variables into an otherwise standard agreement is all that is required.
This is not to say that you should agree to every NDA put in front of you. Unless you know where that NDA came from, you won’t know whether it was prepared with the above rationale in mind or has been more carefully tailored to achieve some other purpose. It is important to read someone else's NDA closely to make sure it reflects commercial positions you agree with (there are a few options) and that there are no unusual or inappropriate terms.