The Canal Street Blog

Business-focused legal discussion

Major Issues to Consider When Drafting or Reviewing a Non-Disclosure Agreement (NDA)

A non-disclosure agreement, or NDA, is an agreement that is meant to protect a party (or both parties) from losing control over all or parts of their valuable intellectual property. The NDA prevents one party from disclosing certain information belonging to the other party without permission. By preventing disclosure without permission, a party can maintain the value inherent in keeping certain intellectual property a secret from the outside world while still sharing that intellectual property with those who might help them build on it (or who might purchase the right to use it). But a non-disclosure agreement not thoughtfully considered can become a license for the other party to destroy or significantly diminish the value of your intellectual property. Here are four major issues to consider when drafting or reviewing a non-disclosure agreement:Non-Disclosure Agreement

1. Defining confidential information in the non-disclosure agreement

Defining confidential information is central to any non-disclosure agreement, and you should think carefully about how you choose to define confidential information. In an NDA, there are two main ways to define confidential information: an “opt-out” provision and an “opt-in” provisions. Opt-out provisions operate by defining everything a party shares as confidential unless otherwise identified or agreed. Opt-in provisions, on the other hand, require the parties to specifically identify what information is confidential information at the time of disclosure and anything not specifically identified is not confidential.

The disclosing party will likely want the definition to be as broad as possible in order to protect its secrets, and so will often want the opt-out style definition provision. But it is easier for the recipient of the information to comply with the agreement if the confidential information is clearly identified and there are no questions about what confidential information is, so recipients often want opt-in style definition provisions.

While we see both types regularly (and some that are at least arguably in between the two types), most non-disclosure agreements include the “opt-out” provision. You are more likely to see the opt-out provision because it requires less care from the disclosing party to maintain confidentiality. Particularly in NDAs where both parties intend to share confidential information, people tend to prefer a definition clause that makes it more likely that the information will be kept confidential. But the opt-out provision (in effect protecting all information from disclosure) is almost always modified by defining certain exclusions (that is, specific information that is “opted out” by default):

Exclusions from the definition of Confidential Information

To help ensure the non-disclosure agreement does not improperly prevent a party from using certain information, most non-disclosure agreements include specific exclusions for information that will not be subject to the non-disclosure requirements in the NDA. What constitutes a proper exclusion will vary from agreement to agreement, but common exclusions include:

  • Information that is already known by the recipient
  • Information that is publicly known or publicly available
  • Information that is independently developed by the recipient without the use of the disclosing party’s confidential information
  • Information that is disclosed by a third party that also happens to be disclosed by the disclosing party under the NDA
  • Information that the recipient is forced to disclose through a court order

One thing to look out for with exclusions is so called “burden-shifting” provisions. These provisions attempt to modify who is responsible for showing that information falls within an exclusion. You should also note that exclusions in an opt-out style NDA are likely also needed in an opt-in style NDA. That is, exclusions should apply regardless of how you choose to define confidential information as confidential information.

2. Third party disclosures and privacy breaches

The party receiving information under the NDA will want to ensure they have the right to share information with parties they might need to share with, for example, third party contractors, advisors, and subsidiary entities. The parties should consider who might need access to the information in advance to avoid inadvertent disclosures to third parties you might not think of as third parties. Considering in advance who will need the information will also help prevent the administrative cost (and legal risk) of repeatedly asking for permission to disclose information “outside” the terms of the original agreement.

The non-disclosure agreement should also detail the steps the parties are required to take to protect confidential information. If the receiving party is sloppy with their security practices, then the disclosing party may pay the price. So the disclosing party will generally want to require that the receiving party will maintain some minimum safeguards to protect the disclosing party’s information from privacy breaches and other inadvertent disclosures. Generally, a recipient of confidential information will be required to maintain the security of that information using at least the same safeguards they use to secure their own similar information, but in no event less than reasonable safeguards.

In considering who should be allowed to access confidential information and how it will be protected, the parties to a non-disclosure agreement should also consider who will be responsible for a breach by a third party who rightfully receives the information. The parties will also want to consider how to ensure that all third parties who receive the information also properly safeguard that information.

3. “Residual” clauses and other inadvertent IP transfers

Non-disclosure agreement clauses that deal with the transfer (or ownership generally) of intellectual property developed by the parties based on the confidential information protected under the non-disclosure agreement are often called “residual clauses.” Residual clauses are generally designed to allow the receiving party to use “derivatives” of confidential information that the receiving party derives from working with the disclosing party’s confidential information, or to prevent the receiving party from doing so. That is, these clauses address whether the recipient is able to use the “residual” information that they learn about or from the intellectual property of the disclosing party and to what extent.

While these residual clauses are not a bad thing by default, they can be very problematic if not thoughtfully considered. Depending on how a residual clause is drafted, it may prevent a receiving party from ever developing anything even tangentially related to what the disclosing party provided, which can cut off major business opportunities for the receiving party. These clauses also sometimes work to transfer information developed by one party to the other party without payment for the effort and in effect allow the disclosing party to use the receiving party’s information and prevent the receiving party from using their own information.

Residual clauses are also potentially problematic because most of the time the parties to a non-disclosure agreement do not contemplate actually transferring the ownership rights to any intellectual property through the NDA. Instead, they contemplate just a license for the other party to use the information for a limited purpose for a limited period of time. Depending on how the residual clause is drafted, a party may not see that they are transferring valuable rights through a seemingly innocuous provision about the rights to “derivatives, compilations, adaptations” and other forms of the confidential information.

Non-Disclosure Agreement

4. Boilerplate terms to consider in the non-disclosure agreement

There are other terms that the parties should consider when entering into a non-disclosure agreement. Some “boilerplate” contractual terms could help to smooth out any legal issues that might arise and give additional protections to both parties, and some are needed for effective enforcement of the NDA itself. Consider at minimum these boilerplate terms and their effect on the non-disclosure agreement:

  • Waiver- The purpose of the waiver clause is to ensure that one party’s failure to enforce its contractual rights under one circumstance does not result in a waiver of those rights for all potential future breaches. A party may not strictly enforce its rights under certain circumstances but would still want to enforce those rights under different circumstances in the future. The waiver provision helps ensure that party has the right to do so.
  • Integration- An integration clause would state that the NDA is the final agreement between the parties and incorporates or “integrates” all discussions the parties had on the subject. Should a dispute arise, this helps to limit the scope of the dispute to the terms actually included in the non-disclosure agreement. Suppose the parties discussed a term but the term was not ultimately included in the final NDA. One party says it was not included because they decided to leave it out. The other party says it was not included because it was left out by mistake (or because it was already understood to be agreed upon). If there ended up being a legal issue regarding this term and the NDA did not include an integration clause, then the party that thought the non-disclosure agreement was the full agreement and that the parties would not be bound by the unwritten term is more likely to lose on that point. Because we generally recommend getting all obligations in writing, it also generally makes sense to include an integration clause in the written agreement to ensure the written agreement is what is actually deemed to be the “full” agreement.
  • Injunction- “The law” generally avoids forcing parties to do anything specific, and “the law” prefers monetary damages as a remedy; monetary damages are easier to specify and enforce. In situations where money damages are inadequate, then the parties should specifically provide for what remedies are adequate. If a party violates the NDA, then the other party will not likely be happy with money damages. This is not only because that party will only get the damages they can prove without speculation (which may be next to nothing), but also because the money itself (even if it is a lot) may not be enough if the other party is otherwise allowed to continue to repeatedly violate the non-disclosure agreement. By including a provision that allows for a party to seek an injunction instead of just monetary damages, the damaged party can ask a court to force the other party to stop sharing information in breach of the agreement. This is often more valuable than any money damages the damaged party could actually prove. Without the injunction provision, a damaged party to a non-disclosure agreement can’t be sure they could stop a breach.
  • Choice of Law and Venue- If a dispute arises out of the non-disclosure agreement, the choice of law clause would indicate what law governs the agreement and the litigation over the dispute. Specifying the choice of law also allows the parties to ensure they understand they are agreeing to the same thing at the time they sign the agreement. The venue clauses ensures the parties know in advance where they can enforce the agreement, and helps to ensure that they don’t spend valuable resources just trying to establish the right to make a claim in a particular venue. For an in-depth discussion of this topic, see the choice of law and venue post from the understanding contract terms series.

By considering these four major issues, you will be better prepared to understand whether you should sign the NDA or demand changes before providing your intellectual property. Your intellectual property is often your most valuable asset, so you should thoughtfully consider every non-disclosure agreement. If you have questions regarding a non-disclosure agreement or would like to create a non disclosure agreement tailored to your business, please contact us.

Thanks to Melanie Notari for her help drafting and editing this post!

Photo: Robert Huffstutter |Flickr

Photo: Joe Ross |Flickr