The perfect NDA (and top 5 NDA pet peeves)

September 25, 2020

Among the nearly infinite variety of legal agreements in use today, the non-disclosure agreement for general bilateral business discussions is by far the most ubiquitous. If measured only by the frequency of its use and the significance of its impact, a company’s NDA template is arguably its most important. The $200 million verdict against Oculus for breach of a rather simple NDA speaks volumes as to how critical such an agreement can be.

Every company has its own unique general use NDA template; paradoxically, many companies sign the opposite party’s template more often than not. The party larger in size, reputation, market cap, or perceived importance usually wins the battle of the NDA form. This NDA ritual takes place hundreds of times a day all over the world. 

Fundamentally the purpose of the NDA is straightforward: protect confidential information from unauthorized use and disclosure. Both parties have an equal and legitimate interest in protecting their own information, and each party usually recognizes the other side’s interest as well. The best general purpose NDAs are those that are short, simple, clear, and mutual. The worst are those that are complex, lengthy, and lack basic mutuality.

The model NDA template accomplishes what should be the primary objective of any NDA: establish a balanced legal framework for the protection of each party’s confidential information in a simple, clear and direct manner. All of the terms and obligations should be reciprocal. Neither side should be advantaged. There should be no unexpected provisions. And ideally the NDA should be a modest one or two pages in length.

Effective Date

The “Effective Date” can be a date that’s inserted on the date of signature, or it can be expressed as the date of the last signature. The problem with leaving the date blank is that it often remains blank after both parties have signed. That said, if the NDA protects information whether disclosed before or after the effective date, then there’s little significance to the effective date, other than clarifying when the agreement came into being and, thus, the term of the agreement.

Definition of Confidential Information

Typically, NDAs define “Confidential Information” to include written as well as orally disclosed information, so long as marked or designated as confidential. Oral information is often protected only if it is summarized in writing within a certain period of time after disclosure. The issue of orally disclosed information is a challenging one. Many companies, especially larger ones with active and sizable legal departments, are reluctant to tie themselves to confidentiality obligations with respect to any orally disclosed information that is not summarized in writing later. The problem of course is that such summaries are rarely completed. Without the summary, no protection applies.

The ideal template attempts to strike a balance between the two extremes, by extending protection not only if it’s summarized in writing, but by extending protection to certain specifically enumerated categories of information (for example, “contemplated product or service plans, marketing or business strategies, vulnerabilities, third party relationships, or pricing or financial information”). Few would argue that oral information about a company’s publicly unreleased product plans or strategies, vulnerabilities, or financial information should not be protected as confidential. For oral information that falls outside of these protected categories, the written summary requirement applies.

Yet another possible variant is to protect orally disclosed information falling into these categories only if “the information, given its nature and the details of its disclosure, should reasonably be considered as confidential in nature” or the like. This may ease the concerns of those who insist that all orally disclosed information should be protected only if summarized in writing. Yet, this concession may not be enough to satisfy some corporate legal departments that will insist on the written summary requirement.

Ultimately, the requirement that oral disclosures be summarized is so commonplace that to oppose it in every case would unjustifiably impede the transacting of necessary business. Educating the client to ensure that important conversations are memorialized is the best solution; refusing to sign a NDA due to opposition to this requirement is not.

One final point about orally disclosed information is that the ideal template should preserve the confidential nature of the information pending the production of the written summary. Without this clarification, the information may never be confidential unless and until the disclosing party produces the written summary. This may take time. Meanwhile, the receiving party could literally publish highly sensitive orally-disclosed information within hours of the parties’ meeting, in the absence of such a clause.

Permitted Recipients

Typically, disclosure of Confidential Information is limited to the receiving party’s employees, but oftentimes disclosure to affiliates and agents is permitted. Care should be taken to ensure that such agents and affiliates are tightly defined. Virtually any person or entity can be an agent or affiliate, including, obviously, competitors of the disclosing party (even those with an ostensible “need to know”).

Exceptions

The exceptions component of the NDA is the most important. Any balanced NDA should exclude from the confidentiality obligation any information that is (a) known to the receiving party prior to its disclosure by the disclosing party; (b) is or becomes generally known or available, or is in or becomes part of the public domain, other than through breach of confidentiality; (c) disclosed to the receiving party by a third party without any apparent breach of confidentiality; or (d) independently developed by the receiving party without use of any of the disclosing party’s confidential information.

One exception occasionally found in NDA forms is “disclosed by the disclosing party to a third party without restriction on disclosure. ” Whichever party to the NDA has a stronger incentive to protect confidentiality may object to the inclusion of such an exception, particularly if the NDA form already contains the public domain/generally known exception. If interpreted in conjunction with the latter, this exception is not logically redundant only in the situation in which the information owner’s dissemination of its own information has not reached the level of being generally known, but has been selectively revealed to a certain few. While an argument can certainly be made that if the owner has been selectively disclosing the information in question to a select few, it should not be entitled to confidentiality protection at all, the sensitive information owner will argue that such intermittent disclosure may have been inadvertent, or under circumstances indicative of apparent, even if ultimately non-existent, confidentiality. Such party will argue that the public domain exception should suffice.

Top 5 NDA Pet Peeves

1. Blank “Purpose” Requirement

It is quite common for NDA templates to specify a “purpose” of the information exchange; less commonly, some NDAs require that information protected under the NDA be relevant or germane to, or disclosed solely in furtherance of, a defined purpose in order to qualify for protection. Oftentimes the purpose definition is blank, requiring the business people involved in the discussions to complete what they believe the purpose should be. Business clients from either side may specify an inordinately narrow purpose, or the discussions may evolve beyond what is defined in the NDA’s purpose statement. In such case, legal cycles are again consumed in order to amend the purpose statement or enter into a new NDA. Worst case, the parties will fail to realize that the discussions have evolved beyond the purpose statement set out in the NDA, thus resulting in no confidentiality protections whatsoever.

Realistically, after the NDA is signed, it is forgotten, and it is extremely unlikely that representatives from either side will be closely monitoring the discussions to make sure they do not deviate from the scope of the expressed purpose. And, whether a given item of information is germane to the purpose may not be clear, thus inviting disputes in the future.

Any information that is designated as confidential should be protected. The confidentiality exceptions are the best defense against assuming unnecessary or unrelated confidentiality obligations. Consequently, if a purpose requirement is unavoidable, then the best purpose articulation should be as broad as possible (eg, “to evaluate whether to enter into a transaction”; or “to fulfill the mutual obligations and purposes of a mutual business relationship”).

2. Documentary or Clear and Convincing Proof Requirement

Variants of the confidentiality exclusions clause may require that applicability of the exceptions be proven by documentary evidence (for example, removing “independently developed by the receiving party without use of any of the disclosing party’s confidential information, as established by documentary evidence”). The hidden premise behind such a requirement is that testimonial evidence is inherently untrustworthy or at least not as reliable as documentary evidence. This premise is questionable as an empirical matter. In any case, oftentimes it may be impossible to find documentary proof of prior knowledge or independent development for a given piece of information.

For example, it is easy to envision how a large company with R&D facilities all over the world could quite readily develop technology independently of any access to or use of the confidential information protected by the NDA and disclosed in a remote locale. Yet if the documentary proof requirement applies, it’s not clear what type of proof would satisfy the requirement. Would documents proving the existence of the development of the same information in a far-flung R&D center be sufficient? Or would a court require documents affirmatively proving that the developers of the information specifically refused to expose themselves to the NDA-protected information?

Some NDAs require that the exclusions be proven by “clear and convincing evidence”, a standard of proof that would make application of any exclusion quite difficult to establish. The default standard of proof, preponderance of the evidence (i.e., more likely than not), is the standard that would apply to all other issues relating to the NDA, such as the issue of whether the information in question is captured by the definition of confidential information, or whether the NDA itself was breached. The breach claimant should not have a lower standard of proof than the breach defendant.

3. Time-Limited Term of Protection

Many NDA forms contain a limited term of effectiveness. Such forms can be inconvenient if the NDA expires prior to the termination of the parties’ negotiations or relationship. Early expiration will result in the need for a renewal amendment or for a new NDA, thus consuming legal resources. If the NDA is truly balanced and limited in scope, there’s no compelling reason to require that the NDA expire, particularly if either party is free, as is often the case, to terminate the NDA at will.

Many NDA templates also limit the time period in which the confidentiality obligations apply. “The obligations of confidentiality under this agreement expire five years after termination”, for example, is a typical formulation. Arguments raised in support of an arbitrary cut-off of protection include administrative convenience; finality of obligations; and that most information should be expected to “go stale” after five years or so anyway.

Nevertheless, time-bound confidentiality obligations can be fatal to the protection of trade secrets. A trade secret derives its protection from proof that the owner has exercised reasonable efforts to safeguard its secrecy. It’s not difficult for an adverse party in any trade secrets litigation to discover and use the fact that the purported trade secret owner routinely signed time-bound NDAs, to potentially devastating effect.

4. Non-Reciprocal Terms

Language granting an enhanced degree of protection for only one party’s data, or securing a longer period of confidentiality protection for one party’s source code, or requiring one party and not the other to bear the burden of proving the applicability of confidentiality exceptions, are all common examples of non-reciprocal clauses that will inevitably invite negotiation and therefore delay. The rather limited legal benefit of such clauses should be balanced against the wasted cycles such provisions cause. The ultimate goal is to secure signatures on the NDA form as soon as possible, given that no business can take place until the NDA is closed.

5. Residual Rights

A residuals (or residual rights) clause clarifies that general knowledge or know-how that has not been intentionally memorized is not subject to the confidentiality obligations of the agreement. Example:

Nothing in this Agreement will be construed to prevent the receiving party’s employees who access Confidential Information from using Residuals for any purpose. The term “Residuals” means information of a general nature, such as general knowledge, professional skills, know-how, work experience or techniques, that is retained in the unaided memories (without conscious memorization or subsequent reference to the material in question) of the receiving party’s employees who have had access to Confidential Information.

Such a clause essentially removes confidentiality protections for any information that is retained in the unaided memories of the receiving party’s employees. At bottom, it’s a gaping hole in the non-disclosure and non-circumvention obligations of the NDA. “Anything that remains in my head” may be freely used and disclosed. Such a clause is particularly inappropriate for NDAs that cover the exchange of sensitive financial information, as such information is readily retrievable from memory.

In summary, the degree to which a bilateral non-disclosure agreement template for general business discussions can be considered “perfect” depends on the degree to which the NDA is simple, concise, and mutual. The best general-use NDAs are those that are completely unobjectionable and clear. The worst are those that invite unhelpful negotiation and attendant acrimony. Sometimes not negotiating is better than negotiating and “winning” a point or two, given that the parties must work together to forge a new relationship going forward. Crafting the perfect NDA to strike this balance is as much a science as an art, a task that requires knowledge of the law, culture, and business in which our clients operate.

First published in the Fall 2020 edition of New Matter, the quarterly journal of the Intellectual Property Section of the California Lawyers Association. Further references available at Redline: The perfect non-disclosure agreement (and top 5 NDA pet peeves); Strategies for overcoming time-bound confidentiality obligations in NDAs.

___________________________

The intended audience for this post is licensed and practicing lawyers, not laypersons seeking legal advice for their situation. If you are not a lawyer, hire one before using or relying on any information contained here. This post is: (1) informational only and not intended as advertising or as solicitation for legal services, (2) not intended to render legal advice to you, and (3) not a substitute for obtaining legal advice from a qualified attorney to assess your exact situation. The information here is subject to change and may not be applicable or correct in your jurisdiction. The views and opinions expressed here are Sean’s alone and do not necessarily represent the positions of Sean’s present or former employers, law firms, or clients.