Nowadays, it seems like everyone has been asked to sign a non-disclosure agreement (“NDA”)—from employees and independent contractors, to people looking into buying a business. For example, your company might use an NDA while exploring whether to hire an outside company to handle your customer service calls, while a distributor or supplier might use an NDA when providing a manufacturer with its product specifications. Or, an entrepreneur might use an NDA while shopping around his/her latest invention or new technology, while an advertising/marketing company might use an NDA to pitch its services to potential customers.
NDAs are everywhere because they serve an important purpose.
Unfortunately, because they’re everywhere, they’ve become “standardized” to the point where a lot of business owners simply use NDAs they’ve received in the past (or worse, ones that they found for free on the Internet), and they do this without any understanding of the law or the legal consequences associated with their choices. However, NDAs are important legal documents, and thus they should never be regarded as “standard” or “generic.”
Generally, well written NDAs will typically contain two primary provisions: (i) one that defines the confidential information to be protected; and (ii) one that excludes certain things from that definition. Why is this important? Well, as an example, what constitutes “confidential information” might vary by industry. What’s considered highly confidential in one industry, might not be confidential in another.
Adequately Defining “Confidential Information”
This is where an experienced business attorney needs to demonstrate some skill and understanding of your business. Define the term too “confidential information” too broadly, and you risk a court’s ultimately refusing to enforce your NDA. As they say, the devil is in the details.
Thus, for example, while a lot of NDAs routinely include as “confidential” information either or both: (i) information that is “conspicuously marked by the discloser as ‘confidential’”; and/or (ii) information that would “normally” be deemed confidential “under the circumstances” (both of which are obvious), a well written NDA would also specify particular types of information that need to be protected (including information specific to your company, as well as your company’s industry), such as:
- business and marketing plans;
- financial projections/models, budgets, or results;
- contact information for suppliers, customers, or vendors; or
- the identities and contact information of certain “gate keepers” (e.g., a purchasing agent at a hospital who has the final word in approving large purchases, and the person it took you 10 years to identify).
Of course, well drafted NDAs contain numerous other specific items that conform to the company’s actual business (as opposed to a one-size fits all agreement).
Exclusions From the Definition of “Confidential Information”
As mentioned, in addition to defining what is confidential, a good NDA must also specify what isn’t to be considered confidential. And this is another place where the above-referenced standardization can work against a business owner seeking to protect genuine trade secrets and confidential information.
Most standard/generic NDAs contain these same three standard exclusions: (i) information which is or becomes public through no fault of the receiving party; (ii) information which was already in the receiving party’s possession prior to disclosure; and (iii) information independently developed by the receiving party. To be clear, these should be included. Again, however, the devil is in the details.
Sometimes, those standardized exclusions can do a lot of harm to the disclosing party if not worded carefully and with a specific understanding of your company’s business. Take for example the above-referenced exclusion dealing with independently developed information. On the surface, the exclusion seems utterly non-objectionable, doesn’t it? After all, if a receiving party developed certain information on its own, why should that party be prevented from using the information?
The answer is quite simple. It’s easy to say that “independently” developed information should remain the sole property of the receiving party, but that ignores the fact that once a bell is rung, it cannot be un-rung. Think about it this way: even if the receiving party does not literally rely upon a certain piece of confidential information, simply knowing that information could easily provide extraordinarily valuable insights into the information in question. Simply having had access to the information in question could help the receiving party make leaps it would not have been able to make without the disclosing party’s information.
If the NDA your company wants to use doesn’t resolve that, or some of the other issues raised above, you may want to seriously consider abandoning the generic document in favor of a fully customized agreement that will provide a maximum level of protection to your company should you ever need to take legal action to protect your confidential information.