Good agreements should not contain unnecessary clauses. It is as dangerous to add too many clauses to a contract as to leave key clauses out. It is one thing to include flexibility in an agreement and quite another to throw in a clause because everybody else does it or so that it covers the remote and improbable but gives rise to potential risks that can’t be assessed at the time that the contract is signed. Careless drafting can lead to confusion, inconsistencies between provisions and needless obligations that clutter up the relationship between the parties.
The same can be said of churning out a standard agreement and insisting that it be signed when the rationale behind it hasn’t been thought through. On the other hand, there are times when a party really should have a specific contractual protection but is loath to ask for a specific term to be included or even a type of agreement to be signed, in case it scares the other party away.
Confused? You’re not alone. Let’s look at this in the context of an often-misunderstood document – the non-disclosure agreement or NDA.
Defining the purpose
Generic NDAs are often vague as to their intention. If there is a specific purpose relating to the discussions between the parties, then it is prudent to define what this purpose is. Examples of a purpose could be a specific project, the providing of future services, or negotiations relating to the purchase of a business.
Keeping information confidential can be onerous and limiting, the obligation to protect confidential information to information disclosed for a specific purpose ensures that parties are not implementing extreme measures to adhere to confidentiality in relation to a broad range of documentation or other forms of information that doesn’t fall within the required purpose. Of course, the flip side of this is that you should only hand over confidential information relating to the purpose as defined and be careful not to hand anything over that you want to keep confidential but doesn’t fall within the defined purpose.
Defining confidential information
Parties are, understandably, so concerned that their information may be disclosed that they tend to throw in the widest definition of “confidential information” that they can. It is easy to think that, if the definition of confidential information is extremely broad, this will provide the most protection. However, because parties often make use of a standard template or grab a clause from another non-disclosure agreement, they don’t read it the list through carefully.
A long list of possible confidential information may, in fact, not include information which is relevant to your situation. There is usually a catch-all clause of something along the line of “any other information that may be identified as confidential” but no-one wants to fall back on this unless they must.
Here are some factors to consider when crafting the definition of confidential information:
- Any information derived from the confidential information. This provides protection in the situation where confidential information is analysed whether via electronic or manual means which results in reports or other information based in the original confidential information. This is especially relevant in the world of ever-changing AI modelling.
- Information specific to your situation. In addition to your standard definition, you may want to refer to specific information in a schedule. This may include specific brand names, blueprints or designs.
- Keeping the fact that the parties are even negotiating or doing business together confidential. You may not want to the market to know that you are, for example, discussing the sale of your business or the launching of a new product. Sometimes the very fact that you are speaking with another party may spark speculation amongst other businesses in your industry.
Using confidential information
In the age of AI, you may want to prevent the use of your confidential information by a generative AI model. You don’t want your counter party to use your confidential information to teach AI software about factors that are confidential and key to your business.
It is also extremely important to make sure that you are clear in your NDA regarding who the receiving party can disclose the confidential information to. For example, you may wish to specify that the receiving party may only disclose the confidential information to its employees and/or legal advisors. Furthermore, it is good practice to make sure that any authorised person the receiving party shares the confidential information with is bound by the same rules that the receiving party must keep. You would also want to expressly state that the overall obligation to comply with the non-disclosure agreement remains with the receiving party. In other words, the buck stops with the receiving party no matter who breaches the confidentiality provision on its side.
Data protection
Parties often overlook the fact that personal data may be exchanged even in the case of initial discussions or negotiations between the parties or product demonstrations. In such cases, proper attention needs to be given to the obligations of the parties regarding the processing of this personal data. An NDA is not a “light” agreement. It has concrete obligations, and these must accord with applicable data protection laws. Of course, this assumes that any personal data collected by the disclosing party allows for the transfer of personal data to another party.
Do I always need a non-disclosure agreement?
Wherever one or both parties are going to make confidential proprietary information available during an engagement, this must be protected. Where this information is going to be disclosed before an agreement governing the relationship between the parties is signed then an NDA is necessary. However, if no confidential information is going to be disclosed before the agreement is signed then the inclusion of a confidentiality provision which will take most of the above factors into account is sufficient.
Why does this matter?
Some service providers are afraid that asking a potential client to sign an NDA early in the negotiations or even at an introductory meeting will put them off. However, if your pitch is going to include showing how your methodology works or what your software can do, it is prudent to make sure that your potential client isn’t going to take what you’ve shown them and try and get it duplicated at a reduced cost, or inhouse or with their other favourite supplier.
Likewise, before you share a shred of confidential information in a discussion or negotiation, put an NDA in place to protect both parties. This is especially the case where the discussions require the disclosure of a key invention, process or product. The consequences of this information being used or disclosed to the market can be catastrophic.
Information whether written, drawn, registered, unregistered or otherwise has value. Protecting confidential information has never been more important than now, in the age of AI where reverse engineering and disseminating of information can be done quickly.
I’m often asked two questions about NDAs. The first is whether an NDA is worth the paper it is written on. My answer is that this is a question to be asked of every agreement. You can’t stop a party to an agreement from breaching the agreement. What you can do is make sure that everyone knows what their obligations are and what the consequences are following a breach. Making sure that the agreement is as easy as possible to enforce is another important requirement. Like all agreements, an NDA may be in place between parties with different levels of bargaining power and financial ability to litigate which brings an additional layer of risk. The unfortunate reality is that the person who wishes to enforce their rights under any agreement will need to put their hands in their pockets to do so.
The second question is why it is necessary to pay for such a “standard document”. It is true that there are generic NDAs available for download and in certain circumstances they may do the job, but the real question is whether you are prepared to risk the most important parts of your business by relying on a document that has been produced in a vacuum, does not take into account the nature of your business and doesn’t have the benefit of an expert’s experience of where things can go wrong.
The information provided in this article is provided for general information purposes only, and does not provide definitive advice. It does not amount to legal or other professional advice and so you should not rely on any information contained here as if it were such advice.
Wright Hassall does not accept any responsibility for any loss which may arise from reliance on any information published here. Definitive advice can only be given with full knowledge of all relevant facts. If you need such advice please contact a member of our professional staff.
The information published across our Knowledge Base is correct at the time of going to press.
