JOHN P. O’BRIEN, TECHNOLOGY ATTORNEY

Non-Disclosure Agreements – An Overview

February 13, 2019 By In All No Comments

Non-disclosure agreements are a staple of the Tech world and have occupied that role for years. That has been consistent for many years, however, as laws and the industry have changed and evolved the role of a Non-disclosure Agreement has changed slightly. For many years, the primary focus of NDAs was to establish and maintain trade secret status in the confidential information disclosed. Sometimes, that was done to ensure that the customer preserved the competitive advantage in the information that it paid to develop and protect that information from re-use by consultants that may have been paid to do part of that development work. Sometimes NDAs were used to preserve the proprietary nature of the development work until it was completed and then it might be followed up with a patent application.

The basic elements of an NDA are:

Scope:  What information is covered the NDA; i.e. what information is confidential Information for the purposes of the Agreement. Written confidential information should generally be labeled as Confidential. Oral Confidential disclosures should be announced at the meeting prior to making the disclosure; and followed up in writing that this information was disclosed on this date to these people after they were informed that it was confidential Information of the disclosing party.

Purpose:  The NDA should include an approved purpose for the disclosure. This essentially states exactly what purposes the receiving party is authorized to use that confidential Information for. Many NDAs also state that the receiving party will not use the Confidential Information for its own benefit.

Standard of Care: The NDA should state the required standard of care by the receiving party i.e. a strict standard (the highest and generally reserved to clean-room development) or the same as the receiving party uses with their own confidential information (most common), etc. The NDA also frequently states that the Confidential Information will only be shared on a “need to know” basis with employees and advisors that have agreed in writing to protect the Confidential Information. Most NDAs typically make the receiving party liable to the disclosing party for all NDA violations for the people the receiving party discloses to under the NDA.

Exemptions: Most NDAs include a list of items that are excluded from the confidentiality obligation. If you can prove (i) that you knew the information before they made the disclosure; (ii) that you independently developed the same information without having access to the information that was disclosed; (iii) information that enters the public domain without breach by the receiving party; (iv) information that another party discloses to you without a confidentiality obligation; and (v) disclosures that are compelled by a legal authority. These exemptions are fairly standard and are intended to make sure that the receiving party is not placed at a competitive disadvantage because they agreed to the NDA.

 

Unlike most other contracts, the primary remedy that you need to look for in an NDA confidential disclosure is injunctive relief. You want the other party to stop copying your IP, or disclosing your trade secrets. Many NDAs include a stipulation that a breach would cause immediate and irreparable harm so injunctive relief is appropriate. By agreeing to that in the NDA it avoids needing to argue those facts before obtaining injunctive relief.

Often an NDA will also state:

  • That the Disclosing party does not warrant the information disclosed (it is provided “AS IS” remember, often the information disclosed is still in the process of being developed and finalized;
  • The receiving party has no obligation to conclude an agreement, if the NDA was for an evaluation purposes.
  • It is important to remember with international disclosures, unlike the US, reverse engineering is permitted; therefore, if you are disclosing information for use outside of the US, you should probably have a clause prohibiting reverse engineering.

With the new General Data Protection Regulation (GDPR) that went into effect in May 2018, there is an extensive multi-national legal framework that helps focus on the Confidentiality, Integrity and Availability (CIA) of data. In this context, it requires the Controllers that gather the data and the Processors that process that data to implement appropriate confidentiality Agreements to protect the confidentiality of the data subject’s Personally Identifiable Information. Under GDPR the receiving party has a duty to promptly provide notice to the disclosing party in the event of a breach of a “Security Event” and assistance in minimizing the impact (this contractual notice requirement is a key element of the GDPR privacy regulation and related compliance obligations). Also consistent with the GDPR overall goal of “data minimization” namely, as little Personally Identifiable Information (“PII“), such as name, address, email address and phone number, for as short as possible, with highly transparent notice and data subject rights. Many NDAs, and almost all international NDAs, require that the disclosing party must destroy or return the Confidential Information disclosed at the conclusion of the term, or sooner upon request.

NDAs are frequently used in conjunction with legal settlements because one or both parties do not want the details of the dispute or the settlement made generally available. This is a function that has sometimes been abused, for instance, the State of New Jersey just invalidated the use of NDA with regard to sexual harassment claims, feeling the public had a compelling need to know about those allegations.

NDAs are an extremely common part of the technology business, whether they are used to protect trade secrets, preserve you right to file a patent, to eliminate unfair competition in a competitive bid context, or to comply with your regulatory security or privacy concerns. However, while NDAs are a staple of most tech businesses, they are used in a wide variety of ways, and often the common elements are infused with some “not-so-standard terms” like non-competition, IP right transfers and broad indemnities. NDAs when used properly are easily and quickly implemented, but please understand they are legal documents and can often go well beyond the normal scope of an NDA; you need to carefully review NDAs before proceeding.

About The Author

John P. O'Brien
John O’Brien is an Attorney at Law with 30+ years of legal technology experience. John helps companies of all sizes develop, negotiate and modify consulting contracts, licenses, SOWs HR agreements and other business related financial transactions. John specializes in software subscription models, financial based cloud offerings, and capacity on demand offerings all built around a client's IT consumption patterns and budgetary constraints. He has helped software developers transition their business from the on-premise end user license model to a hosted SaaS environment; helped software develop productize their application and represented clients in many inbound SaaS negotiations. John has developed, implemented and supported vendor lease/finance programs at several vendors. Please contact John for a free consultation if you or the organization you work for is tired of trying to develop, negotiate and/or modify contracts and tech agreements of any type.

Recent Posts

No obligation, Always Free Consultation

I am a legal professional specialized in helping companies of all sizes develop, negotiate and/or modify consulting contracts, licenses (in-bound or out-both), SOWs, HR agreements and other business related financial transactions. This experience provides a powerful resource in navigating the challenges tech companies and tech consumers face in growing their business, managing their risks and maximizing their profits.

Address:

76 Ridge Road
Rumson, NJ 07760

Phone:

1+(732)-219-6641
1+(732)-219-6647 FAX

Hours:

Mon-Fri 8am – 5pm

Email:

johnpobrienesq@verizon.net