Legal pitfalls when drafting an NDA

Non Disclosure Agreement or Confidentiality Agreements?

Non-disclosure agreements, otherwise known as confidentiality agreements or NDA’s are used to protect one or both parties confidential information when disclosing to another for a defined purpose such as a business project.  

The confidential information may include trade secrets, company data, sensitive business information, official legal documents such as internal contracts, technical procedures, such contractual decisions and other information considered confidential by the parties. The NDA can be a single NDA or a mutual NDA depending on whether only one party or both will share confidential information.

NDA Drafting Mistakes

The disclosing party should be aware that having an NDA does not guarantee non-disclosure of the confidential information and the receiving party may well breach the NDA. As such it is important to ensure the party you are divulging confidential information to will adhere to the terms of the agreement and is aware of the legal consequences.

There are remedies the parties can rely on which include an injunction to prevent the receiving party from disclosing further information under such an NDA, which may be counterproductive where the information is already public knowledge.

Common Mistakes Include:

• Sharing confidential information without an NDA in place.
• Not being specific or being ambiguous in the NDA or in the definition of confidential information.
• Not specifying who is permitted access to the confidential information e.g. third party use or authorised individuals.
• Not having access to the NDA in the event of a dispute.
• The confidential information is divulged to the wrong party because it wasn't entered into with the correct party (NDA is entered into with the wrong party).
• Entering into a one-way NDA where both parties are divulging confidential information.
• Information disclosed prior to entering into the NDA.
• Selecting the wrong jurisdiction for hearing disputes under the agreement and selecting a foreign court where you are unfamiliar with the foreign laws.
• Entering into an agreement where the confidential information is already in the public domain.
• The receiving party develops the information independently e.g. you choose to collaborate with a software company, it is possible the other software company may develop similar information independently which will not be covered under the NDA.
• Not requiring the receiving party to protect the information in a secure location.

Things to Consider

The parties may also rely on damages for breach of contract, although it may be difficult to establish breach of contract. Given these limitations the parties should ensure the agreement:

• Adequately defines confidential information to ensure the definition is wide enough to capture what the party intended, where the language is unambiguous courts will give the plain and ordinary meaning. It is important to describe the confidential information exactly as is.
• Ensures the parties details are correctly recorded including the individual's legal name or the business name, business address and signatory of each party.
• Considers the length of the agreement and the obligations of confidentiality post-termination or expiry of the agreement. There is no boilerplate timeframe for how long an NDA should last, but instead depends on the length of the relationship and the details of the agreement.
• Covers the term of the NDA as some NDA's end on a fixed term and others continue until the confidential information becomes public knowledge, the parties should decide which arrangement is required.
• Includes exclusions to the confidential information where applicable, this is important as the other party may already be in possession of the information and as such will want to ensure this is excluded from what is deemed confidential under the agreement.
• Is personalised and parties are careful not to take a copy and paste approach with NDA's as each NDA is based on the nature of the transaction, the specific confidential information being shared and the exclusions to the confidential information.
• Covers how they will identify which information is confidential, this may be by way of a party giving a written confirmation stating the information provided is confidential as it is clearly marked as "Confidential". The receiving party may also request written confirmation of this.
• Includes the obligations of the receiving party in protecting the confidential information such as ensuring the same security measures are applied to the confidential information as are applied to its own information or ensuring only authorised individuals (as specified in the confidentiality agreement) have access to the confidential information and where there is a breach the disclosing party is given sufficient notice. It may also place obligations on the receiving party to not reverse engineer or decompile the confidential information.
• Specifies what the relationship is e.g. employer, partner or investor.
• Including an entire agreement clause is useful as it ensures the written agreement is the entire agreement between them and does not include anything discussed previously.

Injunctive Relief and Other Remedies

Where a party is in breach of a contract the court may award an injunction to stop a party from doing something, in this case it may include not divulging further information. Although this can be problematic and not helpful where the sensitive information has already been divulged and is in the public domain.

Other remedies may include specific performance, which requires the party in breach to do something to remedy the fault. For example, there has been some disclosed information that has been divulged and there is a court order requiring the receiving party to apply specific security measures to the remaining information.

The most common award under a breach of contract is the award of damages which is calculated on the basis of actual losses sustained as a result of the breach of contract.

In conclusion, to ensure the confidential information is protected and the receiving party is aware of its obligations it is best to have a written agreement which stipulates the rights and obligations each party holds.

‍