NDAs Are Fundamentally About Trust
I was in my local Walgreen’s last week to pick up a prescription. As always, standard privacy measures were in place — measures that, at this point, we all take for granted: distance between customers as they approach the counter; drug names on a screen that’s visible only to the technician; prescriptions handed over in a generic bag, and so on.
In addition to protecting the privacy of the customer, these steps serve to establish trust. They help us feel confident the pharmacy isn’t sharing our information and make us willing to return in the future. Imagine if you found yourself in a pharmacy that didn’t take these steps?
Similarly, technology-based businesses should take measures to establish trust and build confidence with prospective customers and partners — especially at the outset of a relationship when the parties are getting to know one another.
One simple but effective way to achieve this trust is to insist on putting a nondisclosure agreement (NDA) in place before meaningful discussions begin. By doing so, you’ll not only protect your disclosures, but you’ll demonstrate to the other party that your company takes confidentiality seriously and has procedures in place to ensure secrecy is maintained.
Why are NDAs So Important?
Protecting Trade Secrets. Intellectual property is one of the most valuable assets of a technology business. Trade secrets, designs, processes, and other sensitive information must be kept confidential. Without a contractual relationship (or some other professional obligation) to maintain secrecy, a party receiving information is most likely free to disclose that information as it wishes.
Maintaining Competitive Advantage. An NDA can help prevent competitors from gaining access to critical information that could give them an advantage relative to you.
Preserving Business Relationships. NDAs establish clear expectations for the protection of confidential information. By requiring an NDA before entering discussions, you demonstrate that your business takes confidentiality seriously.
What’s Needed in an NDA?
I’ve reviewed hundreds of NDA’s. Although most seem quite similar, they are never precisely the same. So it’s important to review the terms in their entirety to ensure that your disclosures are protected and your business isn’t handcuffed going forward.
Here are some key items to look for…
#1. Scope of Confidential Information
The definition of what constitutes “confidential information” is a significant consideration. If your company will be disclosing highly sensitive material, make sure it is described with a great deal of specificitybeyond standard, generic terms. For example, for some clients, I will insert company-specific terms that ensure the client’s unique information (which ultimately provides its competitive advantage) is described in detail.
In addition, consider how similar the work you do is to that of the other party. If there is meaningful overlap, you may want to limit the scope of the disclosures covered by the NDA so that your business isn’t overly constrained at a later date.
#2. Duration of the Confidentiality Obligation
The length of time of the NDA should be specific, reasonable, and appropriate based on the type of information being protected. In some cases — especially where only one party is disclosing information — the parties may have different goals. The primary discloser may seek a longer period of protection, while the recipient may prefer something shorter. Generally speaking, I’ve seen that most parties will settle for a duration between three to five years.
#3. Permitted Disclosures
These outline how the information can be used by the recipient and by whom. In general, until a substantive agreement (i.e., beyond the NDA) is entered by the parties, information should be permitted to be used solely to investigate a potential relationship. Further, disclosures should be limited to employees and advisors with an obligation to maintain confidentiality.
#4. Return or Destruction of Information
This specifies how the received information will be returned or destroyed when the parties part ways. Since it is often difficult to remove information from backup or archival copies, the recipient is often given the opportunity to retain information maintained in the ordinary course of business, subject to the confidentiality obligations in the NDA.
#5. Remedies and Enforcement
Given the difficulty and delay associated with proving damages in connection with a breach, it’s best to specify beforehand that injunctive relief is available without the necessity of proving damages. Governing law (the laws of the state whose laws will be used to interpret and enforce the NDA) and jurisdiction (the courts having authority to resolve disputes) should also be agreed upon, to avoid costly surprises down the road.
NDAs are critical tools in the protection of a technology business’s confidential information. Since they typically come into play at the beginning of a business agreement, they serve an especially important role in building mutual trust and starting things off on the right foot!