The Often-Signed, Rarely Read ‘Confidentiality Agreement’

A confidentiality agreement is seldom a strategically important agreement. But you can make a strategically important mistake in signing one. The risk of this is exacerbated if you are among the droves of managers who sign confidentiality agreements (sometimes called non-disclosure agreements, or NDAs) without really reading them.

Here’s the key risk:  some confidentiality agreements, especially those offered up by potential business partners, will contain restrictions on your engaging in a competitive business (a ‘non-compete’) or on your soliciting or hiring employees, customers, suppliers, etc. (a ‘non-raid’). If you do nothing else before signing a confidentiality agreement, check to see if it contains one of these extraordinary restrictions.

Such restrictions are rarely appropriate at the early stage of discussions when the confidentiality agreement is signed. One exception may be where a seller is nervous about introducing a potential buyer to the seller’s key employees unless a non-raid is put in place. In that case or other unusual cases, it is important to carefully tailor the language to the specific circumstances so as not to be overly broad and restrictive. And, the document should be renamed — in my opinion, it is never appropriate to include a ‘non-compete’ or ‘non-raid’ in a document that only has ‘confidentiality’ in the title.

What else should you look for in a confidentiality agreement? While I’ll answer that question, first let me say that these agreements are both (1) usually impractical to enforce and (2) often used for information that isn’t truly confidential. The net result is that, in most cases, I think of these documents as good faith expressions of intent rather than legally enforceable agreements. (If you’re holding the Coca-Cola formula or some other highly valuable trade secret, this doesn’t apply to you.) Nevertheless, as a lawyer I have to focus on the details too (the devil often being in them):

  • Check the survival period. Many confidentiality agreements say they expire after some number of years (e.g., 1, 2 or 3 years). Frankly, if you’re the recipient of information, that works to your advantage. However, I believe that most confidentiality agreements should not have an express time limit, because there is already the natural time limit of ‘as long as the information is confidential’. If you believe your business plan is confidential, I’m sure you wouldn’t be happy to see it published in the Wall Street Journal a year or even two years later. But that is exactly what an expiration date would permit. Note that there should never be an expiration date if you are disclosing true trade secrets.
  • Consider whether you have to explicitly mark information as confidential (and explicitly summarize in writing any confidential information disclosed orally) in order for it to be treated as confidential. I usually try to avoid that requirement (especially when representing the discloser of information), instead relying on the broader, though admittedly tautological and vague, designation of all confidential information as confidential. Legally, information that is explicitly marked will be more protectable, but I am more concerned about (1) the practical reality that people will forget to mark all relevant information as confidential and (2) the implication that unmarked information is somehow ‘fair game’.
  • Make sure the usual carve-outs to the definition of confidential information appear. Essentially, these say that information in the public domain, information you already possessed, information you receive later from someone else, and information you create on your own, are not considered confidential information under the agreement.
  • Make sure you are expressly permitted to disclose information if required by law (e.g., government or court order). While many agreements contain this exception, they often add that you first have to notify the other party. Try to modify that language by adding ‘if permitted by law’, since you may be prohibited from telling the other party they are under investigation.
  • Consider your future obligation to give back the confidential information. I try to avoid an automatic obligation to return the information at some later date (e.g., if a deal doesn’t take place), and instead give the other party the right to request it back. The main reason is that, in practice, information is rarely actually returned, and I prefer that my agreements not say things that I know will not occur. Also, you should ask for the right to destroy the information rather than give it back, particularly with respect to your own work product (e.g., notes, memos, etc.) that contain confidential information (as opposed to the original information that the other party delivered to you). Furthermore, you may want to carve out exceptions for archival copies (e.g., electronic backups that are difficult to purge) or copies held in your lawyer’s or accountant’s office.

One final, practical suggestion:  if you are going to sign the other party’s form of confidentiality agreement, it is better to sign their ‘mutual’ form rather than their ‘one-directional’ form — even if you will not be disclosing any significant confidential information to them. Besides the fact that you may end up disclosing some confidential information to them, it is also likely that their mutual form will be more balanced and reasonable in its specifics.