“My last boss made me sign a nondisclosure agreement.”
When we started to pitch to potential investors for our seed round, the question immediately became very real: do we want them to sign a Non Disclosure Agreement, also known as “NDA”? Under what circumstances? Why? How does that protect us? If so, what kind of NDA?
If you are working on a startup and when you are thinking through the necessary legal documents you need for your business, this should be on the top of your list.
Why a NDA?
This is not a new topic for any one who has engaged with potential vendors, investors, contractors. Invariably you will need to disclose, or some times exchange confidential information, and to protect your ideas/trade secrets, you will need to put a NDA in place. This helps you to keep your ideas secretive, so that the person receiving the information can’t go to use this same ideas for their own venture, share it with your competitors, and in the extreme situation, claim that you got the idea from them.
So what does it say?
- What. Typically a NDA will lay out what is considered confidential information. The broader this definition is, the more protected areas there are. It typically covers technical information such as ideas, specifications, designs, sketches, software code. It also include financial information such as financial statements. In many cases, you may be able to even call out things like patents, trade secret, customer list, etc. On the patent piece, once you disclose the idea publicly, it may prevent you from even obtaining a patent down the road, you need to be especially careful even you are planning to file a patent down the road. For trade secrets, many NDAs will even stipulate that the obligations survive even after the NDA expires
- Purpose. Most NDAs will describe the purpose of the disclosure or exchange. A narrowly defined purpose limits the scope of the NDA and is easier to enforce. For example, if you have a NDA that says it covers everything that the parties discussed for all purpose, it’s less likely a court will enforce it.
- Term. Similarly, some companies try to push NDAs that last forever (i.e. does not contain a term), but it’s unrealistic that many people want to sign up for it. A 3–5 year term is more realistic and customary, sometimes with an exception for trade secrets mentioned above.
- What does it not include. Typically three kinds of information are excluded from most NDAs: information that is already publicly known, information that the receiving party already knows before the signing of the NDA, information that becomes publicly available after the signing of the NDA, information that the receiving party independently developed after the signing of the NDA, and finally, information that the receiving party must disclosure pursuant to a legal order.
- Who does it over? Of course you need to name the parties. Sometimes it’s important to point out that it covers a company’s affiliates, so you can share the same information with your related parties. Also, it’s important to include third parties such as agents or contractors who will also access the same information, and you want to hold them accountable as such.
- So what? So after receiving the confidential information, the receiving party can only use it for the limited purpose as defined in the NDA, such as evaluating the business or investment opportunity. They cannot 1) share it with others 2) try to recreate or reverse engineer anything and 3) if they break the rule, they will face consequences, such as legal actions, damages and sometimes injunctions (i.e. preventing them from doing something with the information)
Unilateral vs. Mutual vs. Multi-party NDAs
- Unilateral is always better for the disclosing party.
For a person or company disclosing confidential information, typically a unilateral is the best. Why? Because it only gives you rights, but not obligations. Meaning, the other party is signing up to do all the things described above, but you are under no obligations to them. Of course, sometimes the information flows both ways, such as when your company is evaluating a potential supplier, for which you must disclose what you are working on, but you also need to ask them about their secretive information. In this case, a mutual NDA is warranted.
- Multi party NDAs are overrated.
Sometimes people approach me to enter into multi-party NDAs. I typically recommend not going down this route. Why? Because if A and B, B and C and A and C each have mutual NDAs, it accomplishes the same purpose, for the most part. Going down the multi NDA route means you are now straddling three legal departments and they all need to agree to the same terms. Painful.
So what do you usually fight about?
- What is included as confidential information.
Sometimes a party wants the other way to mark everything as confidential in writing, and follow up oral conversations with written summaries, to clearly define what confidential information means. While it’s good practice, and it helps the receiving party to know exactly what the confidential information is, from a disclosing party’s perspective it’s unrealistic and impractical. If you talk to many people, you run the risk that whatever you don’t follow up with a written summary is excluded from the confidential information.
As mentioned above, while perpetual obligation is always inspirational, having a defined term from 3–5 years is more realistic. One trap to avoid is super short NDAs for one year or less with a party that you know you will continue to share information for the long term. In this case, if you accidentally let the NDA lapse while still disclosing confidential information, then you are without protection.
Every one wants to litigate in their own backyard, so typically the party drafting the NDA will pick a jurisdiction where they are located. When the parties can’t agree, a “neutral” jurisdiction such as Delaware or New York is more appropriate. Try not to sign up for foreign jurisdictions. Otherwise, if anything goes wrong, you will be forced to litigate this in a far away place, where you invariably have to retain legal counsel.
- Some of the carveouts such as trade secret. Some lawyers are not familiar with carve outs such as the trade secret one, at which they tend to bark at. In the US it’s common practice and the carve out is commonly understood by most lawyers.
Finally, a few words of advice
- Do it. Sometimes people think, geez, this person is a good friend, and wouldn’t they be offended if I ask them to sign a NDA? You’d be surprised. In today’s business and tech world, having a NDA signed before you disclose confidential information is a common practice, and most people don’t have a problem with it at all. On the contrary, if you just freely share your secret sauce, you come across as immature and unsophisticated. “Trust” only goes so far in the business world, rather than putting any one in that position, get the NDA signed or don’t talk about confidential information.
- Keep it short, sweet and reasonable. I once had a potential investor say to me, the reason it took me to a week to sign your NDA is because it’s 10 pages long! I immediately switched to a different, much shorter format. While getting appropriate protection is good and important, don’t let the NDA become a road block to investors, partners or potential employees. Keep it short, sweet and reasonable.
- Don’t use boilerplates. I am guilty on this one. Even I am a licensed attorney, sometimes when I become too busy I tend to pick up “templates” here and there. But as you can see from this article, there are lots of nuances about the NDA, so you’ve got to draft and review it with care, to ensure it suits your needs and accomplish the right purpose you want to accomplish. Get a lawyer to review it, to ensure you are properly protected.
P.S. I found an interesting article about why you shouldn’t ask a VC to sign NDAs before they invest in you. Hmmm. Interesting. Up for debate?
Please see this cheat sheet for summary on key points on NDAs