Keeping sensitive business information secret such as specialized processes, client lists and trade secrets can determine the difference between a business’s’ survival or demise.

Over the years, scores of businesses have had to devise ways to protect their proprietary information, trade secrets and other confidential information from not just competitors but also the general public.

Some businesses like Coca-Cola and KFC have managed to keep their trade secrets for 100 years or so. How do they do it?

One commonly used tool is the non-disclosure agreement (NDA), also known as a confidential or trade secret agreement.

An NDA is a legally binding contract that requires parties to keep confidentiality for a defined period of time.

It’s up to the parties to decide what would be considered confidential and what is not. Confidentiality can extend to documents, designs, sketches, analyses, source codes, marketing plans, manufacturing processes and technical procedures.

Here’s an example of a clause defining what would be considered confidential for the parties in Accuride Corp’s Confidentiality and Non-Disclosure Agreement:

Accuride Confidentiality Agreement: What is confidential information

These agreements can be one-way where only one party is disclosing confidential information (“Disclosing Party”) to the other (“Receiving Party”) or it can be mutual, where both parties make disclosures and are bound to keep each other’s disclosures secret, unless given permission to do otherwise.

The NDA could not only provide for monetary remedies in the event of a breach but more importantly, provide injunctive relief to stop any further breaches from occurring.

As these agreements play such a vital role in protecting the future of a company, it’s important that you take the construction of the clauses in an NDA seriously. Preferably, always consult an attorney to assist you to help you achieve your goals.

Below are a few key costly mistakes that can result in your NDA being invalid.

1. Confidential definition too broad

Although it may be tempting to define all information that you disclose to a Receiving Party as confidential, avoid using a catch-all clause. Instead, limit confidentiality to information that is truly necessary to be kept a secret.

As an example, in Trailer Leasing Co. v. Associates Commercial Corp, an Illinois federal court refused to enforce an NDA where the definition of ‘confidential‘ was considered too broad on top of a lack of defined geographical limitations.

To avoid such problems, you should ensure that all information that’s confidential should be marked as “CONFIDENTIAL.”

If there are any trade secrets, those should be marked differently as “TRADE SECRET” as the law treats confidential information and trade secrets differently. One significant difference is that it’s well-accepted for trade secrets to last indefinitely.

2. Wrong party on the NDA

It can be easy to assume that you have got the correct party named on the NDA but it’s always important to check that you do indeed have the correct name.

Even simple things such as forgetting to include the word “Limited” or spelling a company’s name wrongly, can result in disastrous consequences.

For a start, some companies have different legal and trading names (also known as a business name).

A legal name is the name that the entity uses when it registers as a business, when it signs official legal documents and when it has to deal with governmental processes.

This name is normally noted on the founding documents of incorporation such as the articles of formation or organization (USA), memorandum of association (UK) and articles of incorporation (Canada).

A trading name, on the other hand, is the name that the entity uses for advertising and sales and in which it conducts its business with the public.

Sometimes an entity may have the same legal and trading name but it’s also completely possible that it has completely different legal and trading names.

To add to this confusion, unless an entity trademarks its name, there’s no legal protection to stop other businesses from using the exact same trading name.

To ensure that you have the correct party on your NDA, list both its legal and trading name as well as its business address.

An example of how you can list a party’s business premises can be found in Thoughtbot Mutual Non-Disclosure Agreement:

Thoughtbot Mutual NDA: The agreement is between companies

3. Scope is too broad, unreasonable or onerous

There’s nothing that the courts enjoy more than striking down an agreement that is unreasonably onerous or one that’s too anti-competition.

Be very specific about what you consider confidential or non-confidential information and don’t make your NDA overly restrictive, especially when covering the Receiving Party’s future behavior after your business relationship has terminated.

An example of unreasonable behavior could be demanding that confidentiality be preserved indefinitely when the secret doesn’t warrant it or not allowing an employee to ever obtain employment in the same industry (using non-compete agreements).

For an NDA that’s too overly unreasonable, courts may declare the agreement invalid or strike down clauses that are too onerous.

In Lasership, Inc. v. Watson, the court in Virginia ruled that the NDA was unenforceable because the provisions that stopped the employee from sharing information about the employer were too broad; covering information that weren’t confidential and also requiring that the provisions were to apply for the rest of her life.

To avoid an NDA being declared unenforceable because of being too broad, you could provide context for the agreement and its terms.

As an example, here’s a “Statement of Limited Purpose” from Microsoft in one its Confidentiality Agreements for Licensing Discussions:

The Statement of Limited Purpose clause from Microsoft Confidentiality agreement

4. Information provided by a third party

The NDA can also be invalidated where the Receiving Party received the confidential information not through your disclosure but through an entirely separate third party.

For example, if the Receiving Party received the confidential information through an independent supplier with no relationship to you, you cannot demand in your NDA that the Receiving Party keep that information confidential.

5. Information already known by Receiving Party or in public domain

The main purpose of an NDA is to keep information confidential.

However, if through no breach or fault of the Receiving Party, the confidential information becomes public knowledge, that same piece of information would no longer be considered confidential.

For example, if your information gets leaked by one of your own employees into the public domain, you cannot enforce an NDA covering the same leaked information against the Receiving Party.

As another example, if you deal with 10 suppliers and have requested 9 of your suppliers to sign NDAs, but omitted to do so with the last supplier and he or she leaked your confidential information to the public, all previous NDAs with the earlier 9 suppliers are now invalid.

6. The Receiving Party had managed to develop the information independently

Oftentimes, you may choose to collaborate with a Receiving Party that’s in the same line of work that you do.

For example, if you were a software company, you may choose to collaborate with another software company. It’s possible that the other software company would have made discoveries on their own prior to your collaboration.

In this case, the confidential information that the software company developed on their own independently cannot be part of the NDA, even if it’s similar to yours and you cannot claim proprietary interest over that particular piece of information.

7. Disclosures made prior to NDA

Be very careful that you don’t disclose confidential information prior to the Receiving Party signing the NDA officially.

Otherwise, you make disclosures at your peril because the Receiving Party could argue that he or she had not agreed to confidentiality of any information disclosed prior to signing the NDA.

8. Signed by person with no or insufficient authority to bind

Another mistake that could potentially invalidate an NDA is to have it signed by someone with no authority or insufficient authority to bind the Receiving Party.

This could occur if the signing was done by a company representative with no authority to execute contracts.

Or, say in the case of a partnership, all partners are required to agree in such contractual decisions but you only obtained the signature of one partner.

Normally, companies have founding documents such as organizational minutes, bylaws or operating agreements (USA) or articles of association (UK) that provide powers to the board to appoint company officers to carry out day-to-day functions such as signing contracts on behalf of the company.

You may wish to request for a copy of the “Certificate of Incumbency“, also known as a “Registrar of Directors” or an equivalent document from the Receiving Party to confirm the identities of officers that can sign on behalf of the company.

Alternatively, you can request written confirmation by email or fax from the partnership or company to confirm that the person purporting to have authority to sign the NDA is who he or she says they are and is legally authorized to enter into such an NDA with you.

Here’s a simple clause that you can use from the Canadian Corporate Counsel Association’s agreement:

Parties have the right to bind from the NDA of Canadian Corporate Counsel

To ensure that you cover for the possibility of any future organizational changes including takeovers, mergers and employees leaving the company, you may wish to include a clause that the NDA will be binding despite such organizational changes.

Here’s an example of a clause from Accuride’s agreement again:

Accuride Confidentiality Agreement: the Binding Agreement clause

9. Bad jurisdiction

Different countries and different states may treat NDAs very differently. Always clarify which jurisdiction you wish to apply to the agreement.

In addition, although this may not necessarily invalidate an NDA, another important factor to consider is the feasibility and ease to enforce the agreement.

If you were working with another party that is halfway around the other side of the world, you may find it too difficult to try and enforce a NDA in a foreign court under foreign laws and foreign legal procedures.

An example of a clause that you can use is from this NDA from Harvard Business School:

Which law applies clause in NDA from Harvard Business School

10. Not limiting access to confidential information

If you are careless about how you keep your confidential information, have laissez-faire procedures and you don’t make any attempt to limit access to it, the confidential information may lose its ‘confidential status‘ and any NDA protecting that information will be deemed invalid.

For example, allowing all your employees with or without authorization or NDAs to access the information. Confidential information has to be treated more carefully than ordinary business information.

Procedures might include not allowing photocopies to be made without authorization and insisting that the information be kept in a secure location that can only be access by those with authorization to do so.

11. Not providing guidance in the event of a compelled disclosure

There have been occasions where certain parties, such as the government, have been granted the right to force a Receiving Party to disclose confidential information.

An example of such an incident happened in 2011 during the U.S. Government’s investigation of WikiLeaks and one of its volunteers Jacob Appelbaum.

In such cases, the compelled disclosure can nullify the protection of an NDA.

Although your Receiving Party may not be able to resist the court order for disclosure, you should at least request that the Receiving Party give you sufficient notice of the order to enable you to seek legal protective remedies.

As you can see, there can be many traps that invalidate an NDA for the unwary Disclosing Party.