Because information and ideas are often a business’ most valuable possession, great strides should be taken to protect it.

Confidentiality and Non-Disclosure Agreements are time honored contracts used to protect a person or company’s sensitive information and proprietary ideas.

A Confidentiality Agreement, also known as an NDA, essentially acts as a paper shield, protecting your business from the possibility of sensitive information being disclosed or a great idea being stolen.

There’s no magical power within its clauses to physically stop a would-be discloser in his tracks. (Duh!) Rather, its power derives entirely from its ability to make potential disclosers think twice before they spill the beans. The clearly defined threat of severe legal action is generally enough to thwart a former employee, business partner, or third party from using your proprietary information for personal gain.

But your confidentiality agreement will only work as a deterrent if it’s drafted and executed properly.

The unfortunate reality, however, is that far too often, businesses and entrepreneurs prepare cookie-cutter agreement with gaping holes in their content – which, of course, completely defeats the purpose of preparing the agreement in the first place.

Coincidently, the legal world sees some of the same failures over and over and over again when it comes to this type legal agreement used to protect confidential information. Which makes my job here just a little bit easier.

Here are the top 5 no-no’s and what to do instead.

1. No boilerplate agreement

1. No boilerplate agreement

Okay, that’s not entirely accurate. Templates are okay, so long as you use them as just that: a template. The problem with using boilerplate templates, including those for a confidentiality agreement, “as is” is that many online template are skimpy and generic and will likely fail to meet your needs.

Your absolute number one priority when drafting your confidentiality agreement is to be specific and draft your agreement specifically to the industry, the deal, the arrangements, and the needs of the parties involved.

You can also easily find a number of confidentiality agreements online from major companies and industry leaders. Reading these examples can give you some great insight into what thought leaders are doing to protect their work, which clauses you should include, and what language is being utilized by others in your line of work.

It’s also quite possible that a blogger in your field has touched on the subject of these agreements in a post at some point. The point is, do your homework and make sure that agreement template is filled in and expanded to properly meet your needs.

2. Don’t be ambiguous

2. Don't be ambiguous

One of the biggest no-no’s is to draft your confidentiality agreement with language that’s overly broad or too vague.

If, by some chance, your agreement faces scrutiny in court because of a breach, many jurisdictions won’t hesitate to find that your agreement is “void for vagueness” if the language is so ambiguous or unclear that enforcing the terms and conditions is impossible.

Here’s an example of an ambiguous NDA gone wrong.

NDA agreement invalidated in Lasership v. Watson

Do strike a balance. As the Disclosure Party, your goal is to protect your business as broadly as possible and eliminate any loopholes. While it may be tempting to use language that covers, well, everything, the courts won’t see justice in that and neither will the other party.

Remember, the confidentiality agreement does more for you (as the Disclosing Party) than it does the Recipient Party, so being fair and realistic is critical when asking the Recipient to sign the agreement. The key is in finding a balance.

Recognize that the other party has rights, too, and that, realistically, you can’t restrict everything. Be honest and realistic about the needs of your business and focus on language and clauses that stay on task.

3. Don’t forget 3rd parties

3. Don't forget 3rd parties

Another epic fail is forgetting to include 3rd parties. Disclosing Parties are often so focused on protecting themselves from the most immediate threat, that they forget to think outside the box and consider other parties who might be involved.

For example, your may be contracting with a developer to help get your new proprietary software ready for the public market.

The developer, the immediate Recipient Party of your confidential information, likely doesn’t work alone. The developer may contract 3rd parties to perform part of their services.

If your Confidentiality Agreement doesn’t include language that holds those parties to confidential standards, then you risk leaving a gaping hole in your protection. Do include all involved.

There are a few options for protecting yourself from 3rd party disclosures.

First, you can include some simple language in your agreement that specifies who the Recipient Party is allowed to disclose your confidential information to. This can go a long way in ensuring that the Recipient party is only discussing your information with parties that are on a “need-to-know” basis.

The key, however, is in thinking this through ahead of time. Consider, realistically, who your Recipient Party may need to contract with in order to fulfill their end of the deal: Do they have attorneys, financial advisors, vendors, employees, etc. whose services will be critical to your deal?

Those parties should specifically be listed as acceptable third party recipients of your proprietary information.

Your other option, if it’s viable, is to draft and execute a “Third Party Relationship Vendor Agreement” for each potential 3rd party.

While these look vastly different, based on industry specific and deal specific needs, these agreements will directly hold each and every third party responsible for protecting your confidential information (which means that they’re more likely to respect to seriousness of the situation).

The following example utilizes both approaches.

The main Confidentiality Agreement specifies that the Recipient Party is only allowed to disclose the information to third parties who have signed their own agreement with you.

While this isn’t always realistic, it’s a viable option in many situations.

Clause in Confidentiality Agreement with 3rd party Relationship Vendor Agreement

Regardless of which route you choose, the bottom line is that business is rarely performed alone.

In all likelihood, your Recipient Party will be working with a number of other parties or vendors and those folks need to be included in your agreement too.

4. Don’t forget the time limit

4. Don't forget the time limit

Another common trap when it comes to confidentiality agreement is in failing to include a reasonable timeframe for how long the duty of confidentiality should last.

Some entrepreneurs make the mistake of creating an unrealistic timeframe, while others fail to include this detail altogether.

The importance of including a timeframe is that it helps to establish a definitive obligation for the Recipient Party. If you fail to specify how long the Recipient Party is obligated to maintain your confidentiality, you risk, yet again, having your confidentiality agreement nullified in court because it’s simply too vague to be enforced.

Do be realistic. At the risk of sounding like a broken record, the key here is in finding a balance. While you are justified in wanting to protect your information, you also have to be fair otherwise the Recipient Party may find no reason to sign your agreement at all.

Some confidential information has a finite lifespan. Trade secrets should not.

For example, once your product hits store shelves, your invention is obviously no longer a secret and therefore there’s no need for secrecy on your developer’s part. If that be the case, specify in your agreement that the confidentiality obligation expires after 1 year or 3 years or after the launch of the product.

On the other hand, some proprietary information maintains its confidential status indefinitely. Trade secrets, for example, have no expiration date.

In those cases, your agreement should specify that the Recipient Party is held to confidentiality for life.

Either way, set specific time limits and be realistic about what they are.

Here’s a good example:

Example of clause for confidentiality obligation for life related to trade secrets

5. Don’t wait to sign

5. Don't wait to sign

Some entrepreneurs feel uncomfortable broaching the subject of signing a confidentiality agreement while others take a more non-chalant approach and wait until the conversation “gets more serious.”

The danger in waiting is that, for one, early discussions can easily include pieces of confidential information. A conversation can quickly escalate, especially if the parties are eager or excited.

The last thing you want is to stop a great exchange dead in its tracks because you realize you can’t say another word without revealing something important. In other words, even if you didn’t intend on having an in-depth discussion right away, it could easily happen in the heat of the moment.

It’s also important to keep in mind that anything you say, even in preliminary discussions, can be vulnerable to disclosure. So even if you feel like you’ve been very careful about what you say, there is a chance that the other party took something seemingly insignificant that you said and ran with it.

Do get a confidentiality agreement upfront. The important point here is to sign all your agreements in advance.

While it may not be possible to know about every discussion before it happens, you realistically know about important conversations in advance, especially with developers, employees, potential business partners, etc.

In these cases, propose a fair and realistic agreement up front so you can rest easy for the remainder of the negotiations or relationship.

Credits: The following icon are from the Noun Project: “ban” by, “Document” by Creative Stall, “Exposure” by Thomas Helbig, “Information Dialog” by Viktor Vorobyev, “Loading To Do List” by Oliviu Stoian, “revise” by Takao Umehara.