NDA Not Enough to Protect Confidential Information
At some point, all businesses, startups and companies have to engage in business negotiations and meetings with external parties.
Sometimes, during these meetings, details of confidential information have to be revealed in order to progress your objectives.
However, because these meetings may occur with parties that you don’t know very well, there’s always a risk of whether you can trust these parties not to misuse or expose your secrets.
Non-disclosure agreements (NDAs) are an excellent legal tool to help provide some protection for any confidential information that you may have to share in such meetings, in addition to other intellectual property protection options such as patents and copyrights.
An NDA is essentially a contract. To ensure that this legal agreement remains legally valid and enforceable in your favor, you need to follow the terms of the contract that you have signed your consent to.
The case of Convolve, Inc. And Massachusetts Institute of Technology v. Compaq Computer Corporation and Seagate Technology, LLC illustrates the importance of the need to adhere to the terms of the NDA — if you seek to enforce the benefits of the agreement later on.
In this case, the plaintiff was Convolve which was a startup owned by Dr Neil Singer who was a graduate student at MIT. Dr Singer invented two patents relating to computer hard drive technology, one owned by MIT and one other by Convolve.
In 1998, Compaq signed an NDA with Convolve to discuss the possibility of a licensing agreement. Seagate also signed an NDA with Convolve to discuss the possibility for an evaluation and testing relationship to be established.
In both of these signed NDAs it was stated that:
- Confidential information had to be marked as confidential at the time of disclosure
- Or, if it was unmarked or delivered in a presentation, then it had to be noted as confidential in writing later in a written memo to the other parties.
In October 1998, Convolve gave a presentation to both Compaq and Seagate and the parties all acknowledged in writing after the presentation that the oral disclosures of confidential information at the meeting was covered by the NDA.
The following year though, Convolve made two more presentations and even sent slides of one presentation to these parties but did not state in writing that any of the disclosures during those presentations were confidential.
Unfortunately, the meetings between Convolve, Compaq and Seagate collapsed and did not result in a licensing partnership moving forward.
In 2000, Convolve and MIT sued both Compaq and Seagate alleging that they had infringed Convolve and MIT’s patents and stolen their trade secrets in breach of the NDA.
Convolve stated that Compaq had incorporated Convolve and MIT’s technology into their research and development, manufacturing and assembly processes whilst Seagate had installed Convolve’s technology into their disk drives.
Convolve claimed that these advancements were not done by innovation and honest competition but by deceit and misappropriation of Convolve and MIT’s intellectual property rights.
A lower court held that the NDA protection no longer applied for Convolve because Convolve had not marked the presentations as confidential nor sent a written memo to the other parties after the presentations to state that the information presented was confidential.
Convolve appealed saying that even though it had not sent a written confirmation memo to Compaq and Seagate to state that the disclosures made during the second and third presentations were confidential, all the parties understood that the disclosures were indeed to be treated as such.
The Court of Appeal did not accept this submission and stated that the words in the NDA were clear that marking or written confirmation was required to designate any information as confidential.
Convolve also argued that even if it was precluded from relying on the NDA, the confidential information should be covered under trade secret protection of the California Uniform Trade Secrets Act.
Unfortunately for Convolve, the court ruled that the legal agreement between the parties replaced any implied duty of confidentiality.
Since there was an NDA, the NDA pre-empted the Uniform Trade Secrets Act and therefore, Convolve could not rely on the Act to claim trade secret misappropriation when the NDA clearly provided for what needed to happen for information to be deemed as confidential.
Because Convolve did not follow the procedures stated in the NDA to expressly designate the information as confidential, Compaq and Seagate were under no duty to maintain a duty of confidentiality towards that information.
This Court of Appeal’s decision effectively demonstrates that if you fail to comply with your own procedures under the NDA, you can destroy any protection that your confidential information or trade secrets might otherwise possess both under the NDA and under state law.
What steps should you take to protect confidential information?
Step 1: Read the NDA
Make sure that you understand the terms and consequences of any NDA that you use and/or sign.
The Convolve case demonstrates that Convolve’ procedures regarding which information is confidential and which is not, as set within the NDA, were too burdensome for Convolve to follow them, resulting in them losing valuable trade secrets.
If you don’t wish to use a marking procedure for your confidential information, i.e. all information marked as “Confidential” is confidential, then don’t include this requirement in your NDA.
Step 2: Make sure your definition of confidential information matches your information
For some reason, Convolve agreed to a marking and confirmation writing procedure to define its confidential information.
Perhaps, Compaq and Seagate had insisted on that procedure or Convolve was not entirely certain of what confidential information it would be sharing.
Or, perhaps Convolve thought that marking confidential information would make things clearer for both parties.
Whatever the reasoning behind the decision to include that requirement, it obviously did not serve Convolve well as Convolve subsequently discontinued adherence to the procedure, to its detriment.
Make sure that your definition of confidential information fits the information that you intend to share.
As much as possible, you want to make it broad enough to cover all conceivable confidential information that you think you’ll be disclosing but not too broad that it comes across as vague and meaningless.
If you intend to include an external marking or writing requirement to cover confidential information, don’t make the marking or writing confirmation compulsory before protection of your confidential information kicks in.
If you do intend to mark your confidential information as “Confidential”, then consider inserting a clause that states that your confidential information needs to be kept confidential anyway and not misused, even if you omit to mark or confirm in writing.
In other words, ensure that you have a “backup” for any oversights, errors and omissions on your part or on the part of your staff.
For example, you may wish to have a clause that states that any information that would ordinarily qualify as a trade secret under the Uniform Trade Secrets Act should be treated as confidential information, even if you omit to mark or confirm its status in writing.
Step 3: Have good procedures in place for marking information as “Confidential”
Marking confidential information is indeed helpful for clear identification of confidential information, but it can be burdensome.
This is especially so when the day to day running of a business itself can be stressful, busy and complicated.
If you have strict procedures that need to be adhered to like the marking and writing confirmation procedures in the Convolve case, then make sure that you have strict internal controls to ensure that the procedures will be adhered to.
Have a secondary check in place or even consider hiring an external party to do that for you.
In addition to this, often times employees or team members are not sure which disclosures are considered confidential information and which ones are not. Your team should be trained to identify what information would be considered confidential and to have an effective recording system.
Also, if in doubt, it makes more sense to mark a piece of information as confidential rather than to allow confidential information to be disclosed without protection. The consequences are much worse in the second option.
Step 4: Mark your presentation directly
The trade secret misappropriation and grief might have been averted if Convolve had just marked all their slides as confidential right from the start.
Here are some examples of presentations where confidentiality markings are clearly placed on every important piece of information.
Webinar Slides: Become a MongoDB DBA (if you’re really a MySQL user) where the word “Confidential” is used in the presentation’s index:
Customer Lifetime Value in Digital Marketing where the words “Confidential & Proprietary” are used in the whole presentation’s index:
Optistruct Optimization 10 Training Manual where the words “Proprietary and Confidential Information Copyright (c) 2008 Altair Engineering, Inc. All rights reserved” are used in the index of the presentation to denote both confidentiality and copyright:
Sarawak Energy where the word “Confidential” is included in the title of the presentation and in the index of the presentation itself, the words “Private & Confidential – Do not duplicate or distribute without written permission” is used:
Step 5: Regularly review your procedures to ensure compliance
We humans can be forgetful creatures, especially when work gets busy and we are under stress.
On top of this, staff changes can result in procedures being neglected even if they were initially followed.
Because of this, it’s important that you review your procedures with members of your staff periodically to ensure compliance with the terms of your NDA.
The necessity to review your agreement and procedures also apply to all other types of intellectual property agreements as well.
Step 6: Don’t assume that the other party will act with integrity
It’s interesting that in Convolve’ submission, Convolve said that it was “understood” by all parties in the presentations that information shared during the presentation would be confidential information.
That argument reveals that Convolve acted with some trust and belief that Compaq and Seagate would act with integrity in not stealing or using Convolve’ ideas and there was no need to confirm the need for confidentiality.
Perhaps also, Convolve was overly optimistic that Compaq and Seagate would have a shared goal for keeping the information confidential as it would be in their best interests to do so in view of a mutually beneficial licensing relationship.
However, when the licensing agreement did not work out, there was certainly no incentive for Compaq and Seagate to do so.
Although you should always seek to partner with companies that operate with integrity, you should also ensure that your intellectual property rights are properly protected.
There’s no guarantee that initial discussions will result in a future working relationship together.
There’s also the risk that the individuals you started out negotiations with may end up leaving the company and new employees taking over may not possess the same level of integrity or understanding as their predecessors.
Credits. Icon “contract” created by Samy Menai from the Noun Project.