The basics of a non-disclosure agreement
By Matthew J. Bennett, lawyer at McKercher LLP
A non-disclosure agreement (NDA), also known as a confidentiality agreement, is a form of contract used in business relationships to protect proprietary business information not otherwise generally known to the public. This might include product ideas and designs, pricing strategies, marketing methods, accounting and financial information, business practices and processes, and lists of customers and suppliers, to name only a few. NDAs are a useful way to allow parties to have sensitive commercial discussions with some comfort that the information revealed will not be used improperly or be disclosed beyond its intended recipients. This can be vitally important for start-up businesses seeking funding or strategic advice, or for established businesses dealing with a competitor or an unfamiliar party on the other side of the table. NDAs can be mutual, so that both parties have obligations to protect the others’ information, or one-way; in both cases the recipient of the others’ proprietary information has an obligation to use the information only for the intended purpose and to protect that information from being disclosed to unauthorized third parties.
The first step in preparing an NDA is to determine the purpose of the proposed business relationship, the nature of the information necessary to that purpose, and consequently the information to be protected by the agreement. The party receiving the confidential information should only be permitted to use it for the purpose set out in the agreement, and the conclusion of that purpose typically triggers the return or destruction of the confidential information to ensure that it cannot be accidently disclosed or improperly used after the fact. The parties should define the purpose carefully to ensure that they have sufficient flexibility to assess the merits of the proposed transaction but, at the same time, will not reveal more information than reasonably necessary or allow information to be shared indiscriminately with employees, subsidiaries, consultants, or others that need not have access to that information.
Parties should also be clear on what information is covered by the NDA. An NDA should cover all sensitive information that a party receives as a result of the relationship, but should not cover information the receiving party may have already had before entering the NDA or otherwise may legitimately obtain from a third party during the term of the agreement, or after its expiry. In other words, you cannot use the NDA to prevent someone from using or disclosing information sensitive to you which they may have otherwise legitimately obtained. Where only certain information requires protection, parties should consider labelling or otherwise identifying the sensitive information to differentiate it from other information that does not need protection.
There may be a tendency to draft highly restrictive agreements to exercise greater control over the dissemination of business information, but there is a danger in doing so, as courts in Canada have been reluctant to enforce overly broad NDAs that place unreasonable limits upon the receiving party or the marketplace. Therefore, you should be as specific as possible in defining the information you wish to protect and the extent to which it may be used or disclosed. Factors to consider regarding the enforceability of an NDA include:
- the extent to which the information is known outside the business of the disclosing party;
- the amount of money or effort expended by the disclosing party in developing the information;
- the value of the information to the disclosing party and its competitors;
- the extent to which the information is known by employees and others involved in the disclosing party’s business;
- the useful life of the information being protected; and
- the ease or difficulty with which such information could be otherwise legitimately acquired or duplicated by others though their independent effort.
Ultimately, an NDA is just a piece of paper and can never be absolutely effective in preventing disclosure of confidential information. Unfortunately, once the information is out, “the toothpaste doesn’t go back in the tube”. Therefore, your NDA should have enforcement provisions which allow you to limit your damage and/or recover the value of your losses resulting from improper disclosure of your proprietary information. It should be structured so that if the proprietary information covered by your NDA has been leaked by the receiving party, then you may sue that party for monetary damages and/or injunctive relief. Monetary damages are a cash award intended to compensate you for your lost profits or the value of your lost opportunities resulting from the improper use or disclosure of your confidential information. Obtaining adequate monetary damages can be difficult, particularly because it involves speculating on future sales or profits. Alternatively, you may seek an injunction to (i) stop a party from using the information and/or (ii) prevent leaked information from spilling further into the marketplace. Injunctive relief is a court order preventing others from further disclosing the leaked information and/or from further using the leaked information.by