INFOTECH AND THE LAW

Nondisclosure agreements are almost as commonplace in the technology sector as Web addresses. However, few companies understand how to best use this legal instrument to their advantage.Nondisclosure agreements are generally used to outline an individual's or company's legal obligations with respect to confidential or proprietary information received from another individual or company. Nondisclosure agreements are typically standalone contracts, but can also be fashioned as a provision in a larger contract or agreement. Such an agreement generally prohibits the party receiving the confidential information from disclosing it to the public or, if the receiving party is a company, to those individuals therein who do not need to know the information. Nondisclosure agreements may be used when a company is investigating the acquisition of another company or its assets, or when a company joins with another to offer a service or product. The ubiquitous nature of nondisclosure agreements in technology transactions often means the specific terms are overlooked. Like most contracts, a nondisclosure agreement is most effective when it is narrowly drafted and specific to a particular circumstance. Most boilerplate nondisclosure agreements, however, try to accomplish too much. A good nondisclosure agreement will specifically identify the exact data or information considered confidential or proprietary by the disclosing party, whether it is a suite of software code or a computer-aided design for a widget. By clearly and carefully identifying the nature of the information the agreement seeks to protect from disclosure, the party receiving the confidential information can easily recognize it as such and, therefore, treat it differently from other information exchanged by the parties in connection with their transaction. Most boilerplate nondisclosure agreements, however, fail to define specifically the information the parties believe to be proprietary. Instead, a long list of various types of general information, such as financial data, designs, trade names, trademarks, customer lists, supplier data and business information, is included within the definition of the confidential or proprietary information sought to be protected by the nondisclosure agreement.This approach, on its face, seems prudent. By broadly defining the types of information subject to a nondisclosure agreement's restrictions, the disclosing party appears to be ensuring that all its proprietary information will be protected from disclosure. Practically, however, the disclosing party has made it difficult to determine what information it regards as confidential or proprietary. Most information exchanged between two parties to a transaction, after all, is not confidential or proprietary information. The disclosing party also often forgets that it not only will be disclosing confidential information in a transaction, but receiving it as well. While defining confidential or proprietary broadly appears prudent for that information being disclosed, this same approach creates tremendous liability for the party on the receiving end. To ensure compliance, the receiving party must treat everything it learns from the other party in the transaction as confidential, which can be impractical, limit flexibility and increase costs. The only other choice is for the receiving party to determine for itself that which is proprietary to the disclosing party, an approach that likely will yield inconsistent results depending on the eye of the beholder.Nondisclosure agreements also tend to be sketchy as to their duration or terms. If the information being exchanged in the transaction and protected by agreement is truly proprietary or confidential, the disclosing party is likely to want the receiving party to consider it such even after the transaction is over. Thus, the term of a nondisclosure agreement should extend beyond the term of the parties' transaction. Similarly, parties often forget to specify what happens to the confidential information exchanged after each has gone its separate ways. While a nondisclosure agreement may still obligate the receiving party to prevent disclosure of such information after the transaction is completed, a provision requesting the information be returned to the disclosing party or destroyed will go a long way to ensure such confidential information will not be inadvertently disclosed. Another way to reduce the risk that confidential or proprietary information is inadvertently disclosed is to eliminate language in a nondisclosure agreement that allows the receiving party to disclose the information to those within the company having a need to know. This type of vague language gives the receiving party another opportunity to decide for itself the scope of the disclosure. Instead, identify up front those individuals entitled to receive the information and the context in which the information may be used. In short, take time to tailor a boilerplate nondisclosure agreement. The benefits of such small changes far exceed the additional time it takes to make them.