Let’s start with the fact that there is no such thing as a one-size-fits-all Non-Disclosure Agreement (“OSFA NDA”). The same way that a one-size-fits-all dress looks dreadful on most women (with the exception of Gisele Bündchen, but we all know that she’s not mere mortal), an OSFA NDA may end up looking dreadful on your final deal. On a weekly basis I get to advise clients on boilerplate NDAs that seem innocuous until I ask: “What is the flow of information?” (meaning, who is more likely to disclose the bulk of the information?). More often than not I find that the discloser, who up to that point felt fairly comfortable with the long definition of confidential information, is either ignoring a residual clause or not realizing that the contract does not protect its trade secrets. The baffling aspect in this scenario is that more often than not, the OSFA NDA was procured with the mentality of using it as both, as an inbound and outbound document, and under the perception that it can be used in the same way by either a discloser or a recipient of information, with equally good results.
This is not true. NDAs are like dresses, you need to find one that fits you depending on the occasion. For example, an NDA to be used for exchange of technical information should not be the same than the one used for evaluating a business acquisition. Moreover, at its core in each NDA, the issue for the discloser is to protect the information, while for a recipient the issue is to make sure that its confidentiality obligations do not survive longer than necessary. Trade Secrets are the most common casualty in this tug-of-war. Trade Secret protection is a black and white premise: either the secret is protected in perpetuity or there is no secret at all. Listing ‘trade secrets’ in the list of types of confidential information within a NDA does not grant automatic trade-secret protection, by the contrary, it may end up hurting the owner of the information in the long run. A Trade Secret, as defined by the World Intellectual Property Organization (WIPO), is any non-public information that derives independent economic value, actual or potential, as reasonably determined by the disclosing party, by virtue of remaining confidential. This means a Trade Secret is not labeled such by a third party, like a Patent Office or the Library of Congress; a Trade secret is labeled such by its owner, who determines its value and the need to keep it a secret. This owner with the valuable secret has only one way to protect it, which is to keep it secret.
What usually happens with an OSFA NDA is that, as this document looks to fit most cases of exchange of information, it is usually set to expire after certain amount of time. Any secret disclosed under a non-perpetual NDA, technically, stops being a secret the day of the expiration of the contract. Once the expiration happens, we are in ‘un-ringing the proverbial bell’ territory: you can try but it is unlikely that you will succeed in claiming that the secret is protected. Note that an NDA expiring is not the issue per se, but the lack of language making the confidentiality obligations for trade secrets survive, even if the contract terminates.
In the same vein, but less subtle, is the residual clause problem. A residual clause is the one that allows the recipient to retain any information that is “intangible,” or kept in “unaided” memories and use it. It takes different forms, but the gist is the same: the recipient can use your information so long as they remember it without writing it down. Residual clauses unequivocally benefit the recipient. But is not uncommon encountering clients that use the same OSFA NDA (their ‘form’) regardless if they are in the discloser or recipient role. This means that they are using their own residual clause against themselves.
In either case, the issue with an OSFA NDAs remains the same: the false sense of security that it provides. Like carrying a moth-eaten umbrella, clients do not realize the damage until it starts raining. Clients should let go of the idea that one document could be used for all relationships and have, at minimum, two flavors of NDAs, one they use when they will be disclosing the bulk of the information, and another they use when they will be receiving the information. In an ideal world, clients would also have NDAs differently tailored depending on the purpose (one for pure commercial exchanges, another for technical engagements or joint technical developments, and so forth). The moral of the story here is, a mutual NDA is never mutual, because the risk run by each party under it is different.