Kilpatrick Townsend Partner Nancy Stagg recently participated in a roundtable organized by the San Diego Chapter of Association of Corporate Counsel (ACC). The speakers discussed “The Problem(s) with NDAs (Non-Disclosure Agreements)” and pointed out important but frequently unaddressed issues involving NDAs.
Ms. Stagg offers four key takeaways regarding NDAs:
- Even a well written NDA will not protect your company from poor actual performance in protecting its confidential information or trade secrets. You must augment the written NDA with good practices safeguarding and protecting your confidential information or trade secrets. If you don’t, a court will not enforce the NDA in the event of litigation. Broad NDAs that sweep up non-confidential information in their scope also run the risk of not being enforced. Make sure you carefully define the nature and the scope of the information to be protected by the NDA.
- There is often a disconnect between the definition of “Confidential Information” in the NDA and the legal definition of a trade secret under applicable state or federal law. A good exercise for NDA drafters who are disclosing trade secret information is to draft a trade secret statement or designation document that will stand up in court in those states that require them for misappropriation suits (e.g., California) when you are drafting the NDA itself. The more the language of the NDA and the trade secret statement matches, the more likely it is that a court will protect your trade secrets.
- A “bare bones” form NDA may not be sufficient to address the handling of certain types of confidential information: consumer data, including personal identifying information such as name, address, telephone number, and credit card data; employee personal identifying information, including home address, dates of birth, salary, social security information; and medical or health data. If the NDA is meant to cover these types of personal data, additional protections and issues must be addressed, including: data security, data breach notification, insurance coverage, and the return or destruction of the data at the end of the NDA term.
- Adding language to an NDA that states that in the event of a breach of the NDA, the wronged party is immediately entitled to injunctive relief without posting a bond will not invalidate your NDA. But the majority of courts will not enforce such a provision without making a separate determination that injunctive relief is warranted, that irreparable harm is likely to occur unless the injunction is granted and that money damages are an inadequate remedy. Here, choice of law matters too. In a survey of decisions, Delaware is most likely to uphold such a provision by itself and without other evidence. California is least likely to uphold that provision and will disregard the provision entirely. New York and Federal courts are split in the middle: they will consider the provision along with other evidence regarding irreparable harm. Don’t be caught by surprise when you need an injunction!