Confidentiality and Non-Disclosure Agreements

What is a NDA?

A NDA, or Non-Disclosure Agreement, is a contract between two or more parties whereby one of the parties promises the other (or the parties promise each other) to not divulge proprietary information to third parties. In English, it’s a promise to keep quiet about trade secrets, business practices, and other information acquired on the job/during negotiations/in the course of doing business that is not publicly known. The contract defines what constitutes proprietary information that cannot be disclosed and may also state the foreseeable damages for breach of the agreement. The existence of a non-disclosure agreement permits the injured party to sue for damages on the contract in the event of a breach (in other words, if the other party to the agreement shares proprietary information with a third party/competitor).


Who needs them?

Any developer, designer, artist, or other development team member is probably familiar with NDAs. If not, review your employment agreement—many employment agreements contain covenants (i.e., restrictions) such as covenants not to compete, non-disclosure, and confidentiality clauses.

Any company or individual who wants to keep his or her ideas within the four corners of the office needs a NDA. You’ll almost always see NDAs in an employment context, particularly in the areas of technology and science. They are also common in a business negotiation context between two or more companies. In those cases, the agreements may be mutual. NDAs are a standard industry practice in software, tech, and game development companies because often the ideas and processes used by that company is the source of the company’s success. These are things that aren’t always protectable under standard Intellectual Property Laws via Copyright, Trademark, or Patent. A particular way to manipulate software or a game engine to create a desired effect, or the specific process of a game mechanic, may be proprietary information even if it isn’t a patented process. There is also confidential information, such as future plans that have not been implemented yet, that must remain within the four corners of the company to preserve that company’s competitive edge. 

What constitutes a trade secret?

A trade secret can be many things– valuable ideas and information, the communications and bargains made during negotiations, or special "know-how" like a manufacturing process or a specialized customer list—anything that gives the company a competitive advantage that would have a potentially damaging effect on the profitability and/or well-being of a company if disclosed to third parties or competitors.  The agreement defines the scope of proprietary/protected information, but trade secrets can’t rely on NDAs alone to remain safe. A company must adopt stringent business practices to keep trade secrets protected. Marking documents as confidential, prohibiting lower level employees from having access to trade secret information and prohibiting third parties from observing processes and methods intended as trade secrets, and generally keeping a tight lid on any information that needs to remain confidential, will all help in protecting your trade secrets and the NDAs you have in place.

Anyone who uses the improperly obtained trade secret to the harm of the
company may be subject to damages for misappropriation of a trade
secret, which may include 1) profits the plaintiff has lost as a result
of the misappropriation, 2) a reasonable royalty for the defendant’s
use of the trade secret during the time at issue, or 3) the amount of
profits the defendant made a result of the misappropriation. The
Uniform Trade Secrets Act also authorizes punitives for willful or
malicious trade secret misappropriation.  Otherwise the damages are
limited to damages on the contract, or projected profits lost as a
result of the disclosure.

What a NDA protects

A NDA protects trade secrets and other proprietary/confidential information as those terms are defined under the terms of the Agreement. For instance, a NDA may define confidential/proprietary information as:

        "Invention description(s), technical and business information relating to proprietary ideas and inventions, ideas, patentable ideas, trade secrets, drawings and/or illustrations, patent searches, existing and/or contemplated products and services, research and development, production, costs, profit and margin information, finances and financial projections, customers, clients, marketing, and current or future business plans and models, regardless of whether such information is designated as "Confidential Information" at the time of its disclosure." — Sample Agreement

    Once defined, the Agreement goes on to state what constitutes a disclosure. A disclosure usually means any unauthorized statement or communication concerning proprietary information to third parties, with the exception of information already publicly known or information readily discoverable by  third parties by methods or means outside of confidential company communications. The Agreement may also set forth a damages provision. NDAs don’t necessarily create a confidential relationship, as a confidential relationship is often assumed in an employment context. However, it does put the employee on notice of the specific confidential he or she is not authorized to disclose. 

What an NDA does not protect

    Obviously, NDAs and Trade Secrets don’t protect information that’s publicly available, nor will it protect anything that is discoverable by ordinary means outside of company communication. For instance, if a company employs a business practice that is standard and widely used in the industry, the use of that business practice would probably be discoverable by a outside observer without any kind of unauthorized communication. That kind of information typically isn’t protected by Trade Secret laws or a NDA.

Practically speaking, once a person breaches a NDA, the harm is already done. While you can  get an injunction or TRO (temporary restraining order) to prohibit further injury, you can’t make people forget what they already know. The most you can get are damages (if any can actually be shown), so really a NDA only goes as far as you can trust the person to keep quiet.

If you need more than just this basic primer, check out Web & Software Development: A Legal Guide.