Non-disclosure agreements: how to protect confidential information

It is a common query; how to share commercially sensitive information to progress a deal whilst protecting your business interests.

Whilst you may need to share information, you don’t want it ending up in the hands of a competitor. Prior to making disclosure, you could protect your business with a non-disclosure agreement. This would ensure the recipient of confidential information knows the importance of respecting confidentiality and the penalties for failing to do so.

In this article our commercial solicitors answer your frequently asked questions on non-disclosure agreements.

Jump to:

1. What is a non-disclosure agreement?
2. Confidential information in business – do you need a non-disclosure agreement?
3. Non-disclosure agreement examples
4. What is the law on a third party disclosing confidential information?
5. How does a non-disclosure agreement work?
6. What are the key provisions in a non-disclosure agreement?
7. What are the different types of non-disclosure agreement?
8. Can a non-disclosure agreement be terminated?
9. Are non-disclosure agreements legally binding and enforceable?
10. Should employees sign NDAs in employment contracts?
11. Does GDPR impact on non-disclosure agreements?
12. What happens if a non-disclosure agreement is breached?
13. Is a non-disclosure agreement worthwhile?

What is a non-disclosure agreement?

A non-disclosure agreement (NDA) is a legal contract about the sharing of confidential information. The agreement should identify the confidential information and put the receiver of the confidential information under an enforceable contractual obligation with sanctions for breach. A NDA gives an incentive to maintain confidentiality.

Non-disclosure agreements can also be referred to as a confidentiality agreement and can be:

• An initial agreement in preliminary business discussions
• Form part of a substantive commercial contract
• Form a stand-alone agreement to the main contract

Find out how our legal experts can help protect your business with an enforceable non-disclosure agreement.

Confidential information in business – do you need a non-disclosure agreement?

When you hold commercially sensitive information your business needs to ask itself three questions:

1. Does the confidential information need to be shared with a third party or can you proceed in the absence of disclosure?
2. Is the third party already subject to regulations on confidentiality that cover your business? For example, the legal profession is regulated by the Law Society.
3. Would a breach of confidential information damage your business?

NDAs are required if third party disclosure is necessary and the third party isn’t subject to professional regulations to give your business protection against a breach of confidentiality.

A NDA is not required where the confidential information is already in the public domain or has already been disclosed by you or is already known by the third party from another source.

Non-disclosure agreement examples

What amounts to commercially sensitive information varies widely, but examples where a NDA should be considered include:

• A start-up company with an unpatented invention, new product or technology without intellectual property protection, negotiating a potential joint venture agreement or investment.
• Sharing information with a prospective franchisee as part of a franchise purchase agreement, the disclosure could include detailed management accounts, business plans or projected forecasts.
• Giving information to a potential service provider, such as a freelancer or sub-contractor, to enable them to quote for work.

If you’re unsure how best to protect sensitive information, then do seek legal advice. Our commercial solicitors can advise on the appropriate provisions to protect your business.

What is the law on a third party disclosing confidential information?

The law governing the protection of confidential information comes from:

• The common law principle of equity. The equitable doctrine of confidence or confidentiality is used where confidential information can't be protected by intellectual property rights.
• IP rights such as patents or copyright.
• UK regulation (The Trade Secrets (Enforcement, etc.) Regulations 2018) which allows a business to bring a claim under either common law or the 2018 Regulations.

To bring a claim under the 2018 Regulations the confidential information must:

• Be secret information, such as projected forecasts.
• Have commercial value, such as profit margins of commercial value to a retail competitor to undercut prices.
• Have been subject to reasonable steps under the circumstances to keep the information secret, meaning the information wasn’t known to the public, experts or ‘generally known or readily accessible to persons within the circles that normally deal with that kind of information’. The information must have been provided in confidence and the breach must have resulted in loss.

Relying on the 2018 Regulations can prove difficult if you can't easily prove information was confidential. The use of a NDA is recommended to define confidential information and to provide contractual remedies for breach of confidentiality.

How does a non-disclosure agreement work?

NDAs work by ensuring parties to a transaction or potential project (such as a joint venture) understand the confidential nature of information and the consequences of any breach of confidentiality. The contractual consequences of a breach of a NDA could include a compensation claim or securing an injunction order to prevent further damage or loss arising from the breach of confidentiality.

What are the key provisions in a non-disclosure agreement?

The key NDA provisions are:

• Definition of the confidential information to be protected by the NDA. The definition should be broad enough to catch all the categories of confidential information being disclosed. The definition may also detail the types of data disclosed and specify that any work created or derived from the confidential material is also caught by the NDA. The agreement can say information disclosed orally is confidential, although you will need to follow this up in writing following verbal disclosure.
• Use of confidential information for the permitted purpose. The agreement needs to specify under what circumstances and for what purpose the recipient can use the confidential information.
• Sharing of confidential information. The NDA should say if the recipient is allowed to share the confidential information with a third party. For example, the recipient may be allowed to share information with key employees and advisors, although there may be a requirement for these individuals to sign NDAs.
• Return of confidential information. The NDA should set out what will happen to the confidential information. If the project or transaction doesn’t proceed then the NDA should provide that the confidential information will be returned to the disclosing party or destroyed.
• Duration of the agreement. The agreement will contain a time period during which it will remain in effect.
• Non-solicitation of employees. To prevent the recipient of your confidential information from attempting to hire employees for a period of time specified in the agreement.
• Non-circumvention clause. To restrict the recipient of confidential information from using it other than for a narrowly defined purpose. The aim is to prevent the recipient from going directly to a third party and cutting your business out of the deal.
• Non-compete clause. If you want to restrict an employee or third party from competing with your business for the duration of the NDA, or for a specified period after they leave your employment or the agreement ends, you can include a non-compete clause. The clause can be void or unenforceable unless it is designed to protect a legitimate business interest, is no wider than reasonably necessary and is not contrary to public interest. The restrictions should be limited in duration or geographical scope and should not cover activities that are unrelated or incidental to your main business interests. In the case of employment contracts, it is unreasonable to prevent someone from making a living in their chosen field, particularly if the number of businesses operating in that field is small.
• Breach remedies clause. To set out that the business can claim damages and secure an injunction order if there is a breach.
• No transaction obligation. To make it clear that there is no obligation to deal with the recipient just because you shared information with them.
• Jurisdiction clause. To identify the law and court jurisdiction that will apply to the contract in the event of any dispute.

Access legal support from just £145 per hour

Non-disclosure agreements will require legal advice. Contact our commercial solicitors for help drafting and negotiating your NDA or confidentiality agreement

What are the different types of non-disclosure agreement?

The three different types of NDAs are:

1. Unilateral or ‘one-way’ agreement involving two parties where one of them will disclose confidential information to the other. Unilateral NDAs are most commonly used to protect trade secrets where a business is developing a new product or service and seeking potential suppliers or partners.
2. Bilateral, ‘mutual’ or ‘two-way’ agreement involving two parties where both intend to disclose confidential information to the other. These types of agreement are common in M&A scenarios where both sides will be sharing confidential aspects of their respective businesses.
3. Multilateral agreement involving three or more parties and where at least one party will be disclosing confidential information to the others. It avoids having to complete multiple NDAs.

Can a non-disclosure agreement be terminated?

Usually, a recipient of information can't terminate a NDA as this would defeat its purpose. A NDA can be terminated by the provider of the confidential information or by mutual consent.

Most NDAs set a time period where the recipient is bound to keep the information confidential. The time period should depend on the business sector. For example, in a fast-moving industry, like technology or retail, information may lose its commercial value relatively quickly. To minimise risk, most recipients of confidential information will want to make sure there is a date after which they will be released from their obligations. If a NDA expires, your business may still have rights under intellectual property law, such as copyrights or patents.

Are non-disclosure agreements legally binding and enforceable?

If a NDA meets the requirements for contract formation it will be legally binding. The main issue for those entering a NDA is whether the agreement is enforceable. When looking at the enforceability of a NDA you need to consider:

1. Is the information confidential? If the information isn’t secret then it won't be protected.
2. Does the confidential information belong to you? If the confidential information doesn’t belong to you then you can't control its circulation.
3. Is the information in the public domain? Your agreement may not protect you if the recipient of the confidential information can show the information was already publicly available or that they got the information from another source.
4. Prior information. Any information you share with a third party prior to signing a NDA won't be covered.
5. Can you prove breach of confidentiality? It can be difficult to prove a party breached the NDA and disclosed information to third parties rather than a former employee of your business.
6. Use of the non-disclosure agreement. It is not appropriate to use a NDA to prevent appropriate disclosure. For example, a non-disclosure agreement against an employee can't stop an employee from making disclosures about breaches of the law or illegal activity, like sexual misconduct.
7. Is the agreement clear or over-reaching? The definition of what information is confidential must not be too wide-reaching or vague or result in compliance being too onerous or restrictive.
8. Can the breaching party pay? The party in breach may have limited funds to pay damages for losses suffered.
9. Restraint of trade. A non-compete clause or restrictive covenant in a NDA may not be valid if deemed anti-competitive or unreasonable in scope.

Should employees sign NDAs in employment contracts?

An employee can be asked to sign a NDA as part of their employment contract, but the NDA must not be used to prevent whistle-blowing, to stop an employee from making disclosures of illegal activities or to avoid a legal requirement to make a referral to a regulatory body, government agency or the police.

There has been much publicity over the use of NDAs by employers. ACAS published a 2020 guide on the use of NDAs that can be found ACAS website.

The use of NDAs arising out of an employment relationship is lawful provided the employee has confidential information. Business trivia isn’t confidential. Information that may have some confidentially to it can be protected but not indefinitely. Truly confidential trade secrets can remain confidential even after the employee has left their employment with an ongoing requirement of confidentiality.

Our employment law team advises on NDAs and this article looks at how to deal with an employee breach of confidentiality.

Does GDPR impact on non-disclosure agreements?

The General Data Protection Regulation (GDPR) applies to NDAs so they need to be drafted or updated to make sure the provisions comply with the regulations. Our commercial team work closely with our data protection solicitors to advise on this specialist area.

What happens if a non-disclosure agreement is breached?

If a NDA is breached then the following remedies may be sought:

• An injunction is normally the first remedy if a business discovers an intention to breach confidentiality. An injunction order can prevent the defendant from disclosing or using the information. For more information read our article on how to file an injunction application against a business.
• Damages to compensate for loss.
• A fee to cover the amount the recipient of the confidential information would otherwise have paid for a license to use the information.
• Accounting for any profits the recipient made from exploiting the confidential information.

Is a non-disclosure agreement worthwhile?

If you need to release confidential information as part of a potential business transaction or to employees a non-disclosure agreement is an essential tool to safeguard your business interests because a NDA:

1. Puts third parties on notice that you intend to protect your trade interests and with the NDA you have the means to do so and
2. Provides clarification of what is deemed confidential information and legal justification for the protection of your information. Even if an individual clause in the NDA is deemed invalid, the remainder of the NDA should be enforceable.

About our expert

Edward Kilner

Ed specialises in IT, IP and general technology-related contracts, but he also advises more broadly on commercial matters. After completing his studies at the University of Birmingham, Ed trained at Harrison Clark Rickerbys, qualifying into the IP and technology team in 2017. He joined the commercial team at Harper James in 2019.