Common issues that occur when negotiating NDAs and how to avoid them

Common issues that occur when negotiating NDAs and how to avoid them

A number of common issues regularly emerge whilst negotiating NDAs. Resolving them can prove difficult – either side can come up with a cogent argument for sticking to its position. Problems can however be avoided by the parties taking a practical and reasonable approach. This article explores the issues and the steps parties can take to reduce the time spent reaching an agreement.

Key issues in negotiating NDAs

Negotiating an NDA can require both sides to take a practical approach on certain matters. There is no accepted market standard position on issues which frequently arise during negotiations, no matter what lawyers or others involved may claim at times.

When considering how to draft an NDA or when reviewing someone else’s NDA, the same points do seem to crop up. Whether the disclosure or recipient of confidential information, you can always make a rational argument for your position on each point. Sticking to your point of view won’t however result in achieving an agreed document. This can lead to frustration and delay in getting on with the underlying reason for having the NDA.

This article looks at issues which commonly arise and how they might be resolved. They are not hard and fast rules – there may be circumstances which justify a different approach. From experience however of drafting, reviewing and negotiating NDAs covering all different scenarios, they are a useful guide to how to approach these common issues in practice.

Mutual or one-way NDA

By definition, a mutual NDA will usually be easier and quicker to negotiate and finalise. In a mutual NDA (where each party will disclose its own confidential information to the other party) the confidentiality obligations and related restrictions apply on the same terms to both parties as the recipient of the other’s confidential information. The drafting party will usually prepare the initial version on a reasonable basis, knowing that it will apply equally to both parties.

This is not the case where the NDA is one-way only. If the first version is prepared by the disclosing party, the tendency can be to include strong and often unreasonable restrictions and obligations on the recipient. If the first version is prepared by the recipient, the draft may include imprecise and insufficient legal protections for the disclosing party.

If you are responsible for producing the initial draft of the NDA, try to avoid the temptation to include provisions which you expect will not be accepted by the other party. There are no prizes for creating what may be a legally watertight document but which just leads to lengthy and time wasting discussions and negotiations.

Definition of Confidential information

The core definition of an NDA is the definition of the Confidential Information.

A disclosing party:

● should avoid drafting this definition wider than necessary, taking into account the nature of the information which will be disclosed and the purpose of the NDA

● must include what are considered to be standard exclusions, including:

o information already in the public domain or which comes into the public domain (other than as a consequence of a breach by the recipient)

o information already in the possession of the recipient (unless the recipient knows it has been disclosed in breach of a confidentiality obligation owed by a third party to the disclosing party)

A recipient should not require that information:

● if in written form, must be marked as “confidential” in order to be within the scope of the protected Confidential Information

● if provided orally, must be provided in written form within a period of time in order to qualify as Confidential Information

Permitted Disclosures

The recipient will need to provide the disclosed Confidential Information to a range of people, both within the recipient’s organisation and to external parties, such as its professional advisers.

A disclosing party:

● should be reasonable in allowing the disclosed Confidential Information to be provided by the recipient to its personnel and professional advisers and potentially others, including to funders or shareholders of the recipient

● should consider whether it is necessary to require that the disclosing party must keep and supply on demand a list of the permitted persons to whom the Confidential Information has been provided. This may be practical where highly sensitive information will be provided to a very limited number of people but not in the case of all information provided by a target company during an M&A transaction

● should not usually require employees, professional advisers and other permitted persons to whom the Confidential Information may be provided to sign up to the NDA, provided that the recipient agrees to be responsible for their compliance with the NDA as if they had signed up to it

A recipient:

● should accept that the Confidential Information may only be provided to the permitted persons who “need to know” or “need to receive” it for the defined purpose of the NDA

● should agree to an undertaking that it will be responsible for compliance with the NDA by the permitted persons as if they had signed up to the NDA

Compulsory disclosure

There may be circumstances where the recipient will be legally required to disclose the Confidential Information. Unless this is provided for in the NDA, the recipient could find itself having to breach either that legal disclosure requirement or the NDA itself.

NDAs should usually allow disclosure by a recipient of the Confidential Information where this is legally required (for example, by law, court order or stock exchange rules), subject to certain safeguards for the disclosing party including:

● an obligation on the recipient to notify the disclosing party prior to the compulsory disclosure being made and to agree the content of the disclosure with the disclosing party (unless this is not legally permitted)

● a requirement for the recipient to take reasonable steps to avoid or limit the disclosure

Return of Confidential Information

It is usual for the disclosing party to be able to require the return of Confidential Information at any time.

For information which has been provided in hard copy form, this can be achieved by the physical return of the materials and any copies which have been made.

For information which has been provided electronically, including by email, the return of information is more difficult. In this case, the requirement should be for the recipient to ensure the deletion of the information from its systems and the devices of the persons to whom it has been provided.

A requirement to delete information from systems may be technically difficult or impossible to achieve, especially where information has been archived during the course of system back-up. In this case, the disclosing party may accept an allowance for information retained due to routine back-up procedures provided that it is not readily available to the disclosing party’s employees.

Non-solicitation of employees

A disclosing party may require that the recipient is bound by a covenant not to solicit or employ the disclosing party’s employees for a period of time. This can be justified on the basis that the Confidential Information includes information about the disclosing party’s employees, salaries and other terms of employment.

Depending on the circumstances, a non-solicitation clause might be appropriate provided that:

● it is limited in time, for example a period of 6-12 months

● it applies only to employees of the disclosing party of a certain type or seniority (often by reference to annual salary)

The covenant may also include an exception for the recipient carrying out general recruitment activities which are not targeted at the recipient’s employees.

Remedies for breach of the NDA

NDAs often prescribed remedies for potential breaches of the NDA, including:

● the potential for a court-ordered injunction against the disclosure, for example restricting any further disclosure of information in breach of the NDA

● a contractual indemnity for breach. An indemnity (if properly drafted) allows the non-defaulting party to recover losses as damages without having to show that the losses are recoverable under general legal rules about recoverability of loss and without also having to take any steps to mitigate its loss.

A disclosing party often tries to justify these on the basis that the recipient should not breach the NDA so “what has it got to worry about”.

A recipient will usually resist the inclusion of a contractual indemnity for breach and it has become increasingly common for the disclosing party not to insist on this. At the same time and by way of balance, the recipient should not generally attempt to exclude damages for consequential loss resulting from its breach of the NDA.


The NDA’s duration can often be a particular sticking point in negotiating an NDA. There is no market standard answer to how long an NDA should last and this can depend on the nature of the underlying transaction and the particular sensitivity of the Confidential Information.

As a general rule of thumb:

● the disclosing party should not insist on a period more than 3 years

● the recipient should not limit the period to less than 12 months

A period of 2 years is a common compromise.

About the author

Jonathan Dawe is co-founder of Paper Rock and a practising solicitor with over 30 years’ experience in advising clients on corporate transactions and general commercial matters. During that time, he has either drafted, reviewed or negotiated countless NDAs and is continually baffled (both personally and on his clients’ behalf) at the approach that some lawyers and other professionals take to them.

Paper Rock confidentiality agreement templates

Our selection of template NDAs are all aimed at providing a solution which, whilst legally robust for the disclosing party, achieves a balanced position between the parties.

Each template is written in plain English and is accompanied by clear explanatory guidance on the document and its use. For more details, please visit our Confidentiality page.

Related Posts

Shopping Basket