Non-Disclosure Agreements (NDA) are an important way to protect a company’s trade secrets. They prevent people from leaking private information, and potentially even profiting off it at someone else’s expense. It’s a good idea to have your employees and vendors sign Non-Disclosure Agreements when they work with you. If someone signs an NDA with you and breaches it, you can sue them for it. Of course, the same also holds true if you breach an NDA. In such scenarios, you can be held liable, and face a very expensive lawsuit. We explain what an NDA is, the key things you should include in an NDA, what to do if you (or someone else) breaches an NDA, and more.
We’ll go over:
- What is a Non-Disclosure Agreement?
- What are the different types of Non-Disclosure Agreements?
- What is the purpose of an Non-Disclosure Agreement?
- What terms should a Non-Disclosure Agreement have?
- How can you stop others from breaching a Non-Disclosure Agreement?
- What happens if you breach a Non-Disclosure Agreement?
- How can you protect yourself from breach of confidentiality lawsuits?
What is a Non-Disclosure Agreement?
A Non-Disclosure Agreement is a legal contract between two parties to keep information confidential. Each party that signs an NDA must not disclose the information specified in the NDA. If a party breaches the NDA terms, they can be sued for breach of confidentiality.
What are the different types of Non-Disclosure Agreements?
There are two types of NDAs in Singapore:
- Unilateral NDA
- Mutual NDA
Type 1: Unilateral NDA
This is the most common type of NDA. A unilateral NDA is a one-way agreement where Party A agrees to protect Party B’s information. However, Party B doesn’t have an obligation to protect Party A’s information.
This is commonly seen in employers requiring their workers to sign NDAs. Unilateral NDAs are also commonly used when clients engage external contractors to work on sensitive projects.
Type 2: Mutual NDA
A mutual NDA is a two-way agreement where Party A and Party B must each protect each other’s information. For instance, two companies that embark on a joint venture may sign a mutual NDA. Two business associates who decide to start a company may also sign a mutual NDA.
What is the purpose of a Non-Disclosure Agreement?
An NDA protects information that you don’t want others to know about. Importantly, because an NDA is a contract, it provides you with a means to hold the other party legally accountable if they breach these terms. An NDA provides you legal grounds to sue for damages, negotiate a settlement, or claim some kind of compensation for losses you suffer from confidentiality breaches.
What terms should a Non-Disclosure Agreement have?
NDAs generally contain the following essential terms:
Scope of agreement:
This sets out the definitions and list of confidential information which will be covered by the NDA. It also lists the information which won’t be covered by the NDA (i.e. can be revealed).
The scope of agreement lays the foundation of what information is (or is not) considered confidential. If a party breaches the NDA, the scope of agreement will play an important role in determining whether the information that was leaked was indeed protected by the NDA.
Usually, parties will include the following as protected by the NDA:
- Intellectual Property (IP) and trade secrets
- Company financials
- Product/strategy roadmap
- Customer database
- Employee database
- Source code (if applicable)
- Product components and manufacturing processes (if applicable)
- Supply chain information
- Passwords and other access codes
- Details of company operations
- Internal company communications
- Information about third-parties related to the business, e.g. marketing partners
- Other sensitive information that should not be made public
Typically, the following will be excluded from the NDA:
- Information that the recipient already knows before signing the NDA
- Information required to be disclosed to law enforcement or the government
- Information that is generally available in the public domain
- Personal particulars of the parties signing the NDA
The law does not restrict the kind of information that an NDA can cover. As long as both parties sign the document willingly, the information contained in the NDA will be protected.
Obligations of signatories:
This is the meat of the NDA. This section sets out the responsibilities which the parties of the NDA must abide by.
These obligations will specify restrictions/prohibitions on the use of confidential information. It will also state the circumstances in which information may be released, and to whom it may be released.
Some common examples of what the obligations section will include:
- Only allow parties to use confidential information for the benefit of the company.
- Prohibit parties from using confidential information for their own personal gain.
- Prohibit parties from sharing confidential information with third-parties, without permission.
- Prohibit parties from transferring confidential information to others after they leave the company. Confidential documents must be returned or destroyed upon termination of employment/professional engagement with the company.
- Allow selected disclosure of confidential information only to specific persons (e.g. colleagues, law enforcement, government, white-listed individuals, etc.).
These obligations must be stated in the NDA. If they are not stated, the Courts can deem the NDA invalid.
Duration of NDA:
There are two parts to the duration of an NDA: i) duration of the NDA itself, and ii) post-NDA confidentiality period. These two periods must be stated in the NDA.
The duration of the NDA itself could last for as long as the business relationship is being carried out. For employees, this duration is usually while they’re employed. For joint-ventures, it’s usually for as long as the JV is in existence.
The post-NDA confidentiality period (technically called the “term of continued confidentiality”) will extend beyond the NDA. This post-NDA confidentiality period is usually 2 to 5 years. Generally, one will find it difficult to enforce a lifelong continued confidentiality period.
Example: Tim is employed in a 2-year contract with your company. Tim signs an NDA for the duration of his employment, plus a continued confidentiality period of 5 years. Tim must therefore not divulge any confidential information revealed to him for a total of 7 years.
Prohibition against assignment:
An NDA should state that it does not transfer any rights, licenses, or ownership to the parties receiving the confidential information. This is meant to prevent arguments that signing an NDA, and receiving the confidential information, qualifies the recipient as being an owner of the confidential information.
Applicable law and governing jurisdiction:
The NDA should clearly state which laws will govern the Agreement. For Singapore companies, it’s ideal to use local law, unless there are some special circumstances where you need to have a foreign law oversee the NDA.
Limitation of liability:
Limits the liability of the signatories of the NDA. Often seen in unilateral NDAs.
How can you stop others from breaching a Non-Disclosure Agreement?
Sometimes, other parties may breach an NDA that they’ve signed with you. For example, a disgruntled employee may quit to join a competitor, and start poaching your customers using their knowledge of your clients. A co-founder may fall out with you, and start their own competing business using confidential technology you developed. You can contact a lawyer to get an injunction against the offending party to stop divulging, or using, the confidential information. An injunction is a legal order to stop doing something. The injunction can also compel the offending person to destroy the confidential information.
Besides only relying on an NDA, you should take additional steps to stop your private data from being misused in the first place. Here are some tips that you can implement to safeguard your confidential data:
- Be very careful about which employees can access private information. Set permissions to allow only designated employees to view private information, and only an allotted segment of the universe of private information. For instance, only allow salespeople to access their own customers, and not the entire customer database. Don’t allow anyone in your company to access your entire customer database, unless absolutely necessary.
- Encrypt important documents. This means only individuals whom you’ve given the password to can access it. You can also disable printing for such documents to hamper offline dissemination. Dishonest individuals can still take photos or screenshots, but if you’ve got 10,000 pages of confidential data, it will take time and be difficult to copy it all. The goal is to make it as difficult as possible to discourage leaks.
What happens if you breach a Non-Disclosure Agreement?
If you breach an NDA, the same legal actions above will be taken against you. If someone else finds out they you’ve leaked confidential information, or are using confidential information in ways you’re not supposed to, they can sue you for it. The other party can lodge an injunction to get you to stop spreading or using the private information. Also, the other party can demand compensation for losses they’ve suffered as a result of this breach of confidentiality.
Such lawsuits can easily set you back hundreds of thousands, or even millions, of dollars. Lawyer’s fees alone will be tens or hundreds of thousands. Add to that the potential cost of damages, and you could be facing a huge bill that you might not be able to pay.
How can you protect yourself from breach of confidentiality lawsuits?
If you’ve signed an NDA and run a business, make sure that you carry Professional Indemnity Insurance. This type of coverage protects you from a very a wide range of business-related lawsuits, including lawsuits for breach of confidentiality. You may break an NDA inadvertently. The scary part is you may not even have broken the NDA, but the other party accuses you of doing so. You don’t have any control over whether someone else sues you for breaking the NDA, but you do have control over the defenses that you can mount against such lawsuits.
Professional Indemnity Insurance pays for:
- Lawyer’s fees (which can be hundreds of thousands, if not millions!)
- Damages/settlements (also can cost hundreds of thousands or millions)
Professional indemnity insurance covers a wide range of lawsuits, like:
- Breach of confidentiality lawsuits
- Negligence lawsuits
- Errors & omissions lawsuits
- Defamation lawsuits
- IP infringement lawsuits
- Lawsuits related to subsidiaries
- Employee dishonesty lawsuits
- …and much more