A Bad NDA Can Be Worse Than None at All

In business, one of the most routine legal documents you’re likely to run into is a non-disclosure agreement, better known as an “NDA.” They’re super handy because they let you disclose secret stuff to business partners and potential business partners without giving away the farm. A lot of business just couldn’t get done without them. NDAs are so essential to and routine in business that NDA forms are one of the most popular documents on online legal-documentation services, like LegalZoom. There’s kind of a dark side to NDAs, though. If you don’t comply with their terms when disclosing your secrets, you do give away the farm. This might not seem too surprising, but it is, when you consider that not every disclosure of a trade secret to a third party necessarily eviscerates the sine non qua of trade-secret protection, i.e., secrecy.


She’s too busy doing science to keep track of all those fussy NDA provisions!

Trading Old Secrets for New!

Let’s step back a moment, and I’ll explain what I mean. You can think of trade secrets as having a “trade” and a “secret” component. The “trade” component is whether the information has an “independent economic value.” A quick-and-dirty test of this if whether your competitors would like to have information (and would be willing to pay for it). The “secret” component isn’t absolute. You need only make efforts to preserve the secrecy of the information that are reasonable under the circumstances. I know that sounds squishy, but the standard has to be flexible. Compare the formula for Coke* versus your customer list.

* Coke classic, anyway. One suspects the efforts to preserve the secrecy of the formula for New Coke is a lot less.

You might think, though, that deliberately telling the information to a third party would pretty much deep-six the secrecy of the information, especially if the third party is a competitor or potential competitor. You might as well shout it from the rooftops, right? The law isn’t so harsh, though. Under the Uniform Trade Secret Act, which has been adopted (with some variations) by almost every state*, it’s unlawful to use or disclose someone else’s trade secret to another if it was “acquired under circumstances giving rise to a duty to maintain its secrecy or limit its use” (§ 1(2)(ii)(B)). Could you not at least imagine a meeting between two competitors in which secret information was exchanged, for mutual benefit, and it was abundantly clear that the information was for evaluative purposes only and wasn’t to be spread about to people who really didn’t need to know?

* Really notable exceptions: New York (!!), North Carolina (!) and Massachusetts (bill to adopt it was introduced this year).

So why have NDAs at all? A couple of major reasons. First, take the hypothetical that I just described above. Does that sound air-tight to you? Do you really want to trust the protection of your company’s crown jewels to whether a judge or jury agrees that the particular circumstances under which you discussed said crown jewels* gave “rise to a duty maintain its secrecy or limit its use”? Also, that’s a question of fact, which implies lots and lots of expensive litigation just to getting to the point where you can stop the recipient of said crown jewels from using or disclosing them.

* I feel like I’m mixing a metaphor here.

Second (kind of related to the first), there is the inherent superiority of contract over tort. Torts are where the law makes certain acts illegal (but not criminal*). This means that the protection on which you rely can change over time, if, for example, the state legislature changes the law, or if the courts alter the law over time. By contrast, contracts are changeable only by the parties** can change the contract. Even better, the parties can control precisely what their obligations and benefits are.***

* In other words, you can sue on a tort, but the government can’t necessarily fine or put someone in prison for it, unless it’s separately also a crime (e.g., copyright is both a tort and a crime, but not coextensively so).

** Which might or might not be precisely the parties who formed the contract, depending on how assignment of the contract is managed.

*** All this assumes somewhat balanced bargaining position. If the bargaining positions are seriously tilted, this is no fun at all for the party with the weaker bargaining position.

A Convoluted NDA

So, now, you might think that NDAs pretty much risk-free. They look like just an added layer of protection over regular trade-secret protection. If a bad actor isn’t stopped by the NDA, you can always fall back on trade secret, right? As a company called Convolve discovered to its cost recently: wrong. It turns out that the NDA supplants trade-secret protection. Thus, if your NDA is badly drafted, you could end up with no protection for your trade secrets.

Here’s what happened to Convolve. Convolve was the owner of new technology related to how hard-drives read information. In 1998*, Convolve wanted to license its technology to Compaq (a computer manufacturer, since purchased by HP) and Seagate (a manufacturer of hard drives). To facilitate the conversations, the parties entered into an NDA with the following salient features:

  • It covered (among other things) Convolve’s “algorithms and processes for enhancing positioning systems.
  • It applied only (1) to information that had been marked “confidential,” or (2) to information that wasn’t so marked, but was (a) treated as confidential at the time of disclosure AND (b) was later designated as confidential in writing.
  • It also had the usual exclusions to information already in the public domain, etc.

* These dates are not typos. This case has actually be pending for thirteen years.

At this point, you might ask: why have any limitations? Why not make all information exchanged by the parties “confidential” (subject to the traditional exceptions)? One reason why not: the broader the scope of the NDA, the more information you’ll acquire that you have to be careful with. Sometimes that won’t matter, but sometimes keeping track and segregating all that information can be a burden.*

* You could argue that this represents another dark side of NDAs: losing track of what you’re supposed to keep confidential, then finding yourself on the wrong end of a lawsuit for violating the NDA. If so, it’s not as drastic as what happened to Convolve.

Anyway, the negotiations dragged on for a couple of years. Convolve was careful to designate the information is provided Compaq and Seagate “confidential.” Near the end of negotiations, the parties had some face-to-face meetings at which a lot of Convolve’s trade secrets were discussed. But Convolve failed to follow up and designate in writing its disclosures at these meetings as “confidential.” After negotiations fell apart in 2000, Convolve started to suspect that Compaq and Seagate were using its trade secrets for their own benefit.

Convolve sued. The courts, however, held that Convolve’s failure to comply with its own NDA meant it couldn’t maintain a claim for breach of the NDA. But, Convolve argued, what about trade secret? Shouldn’t a jury at least have the opportunity that Convolve disclosed these important trade secrets “under circumstances giving rise to a duty to maintain [their] secrecy or limit [their] use”? After all, the parties had been engaged in lengthy negotiations involving technology that was obviously secret. Couldn’t a jury conclude that Convolve wouldn’t have disclosed the information without an expectation of secrecy, and that sophisticated companies like Compaq and Seagate knew that?

The court held no. Once the claim on the NDA failed, there was no “back up” claim for misappropriation of trade secrets. The court had two bases for this holding. First, the court felt that allowing a trade-secret claim would invade the private contractual agreement made by the parties. The point of the contract is certainty. Allowing an additional tort claim would introduce uncertainty.* Second, the NDA defines the very “circumstances giving rise to a duty” to maintain secrecy. In this sense, the contract is telling the tort what’s what.

* Then again, it’s not as though Compaq and Seagate were ignorant of trade-secret law. It would have been nice if the contract actually said that it was supplanting trade-secret law. Unless… The court didn’t say so, but is this rule just a sub-set of the economic loss rule, which prevents recovery in tort for purely economic losses that are within the scope of a contract between the parties?

NDAs Are Contracts, Not Mere “Forms”

The key lesson from Convolve’s experience is: make sure you understand your own NDAs and can live with and within the terms.* What, precisely, was the benefit of requiring the follow-up written notice?

* Advice applicable to pretty much any contract.

The broader lesson is this: NDAs matter, regardless of how routine. Maybe you don’t need to obsess over them, but they’re not just forms you fill out. They’re binding contracts, and bad ones can and will have bad consequences. At a minimum, you need to make sure it covers what it needs to cover, and not too much more, and that the method of identifying confidential information is something you can follow without too much effort (and won’t forget about, as Convolve apparently did).

Thanks for reading!