It’s standard practice among companies to issue Non-Disclosure Agreements (NDA) requiring employees, contract workers, investors, customers, suppliers, licensors, franchisees or partners to keep confidential any business-related information they will have access to during their relationship with a company.
In theory, an NDA offers security to a business that wants to prevent people from sharing its secrets with the world. In reality, the people who sign it often just view the NDA as a contract they must sign as a formality, one the business will probably never enforce. If that’s the case, why issue an NDA at all?
If employees have access to sensitive information (for example, customer data or your financial reports), issue an NDA to keep that information in-house. In addition, if your business is on the cutting edge of research and development—i.e. you create brand-new products or services, or you improve products or services with new technologies or processes—you should issue an NDA to prevent people from sharing your plans and research with competitors. In a nutshell, without an NDA, it will be very hard for you to pursue a lawsuit even if you can prove that someone shared your business secrets.
So if you feel an NDA is necessary to protect your business, how do you enforce it?
Securing Your NDA
Enforcing the contract starts well before someone actually violates it. Here are some steps for securing a solid NDA:
- Know how far you are willing to go. Most organizations won’t seek legal counsel or press charges against someone who breaks an NDA. Decide now what your intellectual property or confidential information is worth to you, and plan the steps you will take if someone breaches your NDA—and stick to the plan. If word gets around that you only threaten action, people won’t take your NDA seriously.
- Acknowledge the existence of your NDA. Before you hire employees or contract workers, form business partnerships or start a relationship with potential investors inform them that you require everyone to sign a contract. Also, describe in writing the actions you will take if anyone violates the terms of the contract. If people refuse to sign it, you will have to accept that and move on. If you make exceptions for some people, your IP may be left unprotected.
- Determine what you can cover. Generally, you can protect information that is not commonly known to the public, so you may not be able to cover information if other businesses in the marketplace are already doing something similar to what you are planning. In addition, be aware that public bodies (including schools and universities) in the UK are regulated by the Freedom of Information Act, and your employees may be required by law to hand over sensitive information no matter what their NDA says.
- Define what is confidential. The problem with most NDAs is that they offer vague or broad language about what information is truly confidential. In your NDA, detail the information that is covered by the contract (for example, trade secrets, business strategy details, potential ventures, financial data, marketing plans and product development roadmaps). In addition, as you announce your change initiatives and other plans, say “This information is confidential and protected by the Non-Disclosure Agreement,” to inform people that what you are about to say is to remain in-house.
- Establish a timeframe. For some information, the NDA needs to only apply for a few years. Marketing campaigns and product development plans will become outdated fast, so you don’t need to protect that information in perpetuity. However, in cases where the information won’t change (for example, beer or soft drink recipes), the terms should run much longer. In addition, ensure that your NDA covers a specific time after a relationship is dissolved (for example, after an employee quits or is terminated).
- Hold people accountable for legal costs. Include a clause in your NDA that states that if you take legal action because someone breaks the contract, the winning party will be entitled to legal costs from the losing party. That stipulation could force some people to refuse to sign the agreement. In that case, it’s likely in your best interest to pursue another party who is willing to comply with a reasonable NDA.
Enforcing Your NDA
Following the advice above will certainly increase your chances that someone will take your NDA seriously. However, if after taking those precautions, you learn that someone has violated your NDA, follow these steps:
- Seek out legal counsel. A lawyer will help you determine what legal rights you have, whether that is breach of contract, copyright or patent infringement, misappropriation of trade secrets and so on. A lawyer will also walk you through the rest of the process.
- Send a cease and desist letter. The letter is a formal request for the person who violated the terms of your NDA to stop infringing on your intellectual property. If the person fails to comply, you will need to pursue further legal action.
- Refer the matter to the local civil courts. With some types of infringement, UK law considers it a private matter to which you must decide how to respond. Other types are considered criminal and you must refer the matter to the CPS. For more information, see here.
- Build your case. This is the most difficult part of the process since you must be able to prove with concrete evidence who leaked your information. Work closely with your lawyer to make sure you gather the appropriate evidence, and you may even consider hiring an investigator. If you fail to prove your case against the person, you could be responsible for any legal fees either of you accrued during the lawsuit. You must be able to prove that the information leak has hurt your business in some way. Put a monetary value on the information disclosed (and potential revenue lost due to disclosure)—and back that up with evidence.