Confidentiality Agreements

Or Non-Disclosure Agreements. All that is usually required is an agreement recognizing that certain information is confidential and an undertaking not to disclose it to unauthorized parties or to use it for unauthorized purposes.

Unfortunately there are a number of "standard" wordings in circulation, some of which are severely flawed. If you wish me to sign a "standard" form, I respectfully ask you to ensure that it

1. conforms to the EU IPR Helpdesk recommendations,
2. is written in plain English,
3. clearly identifies what is confidential,
4. confines itself to
   1. acknowledging the need for confidentiality and the possible harm resulting from breaches in confidentiality,
   2. acknowledging that redress by damages, injunction or equitable relief may be required,
   3. undertakings and agreements to maintain confidentiality,
5. but refrains from
   1. defining liability or indemnity in "blank cheque" terms,
   2. encroaching upon matters of IPR,
   3. using self-defeating terms like "delete",
   4. imposing pointless burdens such as
      1. the requirement to physically return media,
      2. having to prove or show that non-confidential information is in fact, non-confidential,
      3. an undertaking to disobey the authorities by delaying disclosure when legally required to do so.

Notes, by paragraph
3. Probably the most difficult part but I have seen NDAs which would cover casual jokes or remarks about the weather.
4.i. This establishes that the party receiving the information understands the importance of confidentiality and thus cannot easily argue that there was no way he/she could have known that a disclosure would result in harm.
4.ii. This establishes that the receiving party understands the possible consequences of unauthorized disclosure and that these may not be limited to financial damages but may include all other legal forms of redress.
5.i. There may be occasion when it is necessary to agree in advance the extent of damages etc. but in general this is best left to the Courts to decide what is reasonable. Blank cheque clauses are clauses which accept unlimited liability automatically.
5.ii. Intellectual Property Rights should be established by means of a separate contract. NDAs which claim information derived from confidential information as necessarily confidential are too sweeping. The confidential information contained within other information remains confidential, the additional information is IP and should be dealt with accordingly. My terms and conditions provide basic IPR protection for both parties in the absence of more specific agreements.
5.iii. The use of technical computer terms such as "delete" is deprecated since, in the context of business computers, "delete" means the information in question is merely removed out of sight of the operating system and can be recovered at will by anyone capable of downloading a free "undelete" utility.
5.iv.a. If you want your disk or papers back, this is just a matter of returning borrowed property, it has nothing to do with confidentiality. Inflexible "return" clauses can rule out destroying unwanted papers, for example. What is usually needed is an undertaking to return or irrevocably destroy such media. It is not as if returning it provides proof that copies have not been kept!
5.iv.b. A clause may acknowledge that the recipient may already have identical information from another and legitimate source and it is (therefore) exempt from confidentiality. Such clauses should not imply that, unless there is proof to the contrary, any disputed information automatically belongs to the other party.
5.iv.c. Ludicrous though it may seem, some NDAs have clauses undertaking to commit a crime by withholding information when required to divulge it to the proper authorities.