Gary Sanderson, Meyer, Unkovic & Scott Gary M. Sanderson, Meyer, Unkovic & Scott

In the increasingly competitive and globalized market, information is sacred. Companies secure it physically, digitally and in the minds of employees. As such, entities that are about to enter a partnership, merge or perform a transaction would be well-advised to get up to speed on how they handle commercial nondisclosure agreements (NDAs).

NDAs are legal contracts between parties that determine what information is deemed confidential and must be kept private. By their very nature, they are circulated prior to the parties actually agreeing to any business terms or sharing any information as part of a proposed transaction. Often, they are not given much thought, as the companies may be focused on the substance of the transaction and may not want to appear hard to work with by seeking massive revisions on what may be their introductory set of documents. Yet, this reluctance to review and revise an NDA can be a major error.

Who's Sharing Information

When receiving a proposed commercial NDA, the first matter to determine is whether it is a unilateral or mutual NDA. Unilateral NDAs generally only provide for the confidentiality and nondisclosure of one party's material, which can be appropriate when only one party is sharing information. More common, both parties will be sharing information with one another in an effort to decide if they should do business with each other. As such, a mutual NDA would be more appropriate to ensure both parties' information is validly protected. It would be a critical mistake for a party to blindly sign a unilateral NDA, yet mutually share information, and believe that it was protected.

What Is Being Shared—And With Whom

Another aspect of the NDA that the parties should carefully analyze is the definition of what information must be kept confidential, what information may be excluded and who will have access to the information. Defining what information is to be kept confidential varies widely based on the type of transaction and industry. It is often suggested that parties define what must be kept confidential broadly, but only disclose the minimum that is needed for review in the proposed transaction. Defining confidential information broadly helps protect information that may have been inadvertently disclosed as part of a large batch of data, even though it may not have been pertinent to the transaction. In some instances, it is important for the parties to negotiate certain permitted disclosures, which often involve sharing information with representatives, such as accountants or attorneys of the company, or when compelled by law or if the information becomes public knowledge.

What Damages Can Look Like

One of the more prominent—and certainly costly—recent cases involving the breach of an NDA was ZeniMax Media v. Oculus VR. ZeniMax sued the virtual reality technology company after alleging Oculus founder Palmer Luckey breached an NDA and misappropriated trade secrets, among other accusations. A federal jury ruled in favor of ZeniMax, apportioning $200 million (out of the total verdict of $500 million) for breach of the NDA. Facebook, which bought Oculus for $2 billion not long before the lawsuit, eventually settled the dispute for $250 million.

That was an extreme example of damages from NDA litigation, but the agreement itself was standard—notably, there was a clear definition of "proprietary information" and a statement that the information was to remain the property of the disclosing party. Although a massive company like Facebook can weather a quarter-billion-dollar verdict, many smaller companies might not have the money to survive a lawsuit over a breached NDA if the information is valuable enough.

What Happens at the End

Parties should also think about what should occur at the end of the arrangement, whether by expiration or termination. Companies should consider adding a provision requiring that the disclosed information be destroyed or returned to the disclosing party. It is also recommended that the parties ensure that the time periods for the nondisclosure agreements align with the companies' corporate needs. For example, some standard NDAs only require the parties keep the information confidential for a year or two. Some companies may want to negotiate a far longer period of confidentiality.

And in the event of a breach of the NDA, it is vitally important that the disclosing party require a provision allowing for injunctive relief to stop or minimize the effects of a leak of information. The disclosure of sensitive information may not cause immediate quantifiable damages, but it must be stopped, or it could be catastrophic for companies in certain industries.

Addressing these issues initially may be more effort but will reduce risk and save companies valuable time and money down the road. An attorney experienced in contracts between businesses will be able to help draft a commercial NDA and put minds at ease.

Gary M. Sanderson is an attorney with Pittsburgh-based law firm Meyer, Unkovic & Scott. He focuses his practice on a wide range of business matters and works with new and established companies to navigate complex transactions and disputes.