It’s a common question: do we really need to have a confidentiality agreement (or NDA)? Nobody ever enforces them. And, anyway, we trust the people we are working with to do the right thing.

The short answer is usually (not always) yes, you should have a written confidentiality agreement. It’s better to have one that not.

But this doesn’t mean that you can simply download the first NDA you can find on the internet and sign on the dotted line. The key to a good agreement is customisation. It’s your agreement, take ownership of it.

The key issues to get right include:

  • The parties – seems obvious but identifying the legal entities entering in to the agreement gets the parties to focus on who they are and what they are doing.
  • Define the confidential information – this is critical, rather than having a generic list of stuff, it’s so much better to identify the categories of confidential information likely to be disclosed. Enforcement is so much easier if you can point to a category of confidential information and say, there it is, that’s what the other party has used/disclosed.
  • Define the purpose of the disclosure – what can the recipient do with the information? It helps that everybody knows where they stand.
  • To whom can the information be disclosed – if this is not dealt with, information can spread too far until it’s not known who has the information and whether there is still an obligation of confidence.
  • Deal with the ownership of intellectual property – as soon as information is exchanged there is the potential for the creation of IP, by both the discloser and recipient.

In the absence of an agreement, there can still be obligations of confidence created. If the circumstances of disclosure are such that a reasonable man standing in the shoes of the recipient would consider that the information is being given in confidence, this can be sufficient to create the obligation of confidence. But it’s so much better to have a well-drafted, customised, written agreement.

And finally: human nature. Someone is far less likely to breach an obligation of confidence if they have signed something. Where there is no written agreement, it is easy for the recipient to say: this information can’t be confidential if there is no agreement (not necessarily so). Where there is a signed, written agreement, the recipient will at least think twice about what he/she can do.