Comments on: The Duration of Confidentiality Agreements

By: Jeannette

Jeannette — Tue, 10 Jun 2008 15:34:01 +0000

I have a question. What if you disclose the same information to different parties and you do not use the same CDA? Specifically, what if the period of confidentiality is different in each one? Is there any case law that says every recipient’s obligation with respect to that confidential information expires on the shortest date?

By: George

George — Fri, 06 Jun 2008 06:29:05 +0000

Assuming there is a breach of confidentiality much after (let’s say 7-8) years after the information is disclosed under a perpetual confidentiality agreement, what is the probability that any damages can be claimed? Since confidential information will lose its value due to obsolescence, is entering into a perpetual confidentiality agreement really a risk?

By: Liz

Liz — Sun, 25 May 2008 03:24:59 +0000

Not to further complicate matters, but there’s the third case where the information disclosed must be held in confidence because of applicable regulations. An example would be a technology partner to a technology services provider to financial institutions that will have access to the TSP’s own company confidential information (draft press release), trade secrets (product roadmap), and the TSP’s customers’ data that is protected by specific law or regulation (GLBA). Current FFIEC regs don’t reach so far as to specify contract provisions for the TSP’s subcontractors. In this scenario it might make sense to have a third term, i.e, for so long as applicable law (or the specific regulation) requires the information be held in confidence. Typically, in this case it’s known at the time of contract what regulated information will be disclosed, and there will be additional paragraphs discussing specific obligations relating to that class of information. It’s important to ensure that any term limitations on the agreement are consistent with the regulatory requirements that apply to the regulated disclosures.

By: David

David — Sat, 24 May 2008 18:47:49 +0000

Chris raises a good point. In many types of commercial contracts arguing over governing law is a pointless exercise. With confidentiality agreements that is not always the case. Does anyone know of a concise and reliable list that can be used as a guide to identify states where there may be reasons to avoid the application of that state’s law if you are the one looking to protect your confidential information?

By: Chris Lemens

Chris Lemens — Thu, 22 May 2008 16:59:41 +0000

In a stand-alone confidentiality agreement anticipating a commercial deal (i.e. not M&A and not employment), I usually bifurcate the term.

The first part is the period during which the disclosure must occur for the information disclosed to be considered “Confidential Information.” This deals with the risk that someone receives information long after the discussions ceased, but the other side then contends it is confidential under the agreement. Usually, I use a term of one year for our business, but I’d want to look at business practices for each business before making that decision.

The second part of the term is the duration of confidentiality for information that was disclosed during the term. Here, I usually say that the obligations last as long as the information remains within the definition of confidential information. That definition comes pretty close to the definition of a trade secret, with the exception that I don’t require it to be vlauable. I don’t think I’ll ever be enforcing the agreement for valueless information, so I have a hard time seeing a situation in which a court would invalidate the agreement as anticompetitive.

I’m leaning towards changing my form, out of an abundance of caution, limit the duration of protection to the maximum allowed by state law, if that is less, for information that is not a trade secret.

That said, I’ve tried to avoid the jurisdictions where I knew they made that kind of distinction. (I never allow Georgia law to govern, for example.) Does anyone know if there is a reliable list?

Chris

By: Ken Adams

Ken Adams — Thu, 22 May 2008 15:26:00 +0000

10803: I always thought it cumbersome to have a confidentiality period attach to each bit of disclosed information. I’d be inclined to tack on a catch-all confidentiality period after termination of the relationship.

Jeffy: No argument that when you’re not dealing with trade secrets, in most circumstances the likelihood of damages drops off precipitously over time. But what’s more important is that courts are inclined to hold that perpetual confidentiality periods are unenforceable. Also, as I suggest above, it’s neater to be able to say that a given agreement is definitively over.

Ken

By: Jeffy

Jeffy — Thu, 22 May 2008 14:38:50 +0000

An interesting article, though unspoken in all this discussion of “term” is the considerable likelihood that, for most kinds of confidential information (excluding the kinds of trade secrets highlighted by Eric’s above comments), damages arising from a breach of an NDA would rather rapidly decline over time. In other words, what’s the harm in inadvertent disclosure of once-confidential information 5 or 10 years after the fact? In most cases, I suspect the answer is that there is no harm and, therefore, no basis for a damages claim. Not endorsing perpetual term NDAs by any stretch, but just suggesting that in many cases the practical implications are comparatively limited.

By: 10803

10803 — Thu, 22 May 2008 14:29:46 +0000

I’m open to suggestions on the term. If it’s perpetual, that’s stating the obvious for trade secrets but is of questionable enforceability for everything else.

If we limit the term (other than for trade secrets), we either have to do so from the date of the agreement (e.g., January 1, 2008 to December 31, 2013) or we have to have a continually rolling term from the date of disclosure. Most of my NDAs are for ongoing business relationships. That causes problems with both of those options. In the first setup, I could have CI disclosed on November 30, 2013 and it’s only protected for a month.

In the second structure, I could receive CI today and still have to treat it confidentially 15 years from now (because I received additional CI later under the same NDA), or rely on one of the standard exceptions. I’d rather my colleagues be absolutely vigilant for (at least) N years from the date of disclosure and not have to worry about making an inquiry (or defending a claim) about whether the materials have or haven’t fallen out of the definition.

Are you proposing that the agreement has different terms (duration terms, not rights/responsibilities) for each disclosure, or were you just contemplating discrete NDAs for discrete (no pun intended) disclosures?

By: Ken Adams

Ken Adams — Thu, 22 May 2008 14:21:56 +0000

10803: The exceptions state the obvious, but I in fact keep them in. As I noted above, stating the obvious can sometimes be useful, and I think that’s the case with these exceptions.

Also, I’m not sure about giving the agreement a perpetual term but limiting the confidentiality obligations. You might be giving with one hand then taking away with the other.

Ken

By: 10803

10803 — Thu, 22 May 2008 14:13:12 +0000

I’ve been thinking about this a bit recently and, in fact, just rolled out a new NDA. Our approach is that the Agreement has a perpetual term. Confidentiality obligations, however, survive

- for trade secrets, for as long as it constitutes a trade secret under the Uniform Trade Secrets Act;
- for CPI, in perpetuity unless statute provides a shorter term;
- “other” confidential information for N years from the date of disclosure.

This is pretty close to what Ken was writing above, but rather than limiting the agreement by term, we (try to) avoid the unenforceability issue by limiting only specific obligations by time.

Also, I think there are four standard exceptions to confidentiality: publicly available other than from breach, received from another source not (known to be) in breach, independently developed and previously known. I know Ken likes cutting as much chaff as possible, but those exceptions would be glaring in their omission and, in fact, are subject to occasional negotiation (for example, whether a recipient has to know if another party disclosing CI to it is doing so in breach of a confidentiality obligation).