Consider this scenario: Acme is contemplating entering into a confidentiality agreement with Widgetco under which Acme would provide confidential information to Widgetco. But Acme is concerned that Widgetco might be acquired by a competitor of Acme, resulting in Acme’s valuable confidential information getting into the competitor’s hands. What can Acme include in the confidentiality agreement to address that concern?
Termination on Change of Control
Here’s something I wouldn’t include:
Each party shall notify the other party at least 10 days before consummating a Change of Control to a Competing Provider or an Affiliate of a Competing Provider. If such a Change of Control occurs, the other party may terminate this agreement by giving written notice to the party that consummated that Change of Control.
It’s a tidied-up version of a provision I saw today. The problem is that the notion of terminating a confidentiality agreement is confusing and unnecessary. For one thing, a party can bring to a close whenever it wants the period during which it discloses confidential information. And a disclosing party wouldn’t want to cut short the period during which the recipient has to keep information confidential. For more on this, see this 2011 post.
Prohibiting Transfer by Change in Control
An alternative approach would be to prohibit the recipient from transferring its obligations under the confidentiality agreement, including by getting acquired. That would seem effective. But if the relationship between Acme and Widgetco is trivial to Widgetco compared with the prospect of being acquired, Widgetco and its acquirer might regard breach of the confidentiality agreement as a cost they’re willing to pay to do the deal.
Doing Nothing
Here’s what my form of confidentiality agreement says regarding permitted disclosure:
Any individual to whom Acme discloses Confidential Information in accordance with this agreement may disclose that Confidential Information only to any Representatives of Widgetco who require that Confidential Information to evaluate the Proposed Transaction, on condition that before Confidential Information is disclosed to any individual in accordance with this section 4 the Recipient notifies that individual of the confidential nature of the Confidential Information.
So if Acme abandons the proposed transaction because Widgetco was acquired, it would constitute misconduct if Widgetco personnel were to disclose Acme’s confidential information to the acquirer’s personnel. Acme could specify that Widgetco is liable for inappropriate conduct by Widgetco personnel. Acme could even insist that the relevant Widgetco personnel enter into confidentiality agreements with Acme. Depending on the nature of the confidential information, Acme might decide that such measures constitute enough protection.
Anticipating a Possible Acquisition
If Acme is concerned about Widgetco being acquired, it could incorporate in the confidentiality agreement provisions that address that address that possibility. For example, it could insist on special procedures for handling its confidential information, for example that Widgetco keep a log of everyone who is given access to the information.
Requiring return or destruction of information might help, but such measures can be of limited effectiveness, given that these days most information is distributed electronically.
A couple of peripheral issues that apply to confidentiality agreements in general, not only in the context you’re talking about:
First, it makes no sense to refer to “the return or destruction of information.” It’s impossible to destroy information, and, although I suppose it’s possible to “return” information in the same sense that I can give you information, that’s not really what you want. The contract language should always require the return or destruction of all records of confidential information, with precise, robust definitions of “record” and “destroy.” I often use the Uniform Electronic Transaction Act’s definition of “record.” The definition of “destroy” should include removal of records from computer systems, etc. to whatever degree the parties agree on. For example, is it okay to delete a file from a computer’s hard disk using the computer’s operating system (which means it’s probably possible to recover the file, at least for a while), or must the information be overwritten?
Second is an idea I’ve sometimes used, even though I’ve never entirely satisfied myself that it’s a good one. In at least some jurisdictions, maybe most, prohibitions on disclosure and use of information (other than information that qualifies for protection under trade secret law) must, like other restrictive covenants, be limited to a reasonable period of time. Confidentiality periods are usually structured to begin to run from the date of disclosure or the date the agreement terminates. I’ve sometimes structured them to begin to run on the date that the recipient complies with the requirement to return or destroy records of information. It’s been a while since I looked for case law, but I’ve never seen anything to indicate whether that satisfies the requirement for a reasonable limitation on the time during which the prohibitions on use and disclosure are in effect. If the recipient does what it is supposed to do, the confidentiality period will expire at a reasonable time. On the other hand, if the recipient breaches its promise to return or destroy records, the prohibitions on use and disclosure may never expire. One can also require the recipient to furnish documentation of the date that all records of information have been returned or destroyed, but I seldom, if ever, bother with it. To be frank about it, I figure that, in most lawsuits over a breach of confidentiality, discovery will turn up records that prove the recipient never complied with the obligation to return or destroy. (Color me cynical.) Although that would, of course, prove a breach of contract for failure to return or destroy, the plaintiff may have trouble demonstrating any damages from that type of breach, and an injunction to return/destroy after the confidentiality period has expired doesn’t do much for the plaintiff. Thoughts?
[Note: I don’t always include a requirement to return/destroy. If the disclosed information will, by its own nature, lose its value within, say, two years, I impose a two-year confidentiality period from either the date of disclosure or the date of termination and forget about a requirement to return or destroy.]
What is the purpose of terminating for change of control? Hasn’t the horse already bolted if you’ve already disclosed? Isn’t the key about use for limited purposes. So if the recipient discloses to the acquirer and Y misuses the information, recipient is liable to discloser for profits arising from the misuse of that information.