Beware the NDA

While many practitioners view the non-disclosure agreement as a formality, there are in fact a variety of issues which should be considered before signing or sending out an NDA.

Any number of private equity transactions begin with the execution of a confidentiality or non-disclosure agreement (NDA). Assume a venture capitalist is investing in the private equity of an early stage firm, or two venture-backed companies are discussing a merger. The usual protocol insists that, before due diligence commences, each of the parties (in the case of a merger, particularly if stock is the consideration) or the issuer (in the case of a venture investment) seek to protect their confidential information by requesting the other party to execute an NDA.


Amongst many practitioners, the NDA is viewed as a formality or 'boilerplate' language. However, there is no such thing in the law as 'boilerplate' if, by that label, one means language which has insufficient significance to be interesting to the parties. In my experience, any misplaced or ill-advised word in an agreement can, in accordance with Murphy's Law, be given a meaning and interpretation which confounds at least one of the parties to the transaction.


Moving to the NDA (assume we are discussing a merger in which both parties are executing an NDA prior to commencement of due diligence), there are a variety of issues which should be considered … even if a 'standard' model agreement is the template from which the parties are working. First, in most deals one party to the transaction (usually the target), is undertaking a much greater risk in the event of an abort than the other. The target, by entering into negotiations to sell itself, is sending a signal to its employees and its customers (and perhaps its vendors and creditors) that it is going to be under new management … management which is perhaps unknown and maybe even offensive to the individuals and firms concerned. A lot of key employees start looking for the exit when they learn their company is being sold. Nothing can be worse for the target's shareholders than suffering that loss of critical talent and then not winding up with the pot of gold at the end of the rainbow.


With that in mind, some of us like to view the NDA process as segmented into at least two phases. In the first phase, when the parties are simply flirting with each other, the target or the issuer will disclose only enough confidential information to whet the appetite of the counterparty to the transaction. The best way to keep information confidential is to not disclose it in the first instance, particularly if the NDA suggests (as it usually must) that the counterparty is privileged not only to review the confidential information itself but to share it with its agents (say, the financial adviser), its lawyers and its accountants on a so-called 'need-to-know basis.' As the circle of informed parties widens, the risk of a leak increases geometrically. Accordingly, and consistent with the target's or issuer's posture of keeping its powder dry, there may be two NDAs or at least a segmented NDA covering two tranches of information. The party at risk will lift the curtain only so far initially, and then wait until the definitive agreement has been signed before exposing the entire tranche of information the other party needs. This entails a risk, of course, of the definitive agreement having a due diligence 'out,' which is not good news (generally) for the party most at risk. Accordingly, one solution is to make disclosures in escrow. If the information is particularly sensitive it is disclosed to an independent expert and only to that independent expert, who in turn can satisfy the counterparty that, say, the trade secrets are what they are represented to be.


Secondly, a question the target has to think through very carefully is what kind of access, NDA or no NDA, the other party can be afforded to, say, its key technical people and/or its customers. Sometimes quite elaborate protocols have to be built so that neither the executives nor the customers are spooked. Perhaps, only one individual from the other side is allowed to make those inquiries … and then only in the company, or with foreknowledge, of a specified contact person at the target, so that the executives and customers can be conditioned in advance and not surprised by the inquiry.


Although the concern is not as great as it was some years ago when some maverick judges were (see the Texaco, Getty, Pennzoil litigation) wont to construe any writing as implying some sort of obligation to conclude a transaction, the NDA should make it clear that there is no obligation of any sort (express or implied, good faith or bad faith) to proceed to a final, definitive agreement. The NDA is not the place for an obligation to bargain in good faith; in order to avoid an eccentric interpretation, that language should be stated in the most comprehensive and direct fashion.


The next remark is prompted by an NDA which I recently reviewed. The parties in an otherwise well drafted NDA imported a provision that the contract could be assigned by either party without the other's consent. That is totally inconsistent, at least in most circumstances, with the spirit of an NDA. It is hard enough to police a confidentiality agreement when you know with whom you are dealing; if the other guy turns out to be a stranger to the initial transaction, the issuer/target's policing power can become totally ephemeral.


In this document, there is also typical language that neither party will solicit nor (indeed) 'contact' any of the customers, vendors or employees of the other. This is designed to prevent the recipient of the confidential information from swiping valuable business relationships once the metrics of the same have been disclosed. However, the mistake was to use the verb 'contact' without conditioning the clause. Obviously, any party may come into 'contact' with an employee, vendor or customer of any other party in the ordinary course of its business. This obligation, therefore, has to be limited to 'contacts' which are somehow related to the financing or the acquisition; otherwise the clause can be inadvertently violated.


Finally, the agreement I am looking at talks about the obligation, if the transaction does not go forward, to restore and/or destroy, any 'writings,' including informal memoranda, which contain confidential information. Confining the obligation to disgorge 'writings' (including notes and memoranda) is 'Old Economy.' In the New Economy, it is necessary to enhance the term 'writings' by including e-mails and other memorials of confidential information which exist only in cyberspace.


One last substantive point before leaving NDAs; the VCs will not sign them, at least until a term sheet has been signed. They are paranoid, and rightly, that an ultimately disappointed entrepreneur will claim his or her trade secrets have been misappropriated when another company in the VC's portfolio starts or continues to compete with the disappointed firm. The VCs have a lot of irons in the fire, maybe in companies closely resembling the entrepreneur's. Thus, I advise my issuer clients … keep your core secrets to yourself; forget about an NDA and protect yourself by telling the VCs only enough to get the hook sunk in the soft part of their mouths.


Some of these remarks may appear to be quibbles: but there are a number of cases in which NDA violations, on occasion inadvertent, have been the subject of heated litigation. The fact is that, in today's economy, the assets of many firms are almost entirely intellectual property, and particularly intellectual property protected as a trade secret. If the trade secret becomes public knowledge it, of course, loses its value. Thus, the stakes are very high in drafting NDAs and putting into effect protocols and procedures which allow each party to supervise very carefully and nip in the bud potential violations. On the other side of the coin, if the deal doesn't happen, one must be careful not to have been 'contaminated' by information, meaning accepting disclosure of information you already own … and plan to use in your business.