Return of information - NDA Provision

NDA Anatomy™
JC’s guide to non-standard confidentiality agreements.
For the OneNDA, see the OneNDA Anatomy

A Jolly Contrarian owner’s manual™

Sample text

If so requested by the Discloser at any time by notice in writing to the Recipient, the Recipient shall:
  1. destroy or return to the Discloser all copies of Discloser’s Confidential Information;
  2. erase all Discloser's Confidential Information from its computer and communications systems and devices;
  3. As far as is practicable, erase all the Discloser's Confidential Information in electronic form; and
  4. certify in writing to the Discloser that it has complied with the requirements of this Clause.

Resources and Navigation

Index: Click to expand:

Overview

Template:Nda return of information comp

Summary

The disclosing party will, of course, want to be able to conclusively get the confidential information back out of your sticky mitts at the end of the project. Hence the Return of information provision.

Return, or put beyond practical use?

In this modern era of distributed network computing, the usual entreaties to “return all copies of information” are faintly absurd: as if they’ve been kept in a manila folder in a filing cabinet somewhere, only inspected by chaperoned employees wearing white cotton gloves. Of course, everything will have been transmitted electronically, will exist in clouds, on blockchains and on servers all around the world, and the very action of attempting to “return” it will oblige it to be copied onto other servers etc. etc. Some of these copies will be stored for years under legally mandated document retention policies, but other entities will just be anal — or useless — about hoarding information.

So the real ask ought to be “to put beyond practical use” and have an exception for regulatory retention, and the practical realities of how information technology works: every internal email creates copies on all kinds of different servers and so on; non-magnetic erasures can in theory be undone. Theoretical eradication of a file is impossible; what matters is the practical removal of the information from persons in whose grubby fingers the poor discloser’s (cough) legitimate business interests can suffer.

Derived information

There’s also a conceptual issue with information the receiving party has derived from the confidential information.

Derived information, the fecund fruits of the receiver’s own creative juice and analytical energy, worked upon information given to the receiver by the discloser, is in no sense “proprietary” to the disclosing party,[1] and may indeed be as commercially sensitive[2] to the receiving party as the material the disclosing party gave, and on which it was based, it in the first place: think of Paul’s middle eight about having a shave and catching the bus in A Day in the Life. We are in danger of getting into the jurisprudential wisdom of treating intellectual endeavour as if it were tangible property — but let’s not go there just now.[3]

Actually, no: let’s do go there. If the information in question not, in the first place, mine — that is to say, it isn’t intellectual property in the first place, then the question arises why I should be able to stop you deriving your own intellectual property out of it. This boils down to whether it was just secret data, but didn’t have any proprietary qualities, or whether it can be somehow regarded as proprietary, owned information — the articulation of which required some kind of creative impulse.

If it is only data, it does not have the quality intellectual property at all, so the receiving party’s act in deriving some new type of creative work out of it is a novel thing, owes nothing to the discloser’s disclosure as such, builds upon no intellectual property of the discloser, and should not, therefore, be restricted at all. What loss could there be? The data still cannot be disclosed to anyone in a way that would betray the discloser’s confidence, but the derivation may well obliterate any confidentiality in the original document: say you give me a thousand characters of data (i.e. not intellectual property as such), on condition that I keep it confidential. And let’s say I rearrange the thousand characters into, for argument’s sake, a sonnet (which is prima facie susceptible of copyright protection — by me). Are there economic or legal justifications for obliging me to destroy that sonnet, or return it to you, under a confidentiality covenant? Humble report, sir, the answer is “no”.

On the other hand, if the information you have given me is copyrighted then the agreement you need is a licence, not an NDA. And, there, you can control, within limits, by the law of copyright, the licencee’s ability to derive new material from it.

In any case, you should not have to offer up derived information to the discloser.Query whether it should have to even be destroyed or put beyond practical use. I mean, can you imagine a world without a McCartney middle eight, just because Lennon had the hump?

Fussy elaborations

If your game is to engage in a protracted round of pointless horse-trading, you could try imposing some arbitrary formalities upon compliance with this clause: a 14 day period within which to comply, for example; an obligation for a director or officer of the recipient to certify that the clause has been complied with.

Certification

What a “certification” clause does — well, search me. If you certify falsely that you have destroyed the information when you haven’t, then what? Is that any more egregious breach of the contract than not having destroyed it as directed in the first place? Is the measure of damage different?

No.

Are you any more able to prove any breach or loss?

No.

But there is a fun organisational time-bomb buried in this provision. Your negotiator has a free option now to create paranoid mayhem among senior people, who should know better, at some unstated point in the future, when she is well clear of the blast zone. This should gladden her heart. The requirement for some warm body in your organisation, at some unstated future date, to certify that secret squirrel information, which as far as anyone knows was sent by email and propagated through inboxes, sent items, email canoes and cloud servers in 74 different jurisdictions and could be anywhere, has been effectively destroyed or put beyond practical use will send normally sober people scuttling for exits, leaping into laundry baskets, planking, and painting the soles of their feet yellow and hiding upside down in custard.

“I can’t certify that!” the general counsel will wail. “How am I supposed to know whrther it’s been fully destroyed? What does “beyond practical use” even mean? The sky will fall in on my head if I certify this and it hasn’t! Help help we’re all going to die!”

For a cynic, this is an edifying sight. It tends to confirm one’s careful, lengthily cultivated prejudices.

See also

Template:Nda return of information sa

References

NDA Anatomy™
JC’s guide to non-standard confidentiality agreements.
For the OneNDA, see the OneNDA Anatomy
 

The OneNDA clause
Template:OneNDA Return of information view template

Tell me more
Sign up for our newsletter — or just get in touch: for ½ a weekly 🍺 you get to consult JC. Ask about it here.

See also

References

  1. If the disclosed information ever was proprietary in the first place, that is — if it doesn’t qualify as intellectual property it isn’t, or course.
  2. And more deserving of intellectual property protection: applying some analytics to raw trading data may convert it from un-ownable data to creatively juicy intellectual property, of course.
  3. Those who can’t resist the siren call, start with Lawrence Lessig’s fabulous Code: Version 2.0.