Confidentiality obligation - NDA Provision

From The Jolly Contrarian
(Redirected from Confidentiality obligation)
Jump to navigation Jump to search
NDA Anatomy™
JC’s guide to non-standard confidentiality agreements.
For the OneNDA, see the OneNDA Anatomy

A Jolly Contrarian owner’s manual™

Sample text

The Receiving Party undertakes in relation to any Confidential Information disclosed by or obtained from the Disclosing Party (or anyone acting on the Disclosing Party’s behalf), that it shall:
(a) Keep confidential: treat and safeguard the Confidential Information as private and confidential and to take the same security precautions and degree of care as the Receiving Party would use to safeguard its own confidential information;
(b) Purpose: ensure the Confidential Information is only used for the Purpose and otherwise on the terms of this Agreement;
(c) Need to know: not, without the Disclosing Party’s prior written consent, disclose or permit the disclosure of any part of the Confidential Information except to its Affiliates and Representatives who have a need to know such Confidential Information in the course of the performance of their duties and then only to the extent that it is reasonably necessary by reason of their being engaged or concerned in the Purpose.
(d) Ensure compliance: before disclosing any Confidential Information, make the persons to whom it is to be disclosed aware of the terms of this Agreement, and shall procure that such persons are bound by confidentiality obligations no less stringent than those contained in this Agreement and comply with the same;
(e) Not disclose: Not otherwise use, disclose, or permit anyone access to the Confidential Information except in accordance with this Agreement.

Resources and Navigation

Index: Click to expand:

Overview

Template:Nda confidentiality obligation comp

Summary

General terms of confidentiality obligations

Having defined what counts as confidential information, the question arises what can you do with it and what’s not allowed?

In order of stating the bleeding obvious:

Keep the confidential information confidential

Don’t disclose it except to the defined group of people set out in the agreement — and you may be required to ensure that these people only receive the information subject to an equivalent duty of confidentiality:

Inside the organisation: In a large organisation you may be restricted to a small group of people in the organisation, and they may be behind information barriers (for example, credit, legal or the on-boarding team). There may be specific restrictions on passing the information to trading desks and front office personnel who could profit from it (this may be illegal: it could be insider trading or market abuse), to rip a good idea off, end-run around the client to do the same deal with someone else or nefariously use it to curry favour with other clients.

Outside the organisation: you may be allowed to share it with professional advisers, regulators and quasi-regulatory authorities (stock exchanges etc) where required by law (or you reasonably consider it expedient). There may be some tiresome details about only giving what is reasonably necessary, and helping to prevent, challenge or minimise disclosures to regulators. Be aware of the schoolboy error of reclassifying information that must be disclosed to regulators as “no longer confidential”. This is wrong: It is still, in you hands, confidential. Obviously you cannot be blamed for miscreants in the public regulatory system who then misuse it, but you must still keep to your own word.

Only use it to carry out the “purpose” or “project”

This is somewhat hard to enforce — it’s nebulous, right? — and in practice, you’ll never know what goes on behind closed doors, but in the English law-speaking world this is pretty uncontroversial precisely because it isn’t practically actionable. But our North American cousins — and those on the private side of the investment banking wall — can get very worked up over it.

Not make unnecessary copies

Not the sort of thing to argue about, but not necessary either: you can xerox the information a thousand times if that floats your boat, and that won’t cause me any more damage than had you only xeroxed it once — unless you then give it to someone you shouldn’t. It is not the act of copying it that causes the loss, but your subsequent carelessness with the copies. But, still, would you strike that out of a draft? No.

Standard of care

You may see squirrelly types try to impose some “best efforts” conditionality on the receiver’s obligation to keep the confidential information safe. Have no truck with this.

The confidentiality obligation in an NDA is not sort of “well, Fluffy tries his best” exercise in special pleading: it is a plain, clear and absolute responsibility.

The very point of an NDA is the outright allocation of liability from discloser to receiver: it is to say, “in return for you kindly handing over your commercially sensitive information to me, I agree that if that information is misused, and you suffer loss — however it should come about, and regardless of the ill fate that befalls me — I am liable to you for your suffering.”

At the point of disclosure it is the receiver who controls the information, and therefore has the power to ensure it is safe and sound. If it fails in that covenant, however valiantly it tried not to, the discloser — who at this point has no control over its information, and is at the mercy of the cruel vicissitudes of your fortune as well as its own — still suffers a loss.

See also

References