Avoiding the Traps in Confidentiality Agreements

Learn from top-notch lawyers from across the profession

Michael, Praktio’s founder, sat down with a group of legal professionals to get their best advice on what to look out for when drafting confidentiality agreements. We’ve got all their advice (and more) below!

It doesn’t stop here—Praktio is full of more resources to help you with mastering confidentiality agreements. Check out our Confidentiality Agreements course, and improve your skills on your own time.

Watch our expert panelists discuss confidentiality agreements

Scroll down to read any part of the conversation, organized by question

Questions

Panelist responses are lightly edited for readability.

This goes for confidentiality agreements and in general: one good habit that I found over the years is to always think about, “Why are we putting this agreement together and what is the objective?” That's going to drive a lot of your advice and your guidance and counsel to your clients. So taking a step back and think, “Okay, what's the purpose of this?” And then you can hone in on what the issues are. And, if you're not sure, it's okay to ask: it’s okay to ask the client; it's okay to ask the associates and partners you're working with because, believe it or not, they very often will forget to include important details.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

Picking up where Sogoal left off, I think as a junior associate, it's essential that from the very beginning you understand the roles of the parties: who's disclosing, who's receiving information. That'll determine whether you want an “opt in” or an “opt out”—or how broadly you want to define confidential information. Understanding the parties and the flow of information between the two will determine how you want to structure the agreement and how protective you want to be of confidential information.

The next step, once you understand the parties and the relationship between them, is what exactly is the nature of the confidential information you're trying to protect because certain precedent agreements might deal with, for example, beverage recipes or intellectual property or software. Once you understand that, you can figure out how to define confidential information.

William Donnell Jr., Senior Counsel, Aon Hewitt

To add on to what Bill was saying, another step to think about is why the parties are sharing information between or amongst themselves. So this a precursor to an M&A deal or some sort of other transaction—or is this something that's not forward-looking to another transaction, in which case this will be the only document that is governing the relationship and the information sharing.

Melanie Gertz, Associate Attorney, Gibson Dunn

I would just stress the importance of understanding the context at all levels. If you're a junior associate, you might be asking, first of all, who's the receiving party, what does that even mean, what transaction are we even working on. So certainly that might be your set of questions at the least experienced level. But even the most experienced practitioners need to be asking questions like—and these will be quite specific—is this a public company, do you need to share with portfolio companies, are there any special considerations with the business people. So really anywhere along the curve that you are as a practitioner, you really need to understand the context of the document and the transaction.

Miles Chan, Managing Director, InCloudCounsel

To extend what Miles was just sharing, you need to understand how the confidential information will be used and whether or not it needs to be shared with subsidiaries in order for them to perform their duties or certain vendors or advisors. There can be certain foot faults where a receiving party has been allowed to receive confidential information but can't ultimately get the information to the subsidiary or the vendor that's going to perform the service. So you need to understand the full waterfall of where the confidential information needs to get to ultimately perform the service.

William Donnell Jr., Senior Counsel, Aon Hewitt

Those of you who are junior associates and those of you who are in law school, you'll have found—or you will very soon find—that most large law firms, if someone says you need an NDA, there's something off the shelf that is ready to go: a form that's used maybe 90 plus percent of the time. So it might seem obvious to ask these questions, but when you're moving quickly, you have a lot going on, it's really easy to get on autopilot with these things and just sort of like grab the document. And so that's why it's actually a helpful conscious reminder to think through all these things that everybody's touched on.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

To the extent these questions are going to be posed or raised by a paralegal or associate, the sooner, the better. Often we have the tendency to receive the assignment, then run back to our office and say “oh crap, I didn't ask all these questions that are in my head.” It's going to take you far more time to figure out than just asking the question of the mid-level associate or even the partner: “What do you think I should be most focused on when I start drafting this agreement?” You will find out the mid-level or senior associate or partners have a lot of different deals going on too, and, so, they may not have given it a ton of thought. But as they sit down in the chair and start thinking about it for 10 minutes or so, they'll probably point out to you where the likely pitfalls are going to be in this agreement. That way, at least you know where to focus your attention.

William Donnell Jr., Senior Counsel, Aon Hewitt

And I think another great point there, in addition to asking, “Hey, is there a form that would be a good starting place for this,” another great question to ask is, “Hey, is there any precedence with this counterparty that we will actually be dealing with?” In a lot of these cases, there are repeat players on both sides of these documents, and, so, a lot of the work is actually done in the context of precedent, and you can probably save yourself a lot of work, if there is a precedent, say, “Hey, should we follow a previous markup or previous precedent that we've used before.”

Miles Chan, Managing Director, InCloudCounsel

This goes along with what Bill was saying, but, in that initial meeting, it always is helpful to say, “Is there anything specific I should be thinking about with respect to this client or this transaction?” And try to parse those items from the associate or partner's brain before you start digging in and going in the wrong direction potentially.

Melanie Gertz, Associate Attorney, Gibson Dunn

I think a simple one is timing. “When do you want a draft back?” or, “Is there a meeting related to this document that I need to negotiate the document before?” So really a sense of timing as to what the key deadlines are for a successful outcome with this particular document or transaction.

Miles Chan, Managing Director, InCloudCounsel

If you're speaking with the client directly, I think asking, “Is there anything specific that you are interested in protecting here beyond the general scope of the NDA?” “Are there pain points we should be attuned to when we're preparing this for you?” Regardless of whether they're the receiving party or the disclosing party.

Melanie Gertz, Associate Attorney, Gibson Dunn

Don't be afraid to poke a little bit, in a professional, polite way. If they say, “We're going to share some IP,” what does that mean? Is it critical to your business? Is it highly sensitive? Don't be afraid for those follow-up questions and to really push. More often than not—unless you're working with a sophisticated in-house counsel—if it's the business person you're talking to, they might not really be thinking about it in the same way, so they won't necessarily know what's important to share with you. It’s okay to kind of poke at it a little bit and try to get all those details.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

Really digesting the roles of the parties because often you'll receive a form agreement, but whether or not you want to have the definition broad versus narrow is all dependent on whether or not your client is receiving the information or disclosing. So sometimes you'll reach on the document management system and pull down a precedent like, “hey this looks great!” but it's completely flipped and the opposite of what you should be doing in this particular instance. Even if it was a precedent agreement with the same client, the situation could have been very different. It's very embarrassing to draft an agreement with a super broad confidential definition when your client is the one [receiving] the information [and, thus, undertaking confidentiality obligations for that information]. It's a complete waste of time, first off, and it likely will frustrate whoever you're turning it in to. As Miles alluded to, if they're short on timing, now the mid-level has to sit up and do it tonight and they have to start from scratch.

William Donnell Jr., Senior Counsel, Aon Hewitt

Going off of what Bill was saying, I think my first recommendation would be to ask all of the questions that we just mentioned and get your mind around what you're doing, but also read the precedent. Like actually understand what you're putting on paper and what the agreement you're putting together is saying. I think as a junior associate, it's so easy to fill in the blanks and do a quick skim, but actually read and understand what the agreement is saying. Because where you can be valuable is picking out places where it doesn't make sense, or this may not be right for the client, or we can suggest other ways to approach it to fit their particular business need, and not just churning out documents left and right without understanding them.

Melanie Gertz, Associate Attorney, Gibson Dunn

From a time management and sort of project management perspective, too, more often than not something may sound straightforward, but the moment you go to your office and you sit down and think about it for five more minutes, there will probably be follow-up questions. This may not be totally straightforward especially if it's something you're doing for the first time. So if you get something on a Monday and you're asked to provide it on a Friday, don't wait until Thursday night to start thinking about it. Even give yourself like a half hour earlier in the week to think about it, even if you're going to know you're going to do the bulk of the work later. It gives you time to ask people questions and sort of do that iterative process, either internally or with the client because you just save yourself a little bit of last minute scramble. We're all human; it happens! But you do it enough times and then you learn how to start avoiding it.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

It is extremely distressing to start receiving kind of basic questions Wednesday evening or Thursday that need to be in the document on Friday. It really starts to make people off the chain kind of scared, wondering should they be dropping what they're doing and starting to draft it themselves? So even a check-in Wednesday morning to show that you've thought about it and you're making progress, you know, like, “These are the questions I have.” I think that's comforting to know that you've already started thinking about it, you’ve started drafting it, and you're at least headed in the right direction. Or there's time for me to redirect you if you're completely off base.

William Donnell Jr., Senior Counsel, Aon Hewitt

It's such a great point you both are making. You're really telling on yourself when all the basic questions come in an hour before it's supposed to be due. And it's not just that. Usually drafting something is collaborative—you're getting information from different stakeholders; you're trying to accomplish the goals of different stakeholders. There's a conversation there, and you don't give the opportunity for a conversation if you're waiting to the last minute to put the first draft together.

Michael Bloom (Moderator), Founder & CEO, Praktio

I wish somebody had told me that your client or a party can be on either side of one of these documents and might be at the same time in different transactions. Speaking in the world of finance, the same companies that are often looking at buying companies—so they're receiving confidential information—they're also typically selling companies. So you might be used to representing your client on the buy side, and you might get a document where they're now selling a company. If you don't make that distinction and realize that you're now on the other side of the agreement, you won't understand what's going on and then you may start negotiating the wrong kind of points. Making sure that you understand exactly what your client's doing and what their role in the transaction is can be key to really avoiding some pretty silly situations where you think you're on the other side and basically negotiating against yourself.

Particularly in the world of large finance, you see a lot of the same players over and over in a number of different transactions. Whether it's buy-side, sell-side, financings, add-on acquisitions, all these different scenarios have a slight nuance if not being the exact opposite thing, so it's really easy, either as a new practitioner or even as a seasoned practitioner who's doing things really quickly and at a really high level, to just not take a breath and be like, “Okay I need to make sure I understand what the full scenario is.”

Miles Chan, Managing Director, InCloudCounsel

If I were explaining it, I would probably start with thinking about a scenario in which it would be damaging not to have it, because most people are thinking about it not as, “What is a confidentiality agreement?” but more like, “Why do I have to have this in place?” And they are always thinking about, “Okay. What's the worst thing that could happen that makes it important for me to spend time and energy thinking about it?” Which I think still gets to all the questions of why and understanding what we're doing, but I find that's typically the easiest way to get somebody thinking about why these are structured the way that they are.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

From there, I would also say that once we have this NDA in place, what are my obligations, or what happens next? So if you're the disclosing party, what are you sharing? And understanding for the recipient, who they could share that information with and how they could use that information, so that my client understands the scope of what's going on and how they're protected. Or how they're restricted, depending on which party they are.

Melanie Gertz, Associate Attorney, Gibson Dunn

The term “confidentiality agreement” is a little misleading on its face, because there are pretty much always terms about confidentiality in there, but there also tends to be a bunch of other stuff. Like, how can you use the information? Who can you share that information with? There also can be some really important business restrictions that are key to understand. So I think at a starting point, you really want to understand: What's in this confidentiality agreement? And then: Why might my client care about that (depending on who they are)?

Miles Chan, Managing Director, InCloudCounsel

I would also want to discuss with them, or make sure they understood that, say the worst case scenario does come about and you're the disclosing party, what recourse do you have? Is it purely monetary or do you want to ensure that there's certain injunctive relief to prevent the further relaying of confidential information? In some cases, monetary damages would not be sufficient. For instance, the Coca-Cola recipe; if that were to get out, the receiving party wouldn't be able to put the genie back in the bottle. They wouldn't have sufficient capital to make that restitution. So it depends on the nature of the confidential information, and what presumably would happen if it were shared. That would dictate how strong we wanted to push on certain injunctive relief. But also making it not overly broad, in which case it invalidates the confidentiality agreement because courts are often reluctant to force any parties to do anything. They ultimately want to steer people towards monetary damages, but there are certain instances where that doesn't really fit the scenario.

William Donnell Jr., Senior Counsel, Aon Hewitt

I particularly hate when, if you're receiving a confidentiality agreement and there's not a term in that agreement, it can be difficult in the course of going through that, to basically realize that there's no term and then forget to put one in. I think there always should be a term in an agreement. I wish every agreement had a term, but particularly for high volume kind of repetitive documents. If no term is in there and then the attorney who's reviewing it just forgets, which would be really easy to do, then it sort of looks worse than it is.

Miles Chan, Managing Director, InCloudCounsel

I think mine for asking a junior associate to look, is going back to what I said and not reading the contract and just assuming that anything that they find in the precedent is okay for our client. So for example, if you're seeing a non-solicit in the precedent which was relevant for that deal—that a prior client didn't want the receiving party to hire or retain any of the information in some way—that that's just okay here, and not flagging that for me to review or flagging that for our client to review before we send it over.

Melanie Gertz, Associate Attorney, Gibson Dunn

Even a little more basic than that, sometimes there will be those technical terms and you may not know if they're appropriate or not. So to Melanie's point, definitely worth flagging that, but sometimes there could be references to specific party names buried in the document that if you're just grabbing the precedent, changing the name at the top, and sending it on, it's not a good look if the client, or even someone on your team, takes a look and there's very blatant references to other clients that are not relevant at all. Because you didn't take the time to read through, so even super basic stuff like that is always important to keep in mind.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

Definitely another way to tell on yourself—if there's buried in there some other party's name or a defined term that you clearly copied and pasted, or a section reference that is clearly some artifact from something else, because you didn’t take the time to conform it to this document.

I don't know that it's always terribly important (probably depends which side you're on), but the use of public domain when you mean publicly available. Those mean different things. Public domain is a copyright concept; it's like the “ABC’s” or some song that's no longer protected. That's probably not what you mean if you're saying confidential information doesn't include any information that is “publicly available” or “public domain.” It's very specific, but I see that so often, and it's not what you mean. And it goes back to Melanie's more general point of making sure you understand what the words on the page mean and are doing—in service of your clients goals.

Michael Bloom (Moderator), Founder & CEO, Praktio

We've talked about it's totally okay to ask questions, and you should all do that, but it goes a long way and it is much appreciated when junior associates do a little bit of leg work to try to educate yourself. So if you pull four different precedents and only one of them has this really specific non-solicit clause, then that kind of tells you maybe this is not a boilerplate term. Do a little bit of leg work and then that way you can really ask educated questions. Especially when you have resources available to you, I think senior associates on your team will really appreciate that you're being thoughtful about it and not just going and asking a bunch of questions that you can easily find the answers to yourself.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

Even there, the question can be—instead of, “Hey, should this non-solicit be here?”—it could be, “Hey, I noticed that there's a non-solicit in this one agreement but not in these other four. I think we'd probably want to take it out, but I wanted to check first.”

Michael Bloom (Moderator), Founder & CEO, Praktio

We encourage asking questions, but taking time to understand the agreement, think about the transaction, and then coming back with a list of educated questions that show that you have taken this as far as you can goes a very long way versus just putting things in brackets and leaving it for the mid-level or senior so they can figure out themselves because that doesn't show a ton of initiative.

Melanie Gertz, Associate Attorney, Gibson Dunn

I’ll make one more comment kind of along my prior point, which is that there can be a lot more terms in here other than just confidentiality. For example, there can be business restrictions like a non-solicit or a standstill or a non-circumvent. All of those can have a different scope with respect to who at your client it applies to, so just because one entity, let's say your client is signing the NDA, you can sort of individually pick, for any of these restrictions or any of these clauses, a larger or smaller set of folks that that applies to. So making sure that every one of the different terms that's in this agreement has the appropriate scope is a really important point and it can be fairly nuanced and fairly difficult to make sure that each one of these points is individually negotiated and the scope is set properly. But so important, particularly with respect to the business restrictions, because I think, particularly in a finance context, the biggest way to get yourself in trouble is to tell a business person that they can't do something. And if you restrict them properly in the NDA, that can be a problem pretty quickly.

Miles Chan, Managing Director, InCloudCounsel

One other thing I would add for clients who are handling these in-house without bringing in law firm help, because they have a plug-and-play form that they're churning out all the time, I think understanding what agreements are going off of your form and also keeping really good records of all the NDAs you're entering into. Make sure they're fully executed and properly dated so that, to the extent they do come up later (either for another transaction or hopefully not in litigation, but if that was the case), you have everything—all your i’s dotted and t's crossed and your records are well maintained.

Melanie Gertz, Associate Attorney, Gibson Dunn

The term of the NDA; keeping track of that term. I've seen instances where parties were still sharing information off of an NDA that was no longer really applicable, but they never went back to check or make sure that there was still something effectively protecting their confidential information. It's one of those things that you have to put on your docket and keep up with it moving forward. I'm also seeing instances where an NDA was put in place when there was already another agreement and so they overlapped which can be pretty confusing to a court. If there are two NDAs affecting different information but there is some common information that's covered by both, which agreement should they be enforcing? That's more of a logistical issue though.

William Donnell Jr., Senior Counsel, Aon Hewitt

It sounds like we should care about these things not just before we sign them but also pay attention after we sign them, to make sure we're performing and not disclosing information that's no longer protected.

Michael Bloom (Moderator), Founder & CEO, Praktio

Or information and a subsequent engagement that falls outside of the definition of protecting the confidential information. We want to leverage this existing agreement, but we're sharing something very different than what is covered by the existing agreement.

William Donnell Jr., Senior Counsel, Aon Hewitt

Term is another great one, Bill, that goes to my prior point, which is that all of the obligations here can also have separate terms. The overall term of the NDA might be two years, but the term of the non-solicit could be 18 months, and the term of the standstill could be six months. So to the extent everything is not coterminous—meaning it has the same term—you should make sure that all of the obligations are termed appropriately and within the bounds of what your client wants to do.

Miles Chan, Managing Director, InCloudCounsel

Another specific pointer pertains to cases where information a party intends to protect as trade secrets. Say the recipient's only going to keep it confidential for two years, which might be normally what you do for regular information, there have been cases where the court said, “Oh, you're not treating it like trade secrets, so it's not trade secrets,” and you lose that protection. So that’s just another tripwire that's going to your point, Miles, that the different obligations might have different terms on them. Different classes of information you might want to put different lengths of obligations on.

Michael Bloom (Moderator), Founder & CEO, Praktio

In terms of keeping track of the terms, as Bill mentioned, if your obligation to destroy or return documents requires a request by the closing party, keep track of that so you know when the term is over and can request that that information is destroyed or returned. Versus just expecting that they're going to do that, because that's not always the case.

Melanie Gertz, Associate Attorney, Gibson Dunn

Just speaking from prior experience, particularly in the private equity space, on the receiving party I always hate the obligation to return confidential information. If there's any way we can just destroy it on our end—but to collect it, get it all back, account for it, and make sure it's fully accurate, that's a huge burden on a receiving party. So, if you're coming from that aspect, you'll notify us and we'll certify that we've destroyed everything, but we're not going to box it all up and drop it at your front door because it's expensive and it's time consuming. Again, understanding the parties and the nature of the deal, you really want to push back on certain provisions like that, because it can be onerous.

William Donnell Jr., Senior Counsel, Aon Hewitt

I think as a junior associate, you're like, “Return or destroy? What's the difference?” without thinking through what that means for your client, because it is a much different obligation for them in the long term.

Melanie Gertz, Associate Attorney, Gibson Dunn

That's where you can uniquely set yourself apart from a lot of other attorneys that are just thinking about the technical legal points and more from a practical business perspective. A lot of it goes to putting yourself in their shoes. That's the kind of thing that they'll end up really appreciating because if it's the first time they're going through it, they may not even realize how onerous that is. So you can kind of help them learn the lessons they would otherwise. And if you do have clients that are entering into NDAs left and right, especially if they're not as sophisticated, you might say, “Hey, maybe you want to throw this into a chart every time you sign an NDA.” Keep track of who you need to return materials to, who requires destruction, what NDA is going to prevent you from doing xyz. It might be a pain, but if they started doing that from the beginning, depending on the nature of their business, it could be a really worthwhile exercise.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

The return or destroy one is a funny one because there's just a logistical issue around returning, which is a lot of this stuff is done over email, so how do you actually return? I guess you could work back, but that email still is on your server so in a lot of cases it's actually kind of impractical and doesn't make sense in the modern economy. That's sort of where precedence can fail, so you say, “oh we accepted this in the past well.” That doesn't really make sense anymore and probably didn't for a couple decades. I think sometimes a common sense reading can go a long way as well.

Miles Chan, Managing Director, InCloudCounsel

One practical consideration is, how are we going to provide confidential information, whatever those materials are, to the other side and make sure they stay confidential? So thinking about whether you want to do that through a data site that is watermarked or doesn't allow for download rights. This just prevents any documents being retained whatsoever. And thinking through practically, how are we going to get materials to the other side and make sure that we’re putting them in a position to abide by the NDA?

Melanie Gertz, Associate Attorney, Gibson Dunn

And the disclosing party, on a more basic level. We've defined this information as confidential, now what safeguards do you have in place to actually protect this confidential information? Some receiving parties are far less sophisticated, and some more so, and so, to assume that they're going to actually be able to protect your information when they don't even use passwords on their computers or service and protect it, the agreement's not really buying you much. And likewise, if third-party vendors or advisors are going to need to ultimately receive it in order to provide the service, you want to ensure that you know that minimum or basic level of safeguards extends, or that these subcontractors are also bound by some other agreement to basically you know comply with the terms of yours. So it's that secondary and tertiary level of thought that often, at least in my mind, distinguishes a different caliber of attorneys. It always made me take notice to see that somebody's really thought about this from A to Z.

William Donnell Jr., Senior Counsel, Aon Hewitt

I think that really speaks to so much of our jobs as attorneys, especially in a deal context. It’s to drive the process and a lot of it is not necessarily legal technical substance. A lot of the time, especially at the junior level, you have an opportunity to add a lot of value by thinking about, if we sign this nda, the client's going to go off and do whatever they're going to do, so maybe we should send them a follow-up and see, do they need a data room? How can we help with that? What's the process going to be? For preempting a lot about it and thinking about it. The more deals you do, you'll get more experience doing that. But that is just thinking about not necessarily waiting for someone to ask for something, but thinking kind of two steps ahead. Where is this going? How can I help prep for that?

Sogoal Salari, Corporate Associate, Gunderson Dettmer

And on the receiving end I've also seen issues or pitfalls arise when there are not appropriate safeguards for residual information. What is the receiving party ultimately looking to do with these benchmarks? We're going to ultimately build our own kind of allocation, so we're going to derive some other product from the confidential information and it needs to be clearing the agreement. We're going to use your information but we're going to kind of make it our own through our own intellectual property process and if that's not clear in the agreement... Sometimes I've seen disclosing parties come back and say, “hey everything you've derived from our information is now ours” or “you're not allowed to ultimately use the information we gave you in the way that you thought you would when you paid for it.” So that's one of those higher level thinking issues that really brings value, particularly from a junior mid-level associate.

William Donnell Jr., Senior Counsel, Aon Hewitt

From my perspective, this is important to protect your client as the disclosing party against a potential hostile transaction, where they are not at all interested in having the receiving party make some sort of bid or other proposal towards them, but are using that information for such bidder transactions. So by adding “negotiated,” it requires that the transaction have parties engaged on both sides.

Melanie Gertz, Associate Attorney, Gibson Dunn

This goes back to what Miles mentioned, that confidentiality agreements often include non-use or almost always should include a non-use restriction. There is a relatively famous case out of Delaware, I think it's with Marietta Vulcan, or something like that. And this question came up, can a party that was trying to do a friendly deal turn around and go right to the stockholders and do a more hostile deal? And, because the information was restricted to only being used for this transaction, which was defined as a transaction between the seller and the buyer and not the stockholders of the seller, it was found that that would be a violation of the non-use restriction. So this goes to, if the contract contains an obligation restricting use of information to the purpose or to the transaction, how you define the transaction or the purpose can matter and sets the scope for what that permitted use is. And I think, after that Delaware case, every corporate attorney ran frantically to their NDA template and made sure it said what they wanted it to say. Which is a good thing to do, to give a fresh look to those things. Other thoughts on this particular question? Is there anything anyone wants to add?

Michael Bloom (Moderator), Founder & CEO, Praktio

Coming at it from a different perspective, I think it's often used as an attempt to enhance the rights of the plaintiff party with the confidentiality agreement. Because often what the receiving party will say is like, “hey this mega entity that we wanted to enter into an NDA with basically shoved this NDA down our throats with all these super onerous restrictive clauses that we shouldn't have to abide by, because the power dynamic was so different that we really didn't negotiate any of these terms, we just signed up to whatever they gave us, so therefore the court shouldn’t enforce it.” However, by the use of trying to indicate that the parties actually discuss this and negotiate these terms, it makes it much harder for the receiving party to say they basically didn't have any choice, they didn't sign up for these burdensome restrictions. Whether or not it works is dependent on how broad or burdensome the restrictions actually are in the agreement, whether or not they make sense, but I think it's—at least the times I've seen, it—it's been an attempt to give the court more standing in enforcing the agreement as written.

William Donnell Jr., Senior Counsel, Aon Hewitt

I think, to my earlier point, it kind of depends on how well the receiving party is ultimately protecting their own confidential information. Some parties are better than others, but it goes to understanding how good are they at protecting confidential information? Which gives you an indication of how well they'll protect yours, and if they're really sloppy and not doing a great job protecting their own, using a standard like this isn't going to buy you much. You're going to want to impose something more stringent. So I think my particular concern with this clause would be understanding what their current standards are for their own internal information. If it's great, if it's strong, then this would be a helpful provision. If not, then you're going to want to go a different route and be more specific with what you want them to do with yours.

William Donnell Jr., Senior Counsel, Aon Hewitt

Thinking about it from the other perspective, if someone is asking this of your client, I typically wouldn't worry about it too much unless they're using some kind of intense level of security that's very expensive or there's some kind of unusual circumstance. But I tend to think it's not unreasonable to ask this of both parties and I don't think it's… Michael, I don't know if you went to the second part of that, but comparing it to a most favored nation clause, I think MFN clauses can be much more sticky and cause much more issues. I think this is kind of a fairness principle.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

Yeah, it's a little different too. I appreciate the analogy from the questioner. It'd be like an MFN if you're saying that the highest level you agree to protect anyone else's information ever versus your own. My reaction is similar to yours, Sogoal. It never has given me any concern and the only thing, I was trying to think how it could, I went to the same place you did. I guess if we can imagine some crazy, onerous, expensive, out of our way kind of way that we protect our own, some extra effort we'd have to undertake or expense to treat others that way, but that really seems like an edge case, to me. But any other views on this one from the panel?

Michael Bloom (Moderator), Founder & CEO, Praktio

I'll be honest I don't really do a whole lot of research personally. But we do have efforts and I think folks at firms, we have a library, we have people who work at the law firm whose role is to help stay on top of these things because things change and they change in different jurisdictions. So it kind of helps us stay up on top of those things so I definitely think it's important to use those internal resources to the extent you have them. It's typically hard to find time to do really in-depth research, so I think it's okay to leverage resources that your firm has. If there's an email that goes out that's like, this is an informational update, don't just delete it. It's important to pay attention to those things because sooner or later it may be relevant to something you're doing.

Sogoal Salari, Corporate Associate, Gunderson Dettmer

At least from an in-house perspective, I mean we don't do a ton of research. We generally outsource most of our NDAs at this point. However I found it useful for me, from time to time I receive emails where there's a certain webinar for CLE credit that's going to focus on NDAs and that that's generally a good use of time to kind of be brought up to speed on all the changes and the intricacies of various jurisdictions. Rather than trying to do it yourself, which you likely will fail at. Because as Sogoal mentioned jurisdiction to jurisdiction, California will be very different than Texas versus Tennessee versus Illinois so you really need some starting basis or someone to kind of condense it and provide it to you in a digestible manner to be time efficient.

William Donnell Jr., Senior Counsel, Aon Hewitt

Another good resource is firm emails and memos that you can just sign up for on their websites. But getting those alerts that people have spent time preparing and timely and can keep practitioners up to date is a really good tool. But to echo what Sogoal said I think one place that law firms and a big add to the NDA process is that they have teams really staying up to date and keeping their forms up to date and making sure that everything is state of the art. And I guess one tip for a junior associate is if you're looking for precedent and find something that's 10 years old on your document management system that may not be the right place to start.

Melanie Gertz, Associate Attorney, Gibson Dunn

So I've heard of companies that will do a markup of some of these basic documents; I’ve never heard of the actual negotiation being done through AI or machine learning. And my view is, particularly in the context of finance and these big transactions, there's a lot of potentially sensitive things in these documents and you still need a really smart, sharp, detail-oriented person to go back and forth and make sure that all this stuff is wrapped up. So our view is for at least a long time humans are going to be a critical component of making sure that this work is done.

Miles Chan, Managing Director, InCloudCounsel

I personally have not, but to Miles's point, if someone did use artificial intelligence to try to craft one of these NDAs for particularly a specific engagement, I think some attorney would still have to spend a significant time reviewing it anyway before it went out the door. So I'm not sure that that would be a great value add at this point.

William Donnell Jr., Senior Counsel, Aon Hewitt