What is the difference between an NDA and a confidentiality agreement?

Nothing meaningful. "Non-disclosure agreement" and "confidentiality agreement" are different names for the same legal instrument. Both create a binding obligation to keep specified information secret. Some industries prefer one term over the other — tech companies tend to say "NDA" while financial services often use "confidentiality agreement" — but the legal effect is identical. Use whichever term your counterpart is more comfortable with.

Can I write my own NDA without a lawyer?

Yes, for standard business situations. The vast majority of NDAs cover well-established ground — defining confidential information, setting a duration, specifying permitted use and disclosure, and establishing remedies for breach. A professionally drafted template that you customize for your specific situation is sufficient for most business relationships. You should involve a lawyer when the NDA covers highly specialized IP, involves cross-border jurisdictions, or is part of a larger transaction like an acquisition.

How long should an NDA last?

It depends on the type of information being protected. Marketing plans and business strategies typically warrant 1 to 2 years of protection, since the information loses value quickly. Technical specifications, customer data, and proprietary processes usually need 3 to 5 years. Trade secrets can justify indefinite protection, though some jurisdictions limit enforceability of perpetual terms. Match the NDA duration to how long the information retains its competitive value.

What happens if someone violates an NDA?

The first step is usually a formal cease-and-desist letter demanding the violating party stop disclosing information and identify what was shared and with whom. If that does not resolve the situation, the NDA itself should specify the remedy — typically injunctive relief (a court order to stop the disclosure) and monetary damages. Many NDAs include a clause acknowledging that breach causes irreparable harm, making it easier to obtain an injunction. The specific enforcement process depends on the dispute resolution clause in your NDA and the governing jurisdiction.

Do NDAs hold up in court?

Well-drafted NDAs are regularly enforced by courts. The key factors are: the confidential information must be specifically defined (not vaguely described), the duration must be reasonable, the scope must not be overly broad, and both parties must have received consideration (something of value in exchange for signing). NDAs fail when they try to cover information that is already public, impose unreasonable restrictions, or are so vague that a court cannot determine what was actually protected.

NDAs Explained: When You Need One, What to Include, and Common Mistakes to Avoid

Non-disclosure agreements are among the most common legal documents in business — and among the most misunderstood. Some people treat NDAs as a formality, signing them without reading. Others refuse to sign any NDA, viewing them as unnecessarily restrictive. Both approaches miss the point.

An NDA is a contract that creates a legal obligation to keep specified information confidential. When drafted correctly and used in the right situations, NDAs are a powerful tool for protecting your business. When misused or poorly written, they are worthless paper.

This guide explains when you actually need an NDA, what to include so it holds up, and the mistakes that make NDAs unenforceable.

When you need an NDA

NDAs are appropriate whenever you are sharing information that meets two criteria: it has commercial value, and it is not publicly available. Common scenarios include:

Business partnerships and negotiations

Before sharing financial data, strategic plans, customer information, or proprietary processes with a potential partner, get an NDA signed. This is standard practice in merger discussions, joint venture negotiations, and investor conversations. Most sophisticated counterparties expect it and may question your judgment if you do not request one.

Hiring employees and contractors

Employees and independent contractors who will access trade secrets, proprietary systems, client data, or internal processes should sign an NDA as part of their onboarding. This is separate from any non-compete or non-solicitation clauses — an NDA specifically covers information confidentiality, not employment restrictions.

Sharing proprietary technology or IP

If you are demonstrating proprietary software, sharing technical documentation, revealing product roadmaps, or providing access to systems during a sales process or evaluation period, an NDA protects that information from being shared with competitors or used independently.

Client relationships involving sensitive data

Service providers who access client financial records, medical information, legal matters, or strategic data should have NDAs in place. This protects the client and demonstrates your professional standards.

When you do not need an NDA

Not every conversation requires an NDA, and over-using them signals inexperience. You probably do not need an NDA for:

General business discussions. Talking about your industry, market trends, or public strategy does not require confidentiality protection.
Information that is already public. If it is on your website, in a press release, or available through public records, an NDA does not apply.
Casual networking. Requiring NDAs at industry events or initial introductory meetings creates friction without meaningful protection.
Job interviews. Asking candidates to sign an NDA before an interview is unnecessary and may discourage qualified applicants. Reserve NDAs for after hiring, when actual confidential information will be shared.

The rule of thumb: if the information would give a competitor a meaningful advantage, protect it with an NDA. If it would not, skip the formality.

Types of NDAs

Unilateral (one-way)

One party shares confidential information; the other agrees to keep it secret. This is the most common type, used for:

Employer-employee relationships
Client-vendor engagements
Investor pitches (the company shares; the investor protects)

Mutual (bilateral)

Both parties share confidential information and both agree to protect what they receive. Used for:

Business partnerships and joint ventures
M&A negotiations
Technology integrations where both sides share proprietary systems

Multilateral

Three or more parties share information under one agreement. Less common, but useful for consortium deals, multi-party research projects, or complex partnerships. The alternative is signing multiple bilateral NDAs, which creates administrative overhead and potential inconsistencies.

What every NDA must include

A legally sound NDA needs six components:

1. Definition of confidential information

This is where most NDAs fail. Vague definitions like "all business information" or "anything shared during the relationship" are difficult to enforce because a court cannot determine what was actually covered.

Strong definitions are specific and include examples:

"Confidential Information includes, but is not limited to: customer lists and contact data, pricing structures, financial projections, proprietary algorithms and source code, marketing strategies not yet public, and product development roadmaps."

Also define what is not confidential: information that was already known to the receiving party, information that becomes public through no fault of the receiving party, and information independently developed without reference to the disclosed material.

2. Obligations of the receiving party

Specify what the receiving party must do (keep information secure, limit access to employees who need it) and what they must not do (share it externally, use it for personal benefit, reverse-engineer products based on it).

3. Duration

How long does the confidentiality obligation last? Specify a clear timeframe — typically 1 to 5 years from the date of disclosure, or from the termination of the business relationship. Perpetual NDAs are enforceable in some jurisdictions but face scrutiny in others.

4. Permitted disclosures

There are situations where disclosure is legally required — court orders, regulatory investigations, tax audits. A good NDA acknowledges these exceptions and typically requires the receiving party to notify the disclosing party before complying, so they can seek a protective order if appropriate.

5. Remedies for breach

What happens if the NDA is violated? Most NDAs include:

The right to seek injunctive relief (a court order to stop ongoing disclosure)
The right to recover monetary damages
An acknowledgment that breach causes irreparable harm — this language makes it significantly easier to obtain an injunction

6. Governing law and jurisdiction

Which state or country's laws apply? Where will disputes be resolved? This is especially important for cross-border agreements. Specify both governing law and venue (the physical location where legal proceedings will take place).

Mistakes that make NDAs unenforceable

Overly broad definitions

An NDA that tries to protect "all information shared between the parties" is nearly impossible to enforce. Courts require specificity. If a judge cannot determine what information was supposed to be confidential, the NDA fails.

Unreasonable duration

A ten-year NDA protecting marketing strategy from last quarter is unreasonable — the information will be outdated within months. Courts may void an NDA entirely if the duration is disproportionate to the information's lifespan.

No consideration

In contract law, both parties must receive something of value. For employment NDAs, the job itself is sufficient consideration. For standalone NDAs between businesses, the mutual exchange of confidential information (in a bilateral NDA) or access to a business opportunity (in a unilateral NDA) typically satisfies this requirement. An NDA signed after employment begins, with no new consideration offered, may be unenforceable in some jurisdictions.

Failing to mark information as confidential

If your NDA requires information to be marked "Confidential" to be protected, and you share unmarked documents, those documents may not be covered. Either mark everything appropriately or use an NDA that covers all information shared in the context of the relationship, regardless of marking.

Using a template from another jurisdiction

Contract enforceability varies by jurisdiction. An NDA template designed for California may include terms that are unenforceable in Texas, or may miss protections available in New York. Use jurisdiction-aware templates that account for local law.

Creating an NDA that works

The goal is not to create the longest or most complex NDA possible. The goal is to create one that clearly defines what is protected, establishes reasonable terms, and would hold up if tested.

Start with a professionally drafted template that covers all six components above. Customize the definition of confidential information for your specific situation. Set a duration that matches how long the information retains its value. Specify your jurisdiction.

Most importantly, use your NDA consistently. An NDA that sits in a drawer does not protect anything. Make it part of your standard process for every relationship that involves confidential information.

Create an NDA →