Tag: NDA

One Technology Agreement + One Separate Non-Disclosure Agreement = One Mess

The current COVID-19/coronavirus crisis has forced many companies to buy or sell new technology under a previously unseen sense of urgency. While this speed is critical – and absolutely understandable – take care to ensure that today’s deal structure does not undo tomorrow’s benefit. This is especially true as to non-disclosure and confidentiality issues.

If your corporate contracting practice involves establishing a non-disclosure agreement (or confidentiality agreement or NDA) with a potential technology customer or supplier, and then later contracting under a different agreement for the actual business you wish to transact with the other party, now is the time to examine whether that practice is achieving its objectives. As recently learned by one technology supplier, in these cases the terms of the NDA may be rendered ineffective by the subsequent technology contract. iSentium v. Bloomberg Finance (S.D.N.Y. 2020).

iSentium, a technology vendor, entered into a pre-transaction NDA with Bloomberg, pursuant to which Bloomberg considered whether it was interested in iSentium’s artificial intelligence technology. The parties later entered into a technology contract covering Bloomberg’s purchase and use of iSentium’s technology. Both the NDA and the commercial contract included confidentiality terms. iSentium later sued Bloomberg for misappropriation of iSentium’s confidential information. The district court dismissed iSentium’s action based on a one-year limitations period stated in the commercial contract, despite that the NDA included no such limitation. In reaching its decision, the court highlighted the merger provision and precedence language in the commercial contract.

Read the Technology Agreement and Non-Disclosure Agreement

It is not uncommon for a company to have a pre-transaction non-disclosure agreement and a separate commercial agreement with a business partner. However, in many cases, the two agreements are not carefully read together and end up including inconsistencies that are not clearly addressed in the later commercial agreement. Sometimes the commercial agreement is wholly silent as to the existence of the NDA. Other times, the commercial agreement incorporates by reference the inconsistent NDA. In still other cases, like in iSentium, the commercial agreement expressly merges the inconsistent separate NDA.

Inconsistencies between the NDA and commercial agreement can reach matters such as, for example, specific confidentiality requirements, governing law, indemnification, limitations of liability, representations and warranties, disclaimers, and dispute resolution. Often, the inconsistencies may arise after having had to negotiate a suboptimal NDA, as discussed in an earlier blog post.

The inconsistencies frequently create ambiguities or vagueness that can impair or deny a party’s ability to enforce the deal or the rights it thought it had. They also can require significant expense and executive and management time to address, and they can unnecessarily occupy the energy and efforts of internal Legal resources to resolve.

Make Sure the Technology Agreement and Non-Disclosure Agreement are Consistent

There are several ways to address the problems created by inconsistencies between a separate technology agreement and non-disclosure agreement. A few include:

  • Don’t be silent. Include in the technology agreement language explicitly stating that all inconsistencies, ambiguities, and conflicts between it and the NDA will be resolved in favor of the technology agreement – whether or not the NDA is integrated into or merged with the technology agreement. Identify silence on a matter in the NDA as a conflict.
  • Set a clear path. Specifically provide in the technology agreement which confidential information is controlled by the terms and conditions of the technology agreement and call out which confidential information is governed by the NDA.
  • Terminate the NDA. Ensure that the technology agreement addresses, in all respects, the relevant confidentiality and other terms, and then include language in the technology agreement that terminates the NDA’s prospective effect.
  • Apply all terms. State in the technology agreement that its applicable terms (including, for example, limitations of liability, governing law, and dispute resolution) apply to the NDA and the exchange of confidential information under the NDA, despite anything different in the NDA.

This is not an exhaustive list of options. Which (and whether any) alternative works for you may depend on any number of factors or considerations.

Most importantly, to avoid a situation where (1) you have an NDA and a separate, later technology agreement covering the same subject matter, but (2) you might not be able to enforce the agreement you want to enforce due to conflicting or inconsistent terms, carefully read the two agreements and clearly and unequivocally state the resolution of the conflict or inconsistency in the later technology agreement.

How to Negotiate Your IT/Tech NDA Faster (or, Living with a Suboptimal NDA)

Recently I found myself watching a past episode of HBO’s award-winning tech comedy series, Silicon Valley. If you’ve never watched it, it’s about a Silicon Valley tech start-up and its struggles, successes, and missteps. Although at times the show can be a bit gratuitous, part of its interest derives from the proximity – at least on some conceptual level – of many of its plot lines to reality.

Because I routinely help clients with non-disclosure agreements (NDAs) and related issues, I cringed watching the “Runaway Devaluation” episode from the second season. In this episode, the start-up (a data compression company called Pied Piper) is invited to an initial meeting with a potential funding source (Branscomb Ventures), which has already invested in a competing compression company, Endframe. Shortly after the meeting begins, the Pied Piper team begins sharing critical details of how its data compression technology is built and works. Later, realizing that Branscomb’s intention for the meeting was only to gather these details for the improvement of Endframe’s products, Pied Piper storms out of the meeting.

While it appears there was no NDA between Pied Piper and Branscomb Ventures covering the meeting’s discussions, in reality it is routine for parties to potential IT and technology transactions to put an NDA in place. Vendors, customers, and others in the IT/technology industry generally understand the need to protect their trade secrets and other valuable information when sharing them to evaluate potential relationships with vendors who provide software, hosting, outsourcing, professional technology services, and data breach investigation and remediation services. Among typical participating parties, the need to put in place an NDA is rarely disputed, and many NDA terms and conditions are quite common.

That said, NDA negotiations can nonetheless become time-consuming or contentious. Whether based on a party’s bad experience in a previous situation, defensive or offensive tendencies, or need to avoid deviations from company policies, otherwise common NDA terms can lead to uncommonly protracted negotiations. For a vendor looking to sell to a new customer, lengthy or difficult NDA negotiations can cause the potential customer to view the vendor as being difficult to deal with, or, worse, to drop the vendor from consideration entirely. For a customer wanting to urgently find a vendor to provide services to address a data breach, time to negotiate an NDA is not a luxury.

Even with NDAs, though, there are ways to speed up the negotiations – which, additionally or alternatively, can also provide mitigations to living with a less-than-desirable NDA. The following steps are a few that may allow an NDA party to get comfortable with otherwise problematic NDA terms in a specific case. (Importantly, these measures should not be implemented if contrary to a contractual obligation or law, nor should they replace sound judgment and risk management.)

For a disclosing party that:

(1) After discussions start, is concerned that the receiving party may not handle or treat its confidential information in way that is satisfactory (or that the NDA’s confidentiality terms are not optimal), the disclosing party can do as Pied Piper did and cease providing any more information. (Though, this may stifle productive business discussions, and the party should attempt to put a retroactive NDA in place.)

(2) Believes that the confidentiality terms are not ideal or has concerns about the receiving party’s handling or treatment of its confidential information, the disclosing party can proactively intentionally limit disclosure to only its least sensitive information. (This step, too, may hamper meaningful discussions between the parties.)

(3) Is concerned that the duration of the NDA may cover discussions too far in the future to be appropriately covered under the NDA, the disclosing party can terminate the NDA after the then-presently contemplated discussions.

(4) Has concerns about the information protections provided by the NDA or the receiving party, the disclosing party can conspicuously mark all information disclosed as “CONFIDENTIAL” – that is, even if the NDA doesn’t require it. And, after disclosing confidential information orally, the disclosing party can follow each such disclosure with a written notice expressly identifying the orally disclosed information as “CONFIDENTIAL.”)

For a receiving party that:

(1) Has concerns about its ability to fully adhere to the NDA’s limitations on use and disclosure of the disclosing party’s information, the receiving party can actively limit the number of its personnel who see or have access to the information.

(2) Is concerned about its risk of non-compliance with the NDA’s confidentiality terms, the receiving party can consciously limit the number of copies it makes of the disclosing party’s information (including copies in the form of email attachments). (This assumes copying is permitted.)

(3) Has concerns that it may struggle to meet the NDA’s limitations on disclosure and use of the disclosing party’s information, the receiving party can immediately destroy (or return) the information once it is no longer needed.

As for Pied Piper, it turns out that Endframe did indeed improve its products using Pied Piper’s technology. However, whether due to the lack of an NDA – or, more likely, the constraints of a ten-episode television season for Silicon Valley – Pied Piper was forced to take other, non-legal actions to advance its interests.