What Is an NDA and What Does It Do?
An NDA (Non-Disclosure Agreement), also called a Confidentiality Agreement, is a legal contract between two parties where one or both agree to keep certain information confidential. The information is usually proprietary: business plans, trade secrets, source code, customer lists, financial data, product roadmaps, or investor pitch decks. If one party breaches the NDA by disclosing that information without permission, the other party can sue for damages.
The key principle: sign your NDA before sharing sensitive information. An NDA signed after the fact, once information is already shared, is nearly worthless β courts view it as lacking consideration.
When You Must Use an NDA (Common US Scenarios)
Hiring a Contractor or Freelancer: If they'll see your code, design files, customer data, or business strategy, they must sign an NDA. This applies to developers, designers, marketers, accountants, anyone with access to sensitive information.
Discussing a Partnership, Acquisition, or Joint Venture: Before sharing financials, customer lists, or strategic plans with a potential partner, require an NDA. M&A (mergers and acquisitions) due diligence always begins with mutual NDAs.
Sharing a Product Idea with an Investor or Advisor: If you're pitching your startup or seeking advisory feedback, protect your idea with an NDA before the conversation.
Working with a Vendor or Consultant: Anyone handling sensitive business operations β payroll processors, data analysts, IT vendors, marketing agencies β should sign an NDA if they'll access proprietary data.
Licensing or White-Label Agreements: If you're licensing technology or allowing another company to resell your product, an NDA is part of the deal to protect your source code and trade secrets.
Mutual vs One-Way NDA β Which Do You Need?
Mutual (Bilateral) NDA: Both parties share sensitive information and both are bound by confidentiality. Use this when negotiating partnerships, M&A, or joint ventures where both sides exchange confidential data. Both parties have equal obligations to keep information secret.
One-Way (Unilateral) NDA: Only one party shares confidential information; the other party is the recipient who must keep it secret. Use this when hiring contractors, freelancers, or vendors. You're the owner protecting your secrets; they're agreeing not to disclose.
Choose based on who is sharing: if only you are sharing secrets, use one-way. If both sides exchange sensitive info, use mutual.
What Makes a US NDA Enforceable?
Written Agreement: The NDA must be in writing and signed by both parties. Oral NDAs are rarely enforceable.
Clear Definition of Confidential Information: Specify what counts as confidential: source code, customer lists, business plans, financial data, anything marked "confidential." Vague definitions are harder to enforce.
Duration: State how long the confidentiality obligation lasts. Trade secrets can be indefinite; business information is typically 1β5 years after termination.
Permitted Disclosures: Clarify who can access the confidential information (e.g., "only your employees who need to know") and what exceptions exist (e.g., "information already in the public domain" or "required by court order").
Governing Law: Specify which state's laws apply. Delaware and California are common; pick where you're incorporated.
Consideration: There must be something of value exchanged. In an employment/contractor context, the ongoing relationship is consideration. In a pre-deal NDA, mutual exchange of information is consideration.
California NDA Rules β Special Considerations
California law is notoriously strict on confidentiality agreements. Under California's Garden Leave statute (Cal. Bus. & Prof. Code Β§ 16600), non-compete and non-solicitation clauses are generally unenforceable β even in NDAs. However, confidentiality clauses themselves are enforceable in California for trade secrets and proprietary information.
Key California rule: NDAs for employees are often unenforceable unless they protect legitimate trade secrets or confidential business information. Contractors have stronger confidentiality obligations than employees in California. If either party is California-based, have your NDA reviewed for California-specific enforceability.
What an NDA Cannot Protect
NDAs don't protect everything. Information that's already public, already known by the recipient, or independently developed isn't confidential. NDAs also can't prevent disclosure required by law β if a court orders someone to reveal information, the NDA doesn't prevent it (though the discloser can often notify you first).
Moral and ethical obligations aren't enforceable through an NDA β the NDA only protects against financial damages for breach. And NDAs don't prevent the recipient from developing competing products; they only prevent using your specific confidential information.