'Key Points to Consider When Creating a Non-Disclosure Agreement (NDA)'

In business transactions between companies, there are often cases where a confidentiality agreement is required in addition to the contract related to the transaction itself. This is also true in the IT field, where, for example, in system development, there are many opportunities to come into contact with the client’s trade secrets, so confidentiality agreements are often concluded. Since the content of a confidentiality agreement is relatively standard in contracts, once the points are organized, they can be applied to confidentiality agreements concluded with other companies. Therefore, we will explain the check points of the confidentiality agreement.

What is a Confidentiality Agreement?

A Confidentiality Agreement is a contract entered into with the aim of protecting information of high confidentiality, such as trade secrets and personal information, when it is provided or shared between contracting parties. It is also often referred to as a Non-Disclosure Agreement, or NDA, in English. Trade secrets are the lifeblood of corporate activities. If trade secrets are leaked to competing companies, it can become a serious matter affecting the survival of the company. Moreover, it is necessary to have a proper confidentiality agreement in place as a prerequisite for applying the Unfair Competition Prevention Act in the event that trade secrets are leaked. We provide a detailed explanation of the removal of trade secrets and the Unfair Competition Prevention Act in the article below.

https://monolith.law/corporate/trade-secrets-unfair-competition-prevention-act[ja]

With the enactment of the Act on the Protection of Personal Information, there is a growing social interest in personal information. Once a leak of personal information occurs, a company cannot escape social criticism. We provide a detailed explanation of the Act on the Protection of Personal Information in the article below.

https://monolith.law/corporate/act-on-the-protection-of-personal-information-privacy-issues[ja]

From the above, it can be said that confidentiality agreements aimed at protecting important secret information for companies are important in conducting business activities. Typical examples of situations where confidentiality agreements are concluded include the following:

• When the client needs to provide trade secrets or personal information to the contractor in contracts such as system development outsourcing contracts
• When it is necessary to share the trade secrets of the contracting parties in due diligence conducted at the stage of considering M&A including business transfers and business alliances

However, recently, due to the increasing social criticism of leaks of personal information, there has been an increase in the demand for the conclusion of confidentiality agreements even in situations other than the typical ones mentioned above. As for confidentiality, it can be stipulated not only as a separate confidentiality agreement related to the transaction itself, but also as a confidentiality clause in the general terms and conditions of the basic contract for the transaction.

Key Points to Check in a Non-Disclosure Agreement

Purpose of Disclosure

Article ○ (Purpose of Disclosure)
Party A and Party B shall mutually disclose or provide confidential information for the purpose of implementing and considering ●● (hereinafter referred to as “the Purpose”).

The purpose of disclosing confidential information is specifically stipulated. Since a confidentiality agreement is often concluded in the preliminary stage before a contract related to the transaction itself is concluded, the description of the disclosure purpose tends to be abstract. However, it is important to specify as much as possible, such as “development work of ○○ system”, “transfer of Party A’s ○○ business”, “○○ service provided by Party A to Party B”. In this clause, it is important to explicitly state the purpose of information disclosure to deter the use of confidential information for purposes other than the intended purpose. Details on the use for purposes other than the intended purpose will be described later. Since the provision of confidential information is often mutually conducted, it is safer to state that it will be “mutually” disclosed as in the clause example if there is even a slight possibility of providing information from your company. However, if the disclosure of information is clearly one-sided, it is sufficient to state “confidential information disclosed from Party A to Party B”.

Scope of Confidential Information

Article ○ (Confidential Information)
1. In this Agreement, “Confidential Information” refers to technical information, business information, and other information disclosed from one party to the other in this Agreement, regardless of the medium, such as documents, emails, electronic storage media, etc., and is clearly marked in writing or other tangible form as being confidential or that the information should be kept confidential. Also, for information disclosed orally, it refers to information that was announced to be confidential at the time of disclosure and the fact and summary of which were notified in writing within 30 days from the disclosure.
2. The following information is not included in the Confidential Information mentioned in the previous paragraph.
(1) Information already possessed by the recipient at the time of disclosure
(2) Information legitimately obtained from a third party without the obligation of confidentiality
(3) Information independently developed by the recipient without relying on the information provided by the discloser
(4) Information that became publicly known, before or after receipt, without violating this Agreement

The clause on the scope of confidential information is most important. The first paragraph of the clause example limits the information to be protected to “those explicitly disclosed as confidential”. As a wide range of information is mutually disclosed in transactions, it would be a significant burden for the recipient if all such information were required to be managed as confidential information. Therefore, it is common to require explicit indication of confidentiality. A relatively common issue is the disclosure of confidential information orally. This is because it is difficult to prove that the information was disclosed or explicitly stated as confidential when disclosed orally. While the disclosing party would like to include oral disclosures in the scope of protection, the receiving party tends to be reluctant to include oral disclosures because the scope becomes unclear.

Therefore, as a compromise between both parties, it is common to include orally disclosed confidential information in the scope of protection, as in the clause example, while requiring that the orally provided information be documented within a certain period after disclosure. When the disclosing party actually provides confidential information, it will be explicitly stated as confidential by printing or stamping “Confidential” on the document.
The third paragraph of the clause example is a provision regarding information excluded from the scope of confidential information, and similar content is stipulated in many confidentiality agreements. Item (1) lacks confidentiality in the first place, and items (2), (3), and (4) can be said to be information for which it is not reasonable to impose the burden of confidentiality on the recipient.

Scope of Confidentiality Obligation

Article ○ (Confidentiality)
1. The Recipient must store all documents and media (including their copies) related to the Confidential Information disclosed by the Discloser with the care of a good manager.
2. The Recipient must not duplicate any documents or other media related to the Confidential Information without prior written consent from the Discloser.
3. The Recipient may disclose the Confidential Information to its officers and employees within the scope necessary for the purpose of this matter.
4. When the Recipient discloses to its officers and employees as mentioned in the previous clause, the Recipient shall ensure that such officers and employees comply with the confidentiality obligations stipulated in this Agreement.

This clause stipulates the obligation to keep the received information confidential, and along with the aforementioned provisions on the scope of Confidential Information, forms the core of the Non-Disclosure Agreement. The second clause of the example prohibits the duplication of media on which Confidential Information is recorded as a general rule. This is a necessary provision when the confidentiality of the information to be provided is particularly high from the perspective of the information provider. If the media on which the Confidential Information is recorded can be freely duplicated, the risk of the Confidential Information being leaked to the outside increases. However, for the information recipient, it is cumbersome to obtain the provider’s consent each time if, for example, there are frequent occasions to copy documents on which information is recorded for sharing information within the company. In such cases, it may be worth considering either deleting the second clause itself, or even if not, specifying in the Non-Disclosure Agreement the situations where it is anticipated that copies will be made, and stipulating that the making of copies is comprehensively permitted. The third and fourth clauses are provisions that anticipate the use of Confidential Information by employees, etc. of the company that received the Confidential Information. It is naturally assumed that the Confidential Information disclosed to the company will be used by the responsible officers and employees, so it can be said to be an essential clause. However, not all employees usually need to use the Confidential Information, so it is also important for the information discloser to add a limitation like “within the scope necessary for the purpose of this matter” as in the example clause.

Prohibition of Disclosure to Third Parties

Article X (Prohibition of Disclosure to Third Parties)
1. The recipient of the confidential information shall not disclose the said confidential information to a third party without prior written consent from the discloser. However, this does not apply if there is a requirement for disclosure based on laws and regulations or from an authorized government office. In this case, the recipient shall immediately notify the discloser of this fact and disclose to the government office, etc., indicating that the said confidential information should be kept confidential.
2. If the recipient discloses confidential information to a third party based on the consent in the preceding paragraph, the recipient shall enter into a confidentiality agreement with the said third party under the same conditions as this contract. If the said third party violates the confidentiality agreement, it shall be deemed that the recipient has violated this contract.

The recipient may need to provide confidential information to external experts (such as lawyers, certified public accountants, tax accountants, etc.) for consultation related to the project. In such cases, the first paragraph of the clause stipulates that prior written consent should be obtained from the discloser. In cases like M&A considerations where it is naturally necessary to provide confidential information to external experts, it may be stipulated from the beginning in the confidentiality agreement that disclosure to lawyers, certified public accountants, tax accountants, etc., is permissible. Especially when your company is the recipient of the information, it is necessary to consider the extent to which there is a possibility of providing it to external third parties and judge the appropriateness of the clause and the need for modification.

Also, the proviso in the first paragraph allows for the disclosure of confidential information that has received a disclosure request from a government office. A particularly anticipated scenario is a case where the recipient receives a document submission order from the court regarding a document containing confidential information. Since you will be subject to a fine if you do not comply with the document submission order, it is necessary to lift the prohibition on providing to third parties. However, not all confidential information is subject to a document submission order from the court, such as matters related to technical or professional secrets. Therefore, if you provide information indiscriminately even when there is no obligation to comply with the document submission order, there is a possibility that it could be evaluated as a violation of the confidentiality agreement. Be careful. Regarding the second paragraph, it is common to require the same level of confidentiality obligation to the third party when disclosing confidential information to the third party.

Prohibition of Use for Non-Intended Purposes

Article X (Prohibition of Use for Non-Intended Purposes)
The Recipient shall use the Confidential Information solely for the purpose of this matter, and shall not use it for any purpose other than the purpose of this matter.

If the Recipient is allowed to use the Confidential Information regardless of the purpose, the risk of leakage of the Confidential Information increases. Therefore, it is only natural that the use for non-intended purposes is prohibited. In order for the clause prohibiting the use for non-intended purposes to have meaning, it is a prerequisite that the purpose of disclosure of the Confidential Information is clearly defined, as stipulated in the aforementioned clause regarding the purpose of disclosure. The provision regarding the purpose of disclosure is an area that can be easily overlooked, so it is necessary to carefully check it.

Non-Transfer of Rights and Denial of Warranty

Article ○ (Non-Transfer of Rights and Denial of Warranty)
1. Both Party A and Party B mutually confirm that the disclosure of confidential information based on this contract does not guarantee the accuracy, completeness, or any other aspects of the said confidential information.
2. Both Party A and Party B mutually confirm that the disclosure of confidential information based on this contract does not transfer any rights of the disclosing party to the recipient, nor does it establish any rights of execution. These rights are reserved by the disclosing party.

The first clause stipulates that the disclosure of confidential information does not guarantee the accuracy of the information. The purpose of a confidentiality agreement is solely to regulate the method of disclosure and management of confidential information. It is common for the accuracy of the information to be stipulated in the contract related to the transaction itself if there is a need to guarantee it. Also, intellectual property may be included in the confidential information. It is obvious that just because it is disclosed as confidential information, it does not necessarily grant a license for intellectual property. If a license for intellectual property is to be granted, a separate license agreement should be concluded. The second clause stipulates this point with caution.

Return of Confidential Information

Article ○ (Return of Confidential Information, etc.)
The Recipient, upon instruction from the Discloser, or when the Confidential Information becomes unnecessary, or when this Agreement terminates, must immediately return all documents and media (including their copies) related to the Confidential Information to the Discloser in accordance with the Discloser’s instructions, or dispose of them or take other necessary measures.

When the Confidential Information is no longer needed, it is necessary to return or dispose of the Confidential Information. For Confidential Information provided in paper media such as documents and booklets, it is sufficient to shred or dissolve the paper media and provide the Discloser with a document or similar proving that it has been processed. If the Confidential Information is provided in digital data, it is common to return the storage media such as CD-ROMs to the Discloser or to dispose of them under the Recipient’s responsibility and provide a certificate of disposal.

Confidentiality Period

Article ○ (Confidentiality Period)
Both Party A and Party B shall continue to bear the obligations stipulated in this contract for ● years after the purpose of this matter has ended.

It is relatively common to maintain the obligation of confidentiality for a certain period of time, even after the purpose of disclosure has been completed. While it is theoretically possible to not set a time limit, the need for strict management of confidential information generally diminishes as the information itself becomes outdated over a certain period of time. Therefore, it is desirable, especially for the recipient of the information, to set a certain period. However, if the information is extremely important to the provider, it may be worth considering making it indefinite or setting a considerably long period. Ultimately, it is important to note that the appropriate provisions can vary depending on whether your company is the provider or recipient of information, and the value of the information being provided.

Damage Compensation

Article ○ (Damage Compensation)
If Party A or Party B breaches this contract, they shall pay ● ten thousand yen as a penalty to the other party.

While confidentiality agreements are important for businesses in terms of protecting trade secrets and personal information, it is often said that it is difficult to receive damage compensation from the party who leaked the information due to the difficulty in tracing the leak and proving the amount of damage caused by the leak.
Therefore, although it is not very common, it is possible to set a penalty clause as in the example above, especially when disclosing particularly important confidential information. If there is a penalty clause, it is not necessary to prove the damage as long as the breach of duty by the other party is proven. However, there is a risk that the penalty amount may be invalidated if it significantly deviates from the amount that could actually be incurred due to a breach of the confidentiality obligation, so it is necessary to set a reasonably appropriate amount.

Summary

Non-disclosure agreements are commonly encountered in business transactions. As they are often standardized contracts, signing them without thoroughly checking the contents can sometimes lead to unexpected obligations. Conversely, there is also a risk of your company’s important information being leaked externally. Particularly when providing crucial business secrets that could be considered the lifeblood of a company, or highly confidential information such as insider or credit information, it is crucial to carefully consider the contents of the non-disclosure agreement, consulting with experts such as lawyers if necessary.

Guidance on Contract Creation and Review by Our Firm

At Monolith Law Office, as a law firm with strengths in IT, Internet, and business, we offer services such as the creation and review of various contracts, not only confidentiality agreements, to our advisory and client companies. If you are interested, please see the details below.