💬 Frequently Asked Questions

Most NDAs include four standard exclusions. Information is not confidential if it:

  1. Public Domain: Was publicly available before disclosure, or becomes public after disclosure through no fault of the receiving party
  2. Prior Possession: Was already in the receiving party's possession before disclosure (with documentation to prove it)
  3. Independent Development: Was independently developed by the receiving party without use of or reference to the confidential information
  4. Third-Party Source: Was rightfully received from a third party who was not bound by confidentiality obligations

These exclusions are essential for NDA enforceability. Courts may view NDAs without reasonable exclusions as overbroad and refuse to enforce them.

Related Clauses
Definition of Confidential Information

The burden of proof typically falls on the receiving party claiming the exclusion. To prove public availability:

  • Published materials: Keep copies of articles, press releases, or publications with dates
  • Patents and patent applications: These are public records with filing dates
  • Websites: Use the Internet Archive (Wayback Machine) to show what was online at a specific date
  • Industry knowledge: Trade publications, conference presentations, or textbooks
  • Public filings: SEC filings, court records, or government databases
Practical Tip
Before signing an NDA, research whether the information you expect to receive might already be publicly available. Screenshot relevant web pages with timestamps and save copies of published materials.

Important: Partial public disclosure may not be enough. If 80% of a trade secret is public but 20% is not, the combination might still be confidential.

You can narrow it but should not eliminate it entirely. An NDA that tries to protect truly public information will likely be unenforceable.

Ways to narrow the exclusion:

  • Require widespread publication: "generally available to the public" rather than "available to the public"
  • Exclude compilations: Even if individual data points are public, a unique compilation might remain protected
  • Specify proof requirements: Receiving party must prove availability through documentary evidence
  • Time-stamp the exclusion: Information must have been public at a specific date
Compilation Example
Individual ingredient prices might be publicly available, but your specific supplier list with negotiated prices could still be confidential because the combination provides competitive value.

Independent development means you created something on your own without using the other party's confidential information. This is one of the most valuable but hardest-to-prove exclusions.

Best practices for documentation:

  • Lab notebooks: Keep dated, signed records of development work
  • Version control: Use Git or similar tools that timestamp all changes
  • Email trails: Preserve internal communications showing your development process
  • Clean room procedures: Use separate teams who have no access to confidential information
  • Third-party witnesses: Have outside consultants observe development (expensive but effective)

Critical nuance: Watch for language requiring development "without use of" versus "without reference to" confidential information. "Without reference to" is harder to prove if you have seen the information at all.

Clean Room Development
A software company created a "clean room" team to develop a competing product. Team members had never seen the competitor's confidential code. Their development was documented from scratch, providing strong evidence of independent development.

Prior possession claims are difficult to disprove, but you can protect yourself with careful drafting and documentation:

Drafting protections:

  • Documentary evidence requirement: Require that prior possession be proven with contemporaneous records
  • Competent evidence standard: Specify that evidence must be admissible in court
  • Pre-NDA disclosure: Request a list of what the receiving party already knows before sharing your information

Procedural protections:

  • Have receiving party acknowledge in writing that specific information is new to them
  • Phase disclosures to establish what they knew at each stage
  • Mark information with dates and version numbers

Sample language: "The Receiving Party must establish prior possession by documentary evidence that predates the disclosure and was created in the ordinary course of business, not in anticipation of this Agreement."

The "third-party source" exclusion covers this, but the details matter significantly:

For the receiving party to use this exclusion:

  • The third party must have had the right to disclose the information
  • The third party must not have been bound by confidentiality to the disclosing party
  • You must have received the information legitimately (not through improper means)

Common pitfalls:

  • Tainted sources: If the third party improperly obtained the information, you cannot use this exclusion
  • Chain of custody: You may need to trace back how the third party obtained the information
  • Timing: If you received from the third party after the NDA disclosure, some NDAs will not allow the exclusion
Real-World Scenario
You learn about a company's new product from two sources: under NDA from the company, and from a former employee who signed a non-disclosure. The former employee's disclosure was improper, so you cannot rely on it to claim the information is not confidential.

Yes, information can lose its confidential status through several mechanisms:

  • Public disclosure: If the disclosing party or an authorized third party makes the information public
  • Industry adoption: Techniques that become standard industry practice
  • Patent publication: Patents make the underlying technology public
  • Term expiration: NDAs with fixed confidentiality periods eventually expire
  • Regulatory disclosure: Information required to be filed with government agencies may become public

Important limitations:

  • YOUR disclosure cannot trigger the exclusion - only independent public disclosure
  • Trade secrets may remain protected indefinitely if they never become public
  • Mixed information (some public, some not) remains partially protected
Related Clauses
Term and Duration Survival Period

As a disclosing party, you generally want narrow exclusions with high proof requirements. This makes it harder for the receiving party to escape their confidentiality obligations.

Ways to narrow exclusions:

  • High proof standards: "clear and convincing evidence" or "competent written evidence"
  • Specific timing: Prior possession must be documented before a specific date
  • Broad publication required: "generally known to the public" not just "available"
  • No mixing: If any part of a disclosure is confidential, the whole disclosure is treated as confidential

However, avoid going too far:

  • Overly narrow exclusions may make the NDA unenforceable
  • Courts expect reasonable exclusions and may refuse to enforce unreasonable ones
  • Sophisticated receiving parties will push back on unfair terms

This is a common source of disputes. Handle it carefully:

Before using the information:

  1. Document your evidence that the information is public
  2. Notify the disclosing party of your position in writing
  3. Give them an opportunity to explain why they believe it remains confidential
  4. Consider whether the dispute is worth the risk

Legal considerations:

  • If you are wrong, you have breached the NDA
  • Written notice creates a record that protects against claims of willful breach
  • In litigation, the burden of proof depends on NDA language and jurisdiction
Sample Notification
"We have received information regarding [topic]. Based on [publication/source], we believe this information is publicly available and not subject to confidentiality obligations under our NDA dated [date]. Please advise if you disagree within 10 business days."

Exclusions typically apply automatically once their conditions are met, but proving entitlement to an exclusion is another matter.

How exclusions work in practice:

  • Information that was never confidential needs no protection from day one
  • Information that becomes public is automatically released from protection
  • However, the disclosing party may dispute your exclusion claim
  • If litigation occurs, you must prove the exclusion applies

Best practice: Even if you believe an exclusion applies, document your position and notify the disclosing party. Acting on an exclusion without notice could be treated as bad faith if you are later proven wrong.

Reverse engineering is a complicated exception that depends heavily on NDA language and applicable law:

Check your NDA for:

  • Explicit prohibition on reverse engineering
  • Whether the exclusion for independent development permits reverse engineering
  • Whether you agreed not to "derive" information from products

Legal background:

  • Reverse engineering is generally legal for products obtained legitimately
  • However, contracts can waive the right to reverse engineer
  • Software reverse engineering has additional legal complexities (DMCA)

Important: If you received confidential information under an NDA and then try to reverse engineer the same product to claim independent development, this may not work. The question is whether your development was truly independent of the confidential knowledge you already possessed.

Related Clauses
Residuals Clause

Combinations and derivatives are a gray area. Address them explicitly in your NDA:

Protective language for disclosing parties:

  • "Information shall not lose its confidential status merely by being combined with non-confidential information"
  • "Derivatives, compilations, and analyses containing Confidential Information remain confidential"
  • "The confidential portion of any combined work remains subject to this Agreement"

Without explicit language:

  • Courts generally protect the confidential portion of combined works
  • But if the confidential and public portions cannot be separated, disputes arise
  • Machine learning models trained on confidential data are particularly problematic
AI/ML Consideration
If a receiving party uses your confidential data to train an AI model, the model itself may contain embedded knowledge of your confidential information. Address this explicitly if AI use is contemplated.

Exclusions every receiving party should require:

  • Public domain (essential - without this, the NDA may be unenforceable)
  • Prior possession (protects your existing knowledge and work product)
  • Independent development (protects your R&D activities)
  • Third-party source (protects against information received from multiple sources)

Exclusions disclosing parties should consider resisting:

  • Residuals clause (allows use of information retained in memory)
  • Overly broad "general skills and knowledge" carve-outs
  • Reverse engineering rights

Exclusions that help both parties:

  • Required legal disclosures (court orders, subpoenas) - see Permitted Disclosures
  • Regulatory filings that become public
Related Clauses
Permitted Disclosures Residuals Clause

This depends on the nature of the breach and your NDA's terms:

If you failed to document prior possession:

  • The exclusion may not apply, even if you truly had prior knowledge
  • This is why documentation before receiving confidential information is crucial
  • Courts are skeptical of undocumented prior knowledge claims

If you believed information was public but it was not:

  • Good faith belief may reduce damages but does not eliminate liability
  • Written notification to the disclosing party before acting helps your position
  • Willful versus innocent breach affects remedies available

Mitigation:

  • Stop using the information immediately upon learning of the error
  • Notify the disclosing party and cooperate with remediation
  • Document all steps taken to contain the issue

Trade secret law provides independent protection beyond your NDA, and the standards are similar but not identical:

Key similarities:

  • Both require information to derive value from secrecy
  • Both include exclusions for public domain and independent development
  • Both require reasonable protective efforts

Key differences:

  • Trade secret law applies even without an NDA (but NDA makes claims easier)
  • NDA can protect information that does not qualify as a trade secret
  • Trade secret protection can be perpetual; NDA terms are contractual
  • Trade secret misappropriation may allow additional remedies (exemplary damages)

Practical implication: If information loses NDA protection through an exclusion, it might still be protected as a trade secret under state or federal law (Defend Trade Secrets Act). The exclusion clauses help both parties understand their rights but do not fully define them.