Anyone here gone through how broad is ‘confidential information’??

I left my job about three weeks ago and I'm starting at a new company in the same industry next month. Before I left, HR reminded me about the NDA I signed when I was hired. I dug it up and the language is insanely broad.

The NDA defines "Confidential Information" as "all information, whether written or oral, disclosed to Employee during the course of employment, including but not limited to business strategies, client lists, pricing structures, internal processes, and any other proprietary data."

That basically covers everything I learned in four years there. I can't unsee how they structured their deployment pipeline or what tools they used. Am I really barred from using general skills and knowledge I picked up? The new role is similar but at a non-competing company.

I'm in Texas if that matters. Should I be worried about this?

I mean good news: courts in Texas (and most states) routinely refuse to enforce NDAs with definitions this broad. The key legal distinction is between trade secrets and general knowledge, skills, and experience.

Under the Texas Uniform Trade Secrets Act (Tex. Civ. Prac. & Rem. Code § 134A), a trade secret must derive independent economic value from not being generally known and the holder must take reasonable efforts to maintain its secrecy. A catch-all clause that sweeps in everything you ever learned doesn't meet that standard.

Courts apply a reasonableness analysis. Legitimate protections include:

• Specific client lists that aren't publicly available
• Proprietary algorithms or formulas
• Non-public financial data and pricing models
• Unreleased product roadmaps

What courts won't protect is your general industry know-how, publicly available information, or skills you developed. The fact that you know how to structure a deployment pipeline using common tools is general professional knowledge.

That said, I'd recommend reviewing the NDA alongside any non-compete provisions, as those are separate issues. You may also want to check our overview at /NDA/ for more background on how these clauses are analyzed.

That's really helpful, thank you. There is a non-compete clause too but it's only 6 months and I'm going to a company in a different vertical, so I think I'm okay there.

One follow-up: my former employer had a custom internal tool that I helped build. I'm not planning to recreate it, but the concepts behind it are pretty standard. Could they argue I'm using confidential info if I build something similar using the same general approach?

If the concepts are standard industry approaches, no. The legal test focuses on whether you're using specific proprietary implementation details versus generally known methods. If the tool was built on common design patterns and open-source frameworks, the underlying approach isn't protectable.

Where you'd run into trouble is if you copied actual source code, replicated a proprietary algorithm line-by-line, or used specific configuration data from the old tool. The idea of building a CI/CD dashboard, for instance, is not confidential. The specific way Company X connected their proprietary API to their billing system might be.

A practical safeguard: document that your new work is built independently. Use different architecture decisions where possible, and don't reference any old files, repos, or documentation from your former employer.

I went through something almost identical two years ago. My old employer sent a threatening letter about the NDA when they found out where I was going. My attorney sent back a response pointing out how overbroad the definition was and asking them to identify specific trade secrets they believed were at risk.

They never responded. Anecdotally, companies use these broad NDAs as a scare tactic more than anything. They know the language probably wouldn't hold up, but they count on employees not knowing that.

That's encouraging to hear, Jorge. I don't think my old company would actually come after me, but I wanted to understand my exposure. I'm going to make sure I don't have any of their files on my personal devices and I'll build everything fresh at the new place.

Thanks everyone for the input. This has really calmed my nerves.

One thing I'd add: make sure you didn't accidentally sync any work files to a personal cloud account (Google Drive, Dropbox, etc.). I've seen cases where an employee had no intention of taking anything, but auto-sync grabbed work docs and the old employer used that as evidence of misappropriation.

Do a thorough sweep of your personal devices and cloud storage. Delete anything that belongs to the old company and document that you did so. A quick email to yourself noting the date and what you deleted can be useful evidence of good faith down the road.