NDAs
10 min read
NDA Mistakes That Backfire: What Both Parties Get Wrong
Most NDAs are either too broad to enforce or too narrow to protect. Here's what both sides consistently get wrong — and how to fix it.
Contract Checked Legal Team
# NDA Mistakes That Backfire: What Both Parties Get Wrong
Non-disclosure agreements are among the most commonly signed — and most poorly drafted — contracts in business. People treat them as formalities. They're not. A badly written NDA can expose you to liability for sharing information you thought was public, prevent you from working in your field, or give the other party a weapon they can use against you for years.
Here's what both sides routinely get wrong.
## Overly Broad Definitions of "Confidential Information"
The most consequential clause in any NDA is the definition of confidential information. Vague or overbroad definitions are the root cause of most NDA disputes.
> ⚠️ **Red Flag:** *"Confidential Information means all information, in any form, disclosed by one party to the other, whether or not marked as confidential, including but not limited to business plans, financial data, technical information, customer lists, and any other information that may be of value to the disclosing party."*
"Any other information that may be of value" essentially covers everything. Under this definition, you could be in breach for mentioning in conversation that you met with the company — because that meeting itself could be considered confidential information "of value."
**What good language looks like:** Confidential information should be defined with specificity, should require marking (or at minimum, oral notice followed by written confirmation within a reasonable time), and should clearly exclude information that: (a) was already known to the recipient; (b) became public through no fault of the recipient; (c) was independently developed by the recipient; or (d) was disclosed to the recipient by a third party without restriction.
## Indefinite Duration NDAs
"This Agreement shall remain in effect in perpetuity" is language that appears in real NDAs — and should be a non-starter. Information doesn't stay confidential forever. Reasonable NDA durations depend on the nature of the information.
For most commercial relationships, two to five years is standard. For genuinely sensitive trade secrets, five years may be appropriate. "Perpetual" NDAs create ongoing legal risk and are increasingly viewed by courts with suspicion — especially when applied to information that has since become publicly available.
> ⚠️ **Red Flag:** *"The obligations of confidentiality under this Agreement shall continue indefinitely and shall survive any termination or expiration of this Agreement."*
Push to define a specific term. If the disclosing party insists on perpetual protection for specific categories (e.g., source code, formulas), agree to those categories explicitly while limiting the duration for general business information.
## No Carve-Outs for Public Domain Information
Related to the above: a well-drafted NDA always includes explicit carve-outs for information that is, or becomes, publicly available. Without these carve-outs, you can technically be in breach of an NDA for repeating something that appeared in a newspaper.
The standard carve-outs are:
- Information that is publicly known at the time of disclosure
- Information that becomes publicly known after disclosure through no fault of the receiving party
- Information independently developed by the receiving party without reference to the confidential information
- Information received from a third party not subject to confidentiality obligations
- Information required to be disclosed by law or court order (with notice to the disclosing party)
If any of these are missing from the NDA you're signing, insist on adding them.
## Missing Residuals Clauses (For Technical NDAs)
A residuals clause allows the receiving party to use information retained in the *unaided memory* of people who had access to the confidential information — without copying or referencing the confidential documents.
This matters enormously in technology and consulting contexts. If your team evaluates a client's technology and then you later build something in the same space, you need protection against claims that you "used" their confidential information simply because your engineers were exposed to it.
> ⚠️ **Red Flag (by omission):** An NDA for a technical evaluation with no residuals clause, combined with a broad confidential information definition, can create a landmine for your company's future development work.
Not all NDAs need residuals clauses — they're most relevant in technical, product, or R&D contexts. If you're in those fields, make sure your legal team evaluates whether one is appropriate.
## Unilateral vs. Mutual NDAs: When It Matters
A mutual NDA creates obligations for *both* parties. A unilateral NDA creates obligations only for the receiving party.
Unilateral NDAs make sense when only one party is disclosing sensitive information — a startup sharing its pitch deck with investors, for example. Mutual NDAs make sense when both parties will share sensitive information in the course of evaluating a potential partnership.
The mistake both parties make: a vendor sends a unilateral NDA when the relationship will require the client to share sensitive operational data; the client signs without noticing they have no protection. Always check which way the obligations run before signing.
## Geographic Scope
Most standard NDAs are silent on geographic scope — which means they apply everywhere. In most cases this is fine. But for NDAs in regulated industries or cross-border transactions, geographic scope can matter for enforceability.
In the EU, for example, an NDA that purports to restrict disclosure in ways that conflict with GDPR's data subject rights provisions may be unenforceable in that jurisdiction. Know where both parties operate before you sign.
## Remedies and Injunctive Relief Clauses
Many NDAs include a provision acknowledging that breach would cause "irreparable harm" and that the disclosing party is entitled to injunctive relief without the need to post a bond.
> ⚠️ **Red Flag:** *"Receiving Party acknowledges that any breach of this Agreement would cause irreparable harm to Disclosing Party for which monetary damages would be an inadequate remedy, and Disclosing Party shall be entitled to seek injunctive relief without the requirement to post a bond or other security."*
Injunctive relief can freeze your business operations while a dispute is pending. Pre-agreeing that harm is "irreparable" removes the court's discretion to assess whether actual harm occurred. Consider whether this language is appropriate for the information being shared, and push back on the "no bond" requirement.
## What Makes an NDA Unenforceable
Courts regularly refuse to enforce NDAs for the following reasons:
- **Overbreadth:** If the definition of confidential information is so broad it's effectively unlimited, courts may refuse to enforce it at all.
- **No legitimate interest:** NDAs must protect a genuine confidential interest, not simply prevent a party from doing business.
- **Unconscionability:** NDAs signed under duress or with significantly unequal bargaining power can be challenged.
- **Missing consideration:** In some jurisdictions, an NDA signed after employment begins (without additional consideration) may not be enforceable.
## When NDAs Are Weaponized
This is the issue that has received significant public attention: NDAs used to prevent employees from disclosing workplace misconduct. Many jurisdictions now have legislation limiting the enforceability of NDAs that prevent disclosure of sexual harassment, discrimination, or other serious misconduct.
If you're asked to sign an NDA that contains language purporting to prevent you from reporting workplace misconduct to regulators or law enforcement, that clause is likely unenforceable — and its presence is itself a red flag.
## The NDA vs. Non-Compete Confusion
NDAs and non-compete agreements are different things that are often confused — or deliberately conflated. An NDA restricts disclosure of information. A non-compete restricts working for competitors.
Some NDAs include non-compete language buried in definitions or use clauses. If you're signing what's presented as an NDA and you see language about "not engaging in competitive activity" or "not working for competitors," you're looking at a non-compete provision — with all the scrutiny that entails.
**Run your NDA through Contract Checked** before signing. Our analysis specifically identifies whether an NDA contains non-compete provisions, whether the duration is reasonable, and whether standard carve-outs are present.
## Related Guides
- [NDA Analysis: What to Watch For](/analyze/nda)
- [Partnership Agreement Guide](/analyze/partnership-agreement)
- [Employment Contract Red Flags](/blog/employment-contract-negotiation-guide)
## Analyze Your Contract Before You Sign
Don't navigate this alone. Upload your contract to Contract Checked and get an instant plain-English analysis — free, no login required. [Analyze your contract now →](https://contractchecked.com/#upload-section)
Non-disclosure agreements are among the most commonly signed — and most poorly drafted — contracts in business. People treat them as formalities. They're not. A badly written NDA can expose you to liability for sharing information you thought was public, prevent you from working in your field, or give the other party a weapon they can use against you for years.
Here's what both sides routinely get wrong.
## Overly Broad Definitions of "Confidential Information"
The most consequential clause in any NDA is the definition of confidential information. Vague or overbroad definitions are the root cause of most NDA disputes.
> ⚠️ **Red Flag:** *"Confidential Information means all information, in any form, disclosed by one party to the other, whether or not marked as confidential, including but not limited to business plans, financial data, technical information, customer lists, and any other information that may be of value to the disclosing party."*
"Any other information that may be of value" essentially covers everything. Under this definition, you could be in breach for mentioning in conversation that you met with the company — because that meeting itself could be considered confidential information "of value."
**What good language looks like:** Confidential information should be defined with specificity, should require marking (or at minimum, oral notice followed by written confirmation within a reasonable time), and should clearly exclude information that: (a) was already known to the recipient; (b) became public through no fault of the recipient; (c) was independently developed by the recipient; or (d) was disclosed to the recipient by a third party without restriction.
## Indefinite Duration NDAs
"This Agreement shall remain in effect in perpetuity" is language that appears in real NDAs — and should be a non-starter. Information doesn't stay confidential forever. Reasonable NDA durations depend on the nature of the information.
For most commercial relationships, two to five years is standard. For genuinely sensitive trade secrets, five years may be appropriate. "Perpetual" NDAs create ongoing legal risk and are increasingly viewed by courts with suspicion — especially when applied to information that has since become publicly available.
> ⚠️ **Red Flag:** *"The obligations of confidentiality under this Agreement shall continue indefinitely and shall survive any termination or expiration of this Agreement."*
Push to define a specific term. If the disclosing party insists on perpetual protection for specific categories (e.g., source code, formulas), agree to those categories explicitly while limiting the duration for general business information.
## No Carve-Outs for Public Domain Information
Related to the above: a well-drafted NDA always includes explicit carve-outs for information that is, or becomes, publicly available. Without these carve-outs, you can technically be in breach of an NDA for repeating something that appeared in a newspaper.
The standard carve-outs are:
- Information that is publicly known at the time of disclosure
- Information that becomes publicly known after disclosure through no fault of the receiving party
- Information independently developed by the receiving party without reference to the confidential information
- Information received from a third party not subject to confidentiality obligations
- Information required to be disclosed by law or court order (with notice to the disclosing party)
If any of these are missing from the NDA you're signing, insist on adding them.
## Missing Residuals Clauses (For Technical NDAs)
A residuals clause allows the receiving party to use information retained in the *unaided memory* of people who had access to the confidential information — without copying or referencing the confidential documents.
This matters enormously in technology and consulting contexts. If your team evaluates a client's technology and then you later build something in the same space, you need protection against claims that you "used" their confidential information simply because your engineers were exposed to it.
> ⚠️ **Red Flag (by omission):** An NDA for a technical evaluation with no residuals clause, combined with a broad confidential information definition, can create a landmine for your company's future development work.
Not all NDAs need residuals clauses — they're most relevant in technical, product, or R&D contexts. If you're in those fields, make sure your legal team evaluates whether one is appropriate.
## Unilateral vs. Mutual NDAs: When It Matters
A mutual NDA creates obligations for *both* parties. A unilateral NDA creates obligations only for the receiving party.
Unilateral NDAs make sense when only one party is disclosing sensitive information — a startup sharing its pitch deck with investors, for example. Mutual NDAs make sense when both parties will share sensitive information in the course of evaluating a potential partnership.
The mistake both parties make: a vendor sends a unilateral NDA when the relationship will require the client to share sensitive operational data; the client signs without noticing they have no protection. Always check which way the obligations run before signing.
## Geographic Scope
Most standard NDAs are silent on geographic scope — which means they apply everywhere. In most cases this is fine. But for NDAs in regulated industries or cross-border transactions, geographic scope can matter for enforceability.
In the EU, for example, an NDA that purports to restrict disclosure in ways that conflict with GDPR's data subject rights provisions may be unenforceable in that jurisdiction. Know where both parties operate before you sign.
## Remedies and Injunctive Relief Clauses
Many NDAs include a provision acknowledging that breach would cause "irreparable harm" and that the disclosing party is entitled to injunctive relief without the need to post a bond.
> ⚠️ **Red Flag:** *"Receiving Party acknowledges that any breach of this Agreement would cause irreparable harm to Disclosing Party for which monetary damages would be an inadequate remedy, and Disclosing Party shall be entitled to seek injunctive relief without the requirement to post a bond or other security."*
Injunctive relief can freeze your business operations while a dispute is pending. Pre-agreeing that harm is "irreparable" removes the court's discretion to assess whether actual harm occurred. Consider whether this language is appropriate for the information being shared, and push back on the "no bond" requirement.
## What Makes an NDA Unenforceable
Courts regularly refuse to enforce NDAs for the following reasons:
- **Overbreadth:** If the definition of confidential information is so broad it's effectively unlimited, courts may refuse to enforce it at all.
- **No legitimate interest:** NDAs must protect a genuine confidential interest, not simply prevent a party from doing business.
- **Unconscionability:** NDAs signed under duress or with significantly unequal bargaining power can be challenged.
- **Missing consideration:** In some jurisdictions, an NDA signed after employment begins (without additional consideration) may not be enforceable.
## When NDAs Are Weaponized
This is the issue that has received significant public attention: NDAs used to prevent employees from disclosing workplace misconduct. Many jurisdictions now have legislation limiting the enforceability of NDAs that prevent disclosure of sexual harassment, discrimination, or other serious misconduct.
If you're asked to sign an NDA that contains language purporting to prevent you from reporting workplace misconduct to regulators or law enforcement, that clause is likely unenforceable — and its presence is itself a red flag.
## The NDA vs. Non-Compete Confusion
NDAs and non-compete agreements are different things that are often confused — or deliberately conflated. An NDA restricts disclosure of information. A non-compete restricts working for competitors.
Some NDAs include non-compete language buried in definitions or use clauses. If you're signing what's presented as an NDA and you see language about "not engaging in competitive activity" or "not working for competitors," you're looking at a non-compete provision — with all the scrutiny that entails.
**Run your NDA through Contract Checked** before signing. Our analysis specifically identifies whether an NDA contains non-compete provisions, whether the duration is reasonable, and whether standard carve-outs are present.
## Related Guides
- [NDA Analysis: What to Watch For](/analyze/nda)
- [Partnership Agreement Guide](/analyze/partnership-agreement)
- [Employment Contract Red Flags](/blog/employment-contract-negotiation-guide)
## Analyze Your Contract Before You Sign
Don't navigate this alone. Upload your contract to Contract Checked and get an instant plain-English analysis — free, no login required. [Analyze your contract now →](https://contractchecked.com/#upload-section)
NDAsNon-Disclosure AgreementsContract Drafting
Ready to Analyze Your Contract?
Get instant AI-powered analysis of your contracts with risk assessment and recommendations.
Analyze Contract Free