General

What Is an NDA Clause? Definition, Risks & Red Flags

An NDA clause — also called a confidentiality clause, non-disclosure clause, or secrecy clause — obligates one or both parties to keep certain information private and out of reach of third parties. It sounds straightforward, but the details determine whether you are signing a reasonable protection or a trap. Overly broad definitions, indefinite time limits, and missing whistleblower carve-outs can turn a standard clause into a serious liability. Before you sign, you need to know exactly what information is covered, for how long, and what happens if you slip up.

What Is a NDA Clause?

Plain English

An NDA clause is a contractual promise — made by you, the other party, or both — not to share specific information with people outside the agreement. It spells out what counts as secret, how long the secret must be kept, and what consequences follow if that promise is broken.

Legal Context

From the drafter's perspective, an NDA clause protects commercially sensitive material — trade secrets, client lists, pricing data, proprietary technology — from reaching competitors or the public. Drafters typically define 'confidential information' broadly to maximize protection and include injunctive relief provisions so they can seek a court order quickly if a breach occurs, without waiting to prove financial damages.

How It Appears in Contracts

NDA clauses appear either as standalone agreements signed before negotiations begin or as embedded provisions within larger contracts such as employment agreements, consulting agreements, partnership agreements, and software licensing deals.

Example language (illustrative only — not legal advice)
ILLUSTRATIVE EXAMPLE ONLY — NOT LEGAL ADVICE: 'Each party agrees to hold in strict confidence all Confidential Information received from the other party and not to disclose such information to any third party without prior written consent. Confidential Information means any non-public information disclosed in any form that is designated as confidential or that reasonably should be understood to be confidential given the nature of the information and the circumstances of disclosure. This obligation shall survive termination of this Agreement for a period of three (3) years.'

What to look for in the actual clause text:

Risks & Red Flags

Overly broad definition of confidential information

Some NDA clauses define confidential information as virtually everything exchanged between the parties, including information that is already public or that you knew before entering the relationship. This can prevent you from using your own background knowledge and skills, effectively functioning as an unenforceable — but still stressful and costly — restriction on your career or business.

Indefinite or perpetual duration

A clause that never expires creates a lifelong obligation to protect ordinary business information like meeting notes or general strategy discussions. While perpetual protection may be appropriate for genuine trade secrets, applying it to routine business information is disproportionate and, in some jurisdictions, unenforceable — but you may still face costly litigation before a court agrees.

No carve-out for legally required disclosures

If you are subpoenaed, contacted by a regulator, or need to disclose information to your attorney, you should not be in breach of your NDA for doing so. A clause without these exclusions could technically put you in violation for complying with the law, and in the US, NDAs that restrict reporting to government agencies may conflict with federal whistleblower protections.

One-sided obligations with no reciprocal protection

When only one party — usually the less powerful one — carries all the confidentiality duties, the agreement provides no protection for your own sensitive information that the other party learns during the relationship. This asymmetry is sometimes intentional and sometimes just lazy drafting, but either way it is worth negotiating.

Disproportionate liquidated damages per breach

Some NDA clauses specify a fixed penalty amount — say $50,000 or $100,000 — for each individual disclosure, regardless of actual harm. Courts in many jurisdictions will refuse to enforce penalty clauses that bear no reasonable relationship to anticipated damages, but defending yourself in litigation is expensive even when you ultimately prevail.

Scope creep into non-compete territory

Language restricting not just disclosure but 'use' of confidential information can effectively prevent you from applying skills, techniques, or general knowledge gained during the relationship in future work. This blurs the line between a confidentiality obligation and a non-compete restriction — and in jurisdictions with strict limits on non-competes, such language may be intended to achieve the same restraint under a different label.

Enforceability

NDA clauses are generally enforceable in most jurisdictions when they protect legitimately confidential information, are reasonable in scope and duration, and include appropriate exclusions. Courts tend to scrutinize NDAs most closely when they are between employers and employees, particularly where power imbalances exist, and will often decline to enforce provisions that are unreasonably broad or that conflict with public policy.

Varies by jurisdiction

In the United States, enforceability varies significantly by state — California courts are notably hostile to broad employee NDAs and will refuse to enforce clauses that effectively operate as non-competes. In the UK, NDAs cannot lawfully prevent someone from reporting a crime or cooperating with a regulator. Under EU law, the Trade Secrets Directive sets a baseline for trade secret protection, but member states implement it differently, and whistleblower protections under EU Directive 2019/1937 limit how NDAs can restrict reporting misconduct. Always consult a qualified lawyer in the relevant jurisdiction before signing or drafting.

Negotiation Tips

  1. Push for a mutual NDA if you will be sharing any sensitive information of your own — even in an employment context, you may disclose proprietary methods, client relationships, or technical approaches that deserve protection.
  2. Request a defined list or category of what counts as confidential rather than an open-ended definition; if that is not possible, insist on explicit exclusions for information you already knew, information that becomes public through no fault of yours, and information received from other sources.
  3. Propose a fixed duration that is proportionate to the sensitivity of the information — two to five years is common for standard business information; indefinite terms should be reserved for genuine trade secrets and should be labeled as such.
  4. Insist on carve-outs for legally required disclosures, communications with your attorney, and reports to government agencies or regulators — these should be non-negotiable for your own protection.
  5. If the clause includes liquidated damages, ask for the figure to be reduced or tied to actual demonstrable harm rather than a flat penalty per incident; alternatively, ask for a notice-and-cure period that gives you a chance to correct an inadvertent disclosure before penalties attach.
  6. Watch for 'use' restrictions buried in the confidentiality language — if the clause prohibits 'using' confidential information rather than just disclosing it, ask for a clarification that general skills, knowledge, and experience you have developed are not covered.

Frequently Asked Questions

What is the difference between an NDA clause and a standalone NDA agreement?

A standalone NDA is an entire contract whose sole purpose is confidentiality — typically signed before business discussions begin. An NDA clause is a confidentiality provision embedded inside a larger contract, such as an employment agreement or a services contract. They serve the same function and carry the same risks; the difference is structural. Either way, the same scrutiny applies.

Is a confidentiality clause the same as a non-disclosure clause?

Yes — confidentiality clause, non-disclosure clause, NDA clause, secrecy clause, and CDA clause (confidential disclosure agreement clause) all refer to the same type of contractual provision. The terminology varies by industry and geography but the legal effect is essentially identical: a binding promise to keep specified information private.

Can an NDA clause stop me from reporting illegal activity to the authorities?

In most jurisdictions it cannot and should not. In the US, federal whistleblower statutes protect the right to report violations to agencies such as the SEC, NLRB, or OSHA, and an NDA cannot override those rights. In the UK, NDAs cannot lawfully silence someone reporting a crime. If your NDA does not include an explicit carve-out for reporting to law enforcement or regulators, that is a red flag worth raising with a lawyer before you sign.

How long does an NDA clause typically last?

Most NDA clauses for general business information run between one and five years after the agreement ends. Clauses protecting genuine trade secrets — formulas, source code, proprietary processes — may run indefinitely because trade secret protection under laws like the US Defend Trade Secrets Act does not expire as long as secrecy is maintained. An indefinite term applied to ordinary business information is a red flag and worth negotiating down to a fixed period.

What happens if I accidentally violate an NDA clause?

The consequences depend on what the contract says and how serious the disclosure was. The disclosing party may seek an injunction to prevent further disclosure, monetary damages for actual harm caused, or liquidated damages if the clause specifies a fixed penalty. Courts in many jurisdictions will consider whether the breach was intentional or accidental when assessing damages. If you think you may have inadvertently violated an NDA, consult a lawyer promptly — early advice can significantly affect the outcome.

Can an employer use an NDA clause to prevent me from using skills I learned on the job?

Generally, no — employees retain the right to use general skills, knowledge, and experience they develop during employment, even when that knowledge was gained working with confidential information. However, some NDA clauses are drafted broadly enough to blur this line, and 'use' restrictions can function as disguised non-competes. If your NDA's language restricts what you can do with your skills rather than just what you can disclose, raise the issue before signing.

Does a non-disclosure clause protect me if the other party shares my information?

Only if the NDA is mutual — meaning both parties have confidentiality obligations. A one-sided NDA protects the party who drafted it, not you. If you are sharing any sensitive information during the relationship, insist on a mutual confidentiality clause so your disclosures receive the same protection as theirs.

Are NDA clauses enforceable in all US states?

Enforceability varies significantly by state. California is the most restrictive — courts there routinely refuse to enforce NDA provisions that effectively operate as non-competes or that prevent employees from using general knowledge in their field. Other states, particularly those that have adopted the Uniform Trade Secrets Act, are more permissive. Because enforceability is so jurisdiction-specific, you should consult a lawyer familiar with the laws of the state whose law governs your contract.

Non-Disparagement ClauseIP Assignment ClauseNon-Compete ClauseGoverning Law ClauseNon-Solicitation Clause