A Non-Disclosure Agreement (NDA) is an agreement in which parties agree to confidentiality regarding information to be exchanged. Before entering into discussions with a foreign party about a collaboration, you often share sensitive information. In our practice, we see NDAs that appear to offer solid protection but prove difficult to enforce in the event of a dispute. Good international NDAs require more than a standard text from the internet.
What is the legal problem?
What qualifies as confidential varies by legal system. The burden of proof in the event of a breach is heavy: how do you demonstrate that your information has been used? Without a well-thought-out definition, duration, exit clause, and enforcement mechanism, an NDA is primarily legal window dressing. Internationally, rules regarding duration, penalty clauses, and enforceability vary. An overly broad NDA is difficult to enforce; A scope that is too narrow offers no protection.
What does the law say?
Within the EU, Directive (EU) 2016/943 on the protection of trade secrets applies. In the Netherlands, this is implemented in the Trade Secrets Protection Act (2018). Article 1 defines a trade secret as information that is secret, has commercial value, and for which reasonable security measures have been taken. Articles 5 et seq. provide civil law remedies: injunction, damages, destruction of infringing products.
For penalty clauses, Articles 6:91 et seq. of the Dutch Civil Code apply: power to mitigate in the event of an excessively high fine. Under English law, a fixed penalty is often unenforceable (Cavendish v Makdessi, 2015).
What risks do companies face?
An overly broad NDA is unenforceable in France and Belgium for an indefinite period. In the event of a breach, there is a risk of losing a competitive advantage without real compensation. Without a clear choice of law, choice of forum, and penalty clause, litigation becomes time-consuming and expensive. In cross-border relationships, enforcement can extend over several years, with an uncertain outcome. Proof of breach is often only possible through digital logging and forensic investigation.
Practical example from our practice
We advised a Dutch scale-up that shared confidential market data with an American investor. The NDA used was drafted using a Dutch template without a choice of forum or penalty clause. The information ended up with a competitor. In the subsequent proceedings, damages were difficult to prove and enforcement through an American court was complex. Upon renegotiation, we opted for an NDA under Dutch law, with arbitration under the NAI, a detailed definition of confidential information, and a predetermined penalty of 100,000 euros per violation.
What can you do?
Clearly define confidential information with examples and categories. Limit purpose and duration (three to five years for commercial conversations). Incorporate reasonable after-effects for specific information. Combine with choice of law, choice of forum, or arbitration. Add a penalty clause where applicable law permits. Tailor to the value of the information to be protected. See also our article on Confidentiality Clauses That Really Work.