Generally speaking, my rule of thumb is that an NDA shouldn't be necessary if you're simply discussing the business. If an idea is so copyable that simply repeating aloud it is dangerous, then you're going to get copied by bigger players as soon as the viability of the idea has been demonstrated. So the company's pretty much hosed anyway. When it comes to basic business and marketing advice, it really limits the valuable input that can be gained if the business owners are super cagey about talking about their ideas.
On the other hand, if actual core IP (like code and business documents) is going to be seen in detail and contributed to by someone, then an NDA is a must. Not only an NDA, but also an IP assignment agreement. It must be unambiguously clear that the business, not any individuals, owns the IP of the company. I don't care if someone just wants to help out of the goodness of their heart; if they're looking at the code, they need to be willing to sign some paperwork.
Related: It's incredibly galling when someone wants you to sign an NDA to talk about something on which they have a bullshit patent. Really?? Trade secret XOR patent, please choose.
I get the feeling that companies don't like to talk about or advertise the patents that they own, because it's fantastic for them if somebody else independently has the brilliant idea of rounded corners on the casing of a portable screen.
> On the other hand, if actual core IP (like code and business documents) is going to be seen in detail
This is what I always look for in an NDA or I don't sign one. People generally take some generic NDA contract they found online that is so vague you're probably in violation the minute you sign it. I'm guessing this is why others say it's hard to enforce, so why sign one?
Bottom line: unless an entity has specific IP and other trade secrets they want to protect and it is spelled out in the agreement then I'm not signing it, and if it's required I'm not interested. It's probably a good filter IMO.
The reason I ask you to sign an NDA is not because I am scared you're going to steal my idea. We can talk in depth about the business over coffee, dinner, long weekend ad nauseam. But if you want to see the code and hear about the non-public deals then you sign an NDA.
I'm pretty sure this post is not meant to apply to real companies, but there is a lot more going on out in the real world than this straw man of cold-calling wantrepreneurs.
But if you want to see the code and hear about the non-public deals then you sign an NDA.
Aye, but that's not the point of the article. It's not that I (or the author) want to see code & details, it's that you want me to see them. The author makes clear he's got a thousand other items on his to-do list, and has a thousand people coming to him with allegedly brilliant ideas; he has no particular interest in the idea, is not already willing to give up something for access to the idea.
Sure, if I want in on your idea, I might be willing to give up something for that access - hence willingness to sign an NDA. But don't come to me with zero context saying "I've got this amazing idea, sign away your rights and I'll tell you about it." Kinda like a legislator saying "we have to pass the bill so you can find out what's in it"; we see how well that's working out...
This is a critical distinction to make. I'm constantly approached by people who want to use our platform for their business. Our platform is pretty much self service (API's,docs, pricing) but they really want to have a call with me to discuss their business and learn more about us. Ok, no problem with that. Then they say "Oh and you'll need to sign our NDA before we can tell you more about our business" Ughh! You want to tell me about your business in depth. I don't want to take on the burden of multi year lock in on data especially when I talk to a lot of startups all the time.
That's what I figured, but the title is overly broad. It's not actually about NDAs, it's about clueless cargo-cult entrepreneurs who probably have yet to start executing on their first idea. Saying "I won't sign an NDA" in bold face type out of context appears to be throwing the baby out with the bathwater. Most NDAs (especially the ones with any likelihood of being enforced) don't come from the type of person this article talks about.
Last NDA I signed somewhat specifically limited itself to the business aspects (tech was, oddly, missing).
I actually really like that model--it leaves me as an engineer free to talk shop and not perform mental gymnastics with the color of the implementation stuff in my head, and very clearly gives protection for the stuff that makes up the core business of the startup (you know, the actual business).
There seems to be very little real IP in web startups these days--and I really hate software patents. So, an agreement where I can't talk business but can talk code and techniques sits very well with me.
> But if you want to see the code and hear about the non-public deals then you sign an NDA.
I think most people would be fine with an NDA that just covered the code and a small slice of the deals. As long as it just covers specifics. Most people probably would just tell you to not show stuff you want to keep that secret though.
Partway through a 12-week course, I had a student hand me an NDA to sign before he would tell me the awesome brilliant idea he was so eager to discuss. He was baffled when I didn't sign it on the spot and said I'd get back to him after I had a chance to read it. He never showed up in class again.
If you want me to sign an NDA, make sure you follow thru on your commitments to me. If you're a student and I'm the professor, pass the course first.
The biggest problem with NDAs that I've come across is that often people want to slip non-compete type clauses into them. If it is a straight up non-disclosure agreement, it's going to cost the company more to sue you than it would ever be worth to enforce the NDA, so practically it doesn't have much effect. Of course, if the company in question has huge resources, you might want to be more circumspect.
Way back when IBM was a big juicy target for lawsuits, an employee told me IBM doesn't sign NDAs: "We don't want you to disclose anything confidential to us." Because, how the hell would they even keep track of the information status across all those people and projects? Not realistic.
In my experience NDAs aren't practical to enforce and hardly anyone takes them seriously. I've seen them used mostly as a sort of social ritual, much like shaking hands, asking "How are you?", and "Hey, can you keep a secret?".
A lot of this seems like mis-communication between a lawyer and a client. It sounds like people have talked to a lawyer. The lawyer says, "you need an NDA to talk with people about your business." The lawyer means for real negotiations about partnerships, etc. He never intends for it to be about semi-casual discussions about ideas. He is not in the tech business. "Talking about your business" to him means specific business strategies, pricing, bid and proposals, etc. And he crafted the NDA to cover these items.
A good alternative to "I'll never sign an NDA" is to counter with your own NDA that properly excludes the obvious. A good NDA, including ones that I have signed from major corporations, exclude information that has been made public in any way or that you hear from a third party. Or material that can be derived from public information.
That makes sense. But then you're into back and forth contracts in relation to your free gift of time and expertise. And once official rules are involved, relationship dynamics change.
I think this is something where the perception of utility is far different in the startup world that big enterprise. In the enterprise world, where there are too many people with too many complex business relationships to keep track of everything, and too diverse a group of meeting participants to know everything about them, and where you may not be discussing your IP or your business deals but the situations of your own customers or suppliers, an NDA is a no-brainer. It amounts to much the same thing as doctor/patient or attorney/client confidentiality principles and allows free, assumed-secure speech in any environment where all parties present may not otherwise have an appropriate level of trust to be comfortable engaging that way. In my business of contract engineering & manufacturing, we don't create nearly as much internal IP as we handle the IP of our customers. However, we apply our unique processes & systems to achieve the goals of our customers and if we want to discuss how we do that when engaging with potential new customers, we absolutely require NDAs. It doesn't help things that in the EMS industry almost all the big OEMs have contracts with several competing EMS companies (just look at Apple with Foxconn, Samsung and Pegatron, for example... or Dell/HP using both Quanta & Compal... but also using Flextronics, Sanmina, Jabil and Celestica.). It gets messy fast and ensuring legal recourse for accidental or intentional leaks is a necessity.
On the other hand, as an established business, if you needed the sort of consultation this guy is providing for free to would-be startups, you'd pay for it. Not only does this drastically change the risk/reward tradeoffs for the consultant, your issues are likely to be a lot more concrete and specific than pie-in-the-sky I've got a revolutionary idea startup stuff.
If your business model is so fragile that merely discussing it threatens is a threat then you haven't got a business model at all.
Great businesspeople talk about their business. They tell everyone: Friends, strangers, potential customers. All kinds of people can provide useful feedback and the more you discuss your business the better an idea you're likely to have of how to build a good product.
Besides -- the only people who ever ask me to sign an NDA are the people who haven't got anything worth guarding to begin with.
There are plenty of good reasons not to sign someone else's NDA, but there's usually a very good reason not to ask someone to sign yours: without the willingness and ability to try to enforce it, your NDA isn't worth the paper it's printed on.
In reality only a fraction of the people who enter into agreements actually have the wherewithal to enforce them. This is particularly true when dealing with individuals (especially "entrepreneurs") and small business owners.
I normally don't sign NDAs, but I'm currently at a company that I'm really enjoying and they're putting one in front of me. The case they're making is that if they don't get all their devs to sign NDAs that they'll have trouble attracting investors. Thoughts?
I've heard of a few misguided attempts to go after former employees who, supposedly, violated anti-compete clauses, but I don't recall anyone being sued for violating an NDA. I'm sure it's happened, but it's got to be rare. Usually successful companies are too busy building a great product and don't have time to mess around with NDA lawsuits.
I'm curious, can anyone recall a successful lawsuit over a violation of an NDA? Particularly with regard to early stage startups.
Tyler, good post. I agree with you on most of it. I think your issue really becomes (and this is why I refuse to sign them most of the time): the cost of defending an NDA is usually not worth the cost of the engagement. I.e. if the project is worth under $20k to you, its not worth the potential cost of hiring a lawyer to defend it. Also what are these people building? nuclear weapons? most ideas aren't as original as people think.
It is very hard to copy the most important parts of a startup, even if you have some of the ideas:
+ business model innovation
+ go to market strategy
+ execution, focus and efficiency
+ iteration
+ user/customer care and cultivation
+ brand integrity and trust
+ vision
+ partnerships
Said another way, if it my idea and I am going to you, then I am doing so to brainstorm and get ideas from you too that may eventually conflict with your interests. Should you ask me for an NDA?
No one ever sues over an NDA. The point of an NDA is to set up an expectation of confidentiality. It's easier than having the conversation that you expect the discussions to go no further which leaves the possibility of ambiguity.
Absolutely problems arise where an NDA is overly broad, the duration is excessive or there are circumstances where it is inappropriate but the idea of the NDA itself is not bad per se.
Mr. and Mrs. Kidall, and back then IBM NDAs etc. were so onerous they would essentially own your product/company if they so choose. I was told this specifically about the MIT AI Lab's Lisp Machine, they were approached by IBM but turned them down after a MIT lawyer looked at the agreement.
Digital Research had an existing business to protect, Microsoft didn't have an OS business besides their licensed XENIX, and was just starting to branch out from computer languages (e.g. BASIC). It was a calculated risk for both, and for all we know against the Kidalls IBM would have gotten away with a lot more than against Bill Gates.
Who I'd note was massively connected through his family, e.g. his mother, per Wikipedia:
"Beyond the Seattle area, Gates was appointed to the board of directors of the national United Way in 1980, becoming the first woman to lead it in 1983. Her tenure on the national board's executive committee is believed to have helped Microsoft, based in Seattle, at a crucial time. In 1980, she discussed with John Opel, a fellow committee member who was the chairman of the International Business Machines Corporation, her son's company. Mr. Opel, by some accounts, mentioned Mrs. Gates to other I.B.M. executives.
A few weeks later, I.B.M. took a chance by hiring Microsoft, then a small software firm, to develop an operating system for its first personal computer."
His father was principle counsel and later a named partner in a major white shoe law firm. He wasn't someone IBM could casually screw over.
This NDA business seems far more prevalent in the US than in Europe. I've only been asked to sign an NDA at one place I worked at for several years. After refusing they just let the idea go and I didn't hear of the NDA ever again.
There's no point in me having you sign an NDA if I don't plan to sue you should you violate it.
I'm asking you to sign a document so I can sue you later. What do you get in return?
This guy says he's giving out free advice to strangers, expecting nothing in return. There's very little upside for him. So why should he take the risk, how would it benefit him?
I think your interpretation of "sign a document so I can sue you later" is pretty inaccurate. Someone is disclosing an idea and wants to protect themselves in case you decide their idea is worth implementing. I don't think it's an unrealistic request. Furthermore, most NDAs I've seen don't really protect much of anything.
The downside of saying 'no' is that you will never (or rarely) have them as a potential client. Maybe you have clients throwing themselves at you, but in my neck of the woods, clients aren't exactly a dime a dozen. I'm not going to sign anything that I feel would put me or my business at unreasonable risk, but no NDA I've ever signed has been worded that unrealistically.
To make a blanket statement that I'll never sign your NDA and NDAs are a dumb waste of time sounds like a difficult person to deal with right off the bat.
It's called a "non disclosure" agreement not a non compete agreement. What you're signing up for is "I won't disclose your content to a third party" So it's fraught with risk. You have to take that conversation and bottle it away and not mention it for 3-5 years to anyone else in case they think it's a good idea and pivot or start a company to go do that.
You sign that agreement, have one coffee, never hear from the guy again. Two years later you join on as an advisor to a company that does something similar to that startup and they're claiming you must be disclosing what you learned from them to this new startup! Far fetched but if you sign 20 - 30 NDA's a year because you're actively helping people you will get bit on the butt but some neurotic founder at some point.
>To make a blanket statement that I'll never sign your NDA ...
Maybe you should actually read what the author wrote. He didn't make a blanket statement. The author refuses to sign an NDA when he is approached for advice about some idea somebody may have. This is perfectly reasonable. Why should he open himself up to liability for giving (free) advice and guidance over coffee?
On the other hand, if he is approached in a more formal setting, such as when he is hired or contracted out by the party, then it would be unreasonable for him to refuse an NDA.
So, I have lots of ideas. You want to share your idea with me, and I sign an NDA prior to hearing it. Turns out I already had that idea, and with that NDA, haven't you basically just stolen my idea from me?
No thanks. I am not a lawyer, I don't trust my ability to parse an NDA and accurately and confidently predict exactly what is covered and what is not, nor do I want to predict whether you tie me up in some bullshit lawsuit that will go nowhere but waste my time and money.
No. I just don't see what is in it for me relative to the risks.
Did you read the article? The author is talking about NDA's from people who want to discuss startup ideas with him, not NDA's from clients or potential clients.
Wow, so someone would sign an NDA for the purpose of having a free consult and nothing further? How is this some sort of bold statement that is making it to the front page of hacker news? "I won't incur risk for nothing in return". So brave.
Many relationships start with potential clients shopping around. They get a free consult. If that's not what this guy is referring to, then my mistake. I wouldn't sign the NDA either, but I could just as easily named this article "I won't stab myself in the eye".
I'm sure you will think I'm difficult to deal with then, but I actually take it one step further.
If a person starts to tell me about an idea and I know that we're in the same industry, I will sometimes stop him and let him know that he shouldn't tell me anything that he wants to keep for himself. When you're faced with a certain problem, it's very likely that your solution will look like somebody else's and I don't want anybody upset with me because I "stole" their idea.
Signing an NDA puts you in a bad position and even if there is no real legal threat because of vague formulation or whatever, you risk making enemies which in itself can cost a lot of time one way or another.
Signing randomly sourced contracts seems like a bad idea. If he really wanted to work with people who like NDA's, maybe he should have his own lawyer draft a general purpose one for him to use in these situations.
On the other hand, if actual core IP (like code and business documents) is going to be seen in detail and contributed to by someone, then an NDA is a must. Not only an NDA, but also an IP assignment agreement. It must be unambiguously clear that the business, not any individuals, owns the IP of the company. I don't care if someone just wants to help out of the goodness of their heart; if they're looking at the code, they need to be willing to sign some paperwork.