Nondisclosure Agreements Deserve A Closer Look
» Click here to read more articles from our latest M&A and Corporate Governance Newsletter. One of the first steps in mergers and acquisitions discussions is for the parties to enter into a nondisclosure or confidentiality agreement (NDA). NDAs are usually based on a trusty template — dusted off, the parties’ names inserted and executed quickly with very little discussion.
While the NDA may seem to be the simplest of all of the documents in an M&A transaction, it may deserve a closer look, particularly where a strategic buyer may be preferred over a financial buyer or in the context of an auction sale with multiple bidders. Because a strategic buyer is looking for synergies to create opportunities for growth, it often will have competitive products or services, overlapping customers or suppliers, or may even be a customer of the seller. While these synergies may bring significant value if the deal closes, they also may create risk for the seller if the deal does not close.
When drafting NDAs, there are a number of points to consider that were probably last weighed when that trusty template was originally drafted. Below are a few key items to consider when preparing or reviewing an NDA in these contexts:
1. Parties. A typical NDA is a straightforward contract between two parties, the seller on one hand and the buyer on the other. However, this may not provide the protections a seller may require or give the buyer the flexibility it needs. For example, if the seller or the target has multiple entities, does the seller actually have the right to disclose the information on behalf of all of those entities? Does the NDA allow the buyer to disclose the seller’s confidential information to its affiliates as well as any third-party legal and financial advisers?
The answers to these questions may vary depending on the type of information being disclosed, particularly if any of the information is personally identifiable information (PII) that may require consent for disclosure to these entities or for use in the context of an M&A transaction. The seller or the target should not risk being in breach of data protection statutes or triggering breach notification statutes by disclosing PII to third parties who are not bound by the NDA. Consider what information is likely to be disclosed, which entities will be disclosing the information and which entities will be involved in the due diligence or receiving the information.
Each party also should be made aware of who is and is not authorized to receive confidential information, and this should be clearly stated in the NDA. Before allowing any affiliate or third-party advisers to be an authorized recipient under an NDA, both parties should be satisfied that the buyer will be able, and willing, to comply with its obligations and enforce the confidentiality obligations on its authorized affiliates and third-party advisers once it receives confidential information. Moreover, depending on who will be the authorized recipient (for example, a third-party adviser that does not owe any duty of confidentiality to the buyer), the seller may also want to require such party to enter into a back-to-back NDA imposing the same obligations on the third-party adviser that are imposed on the buyer.
Today, it is increasingly common for the seller to provide information directly to a buyer’s external legal counsel or investment bankers, so ensuring such disclosure is covered by the NDA is critical if such recipients are to have a duty to maintain the confidentiality of such information.
2. Scope. A typical definition of “evaluation materials” or “confidential information” is one like the example below:
“Evaluation Material” means all information, data, documents, agreements, files and other materials, whether disclosed orally or disclosed or stored in written, electronic or other form or media, which is obtained from or disclosed by the Disclosing Party or its Representatives before or after the date hereof regarding the Company, including, without limitation, all analyses, compilations, reports, forecasts, studies, samples and other documents prepared by or for the Recipient which contain or otherwise reflect or are generated from such information, data, documents, agreements, files or other materials. The term “Evaluation Material” as used herein does not include information that: (i) at the time of disclosure or thereafter is generally available to and known by the public (other than as a result of its disclosure directly or indirectly by the Recipient or its Representatives in violation of this Agreement); (ii) was available to the Recipient from a source other than the Disclosing Party or its Representatives, provided that such source, to Recipient’s knowledge after reasonable inquiry, is not and was not bound by a confidentiality agreement regarding the Company; or (iii) has been independently acquired or developed by the Recipient without violating any of its obligations under this Agreement.
While this type of definition works for many situations, it may need to be revised depending on the types of information or materials the seller or target will make available. For example:
If the seller or target obtained any of the material being shared from a third party, then the seller should determine if there is an underlying agreement with that third party containing different or additional confidentiality restrictions around disclosing the material. Certain agreements disclosed as evaluation materials may also contain confidentiality restrictions under which disclosure may constitute a material breach of those agreements.
If any of the information or materials includes PII, then the exclusions around information that is publicly available may need to be clarified such that PII that might be available publicly (e.g., names, email addresses, phone numbers) is not inadvertently excluded from the definition of evaluation materials or confidential information and thus, excluded from the NDA’s protections. Depending on the jurisdiction where such PII is transferred or stored, statutory obligations under certain jurisdictions impose restrictions on the ways individuals and companies handle PII and such restrictions would apply regardless of whether PII is subject to an NDA.
Should the existence of the NDA itself, or the terms and conditions of the NDA, or the discussions or negotiations of the parties in connection with the potential transaction, also be treated as confidential? Confidentiality as to these matters is typically really important to the disclosing party, who could be harmed if even rumors as to discussions with the other party begin to circulate. If so, consider if the language is drafted such that it actually might permit either party to disclose the NDA’s existence and terms, as well as the negotiations of the parties in connection with the potential transaction (e.g., is the NDA or its terms defined as evaluation material of each party?).
3. Nondisclosure and Use Restrictions. The NDA should specifically proscribe what the buyer can do with, and how it may use, the evaluation materials, and require the buyer and its authorized representatives to hold the information in strict confidence. Typically, the NDA will require the buyer to apply the same standard of care to the seller’s confidential information as it applies to its own; however, this may not be a high enough standard depending on the type of information being disclosed.
Moreover, as noted above, if the evaluation materials contain PII (e.g., employee names/compensation), the obligations to protect the evaluation materials also need to include typical data protection standards. If the seller or target has customers, suppliers or employees in countries requiring consent to disclose such PII, then the seller should evaluate if the PII even may be made available without obtaining consent from the relevant party or individual.
It is unlikely that a seller will have the resources to do this or would want to risk publicity around a potential sale and should consider what information it may be able to disclose without consent or whether to redact such PII from the evaluation materials. For example, rather than disclosing employment agreements, the seller or target may simply disclose a form agreement used for its employees.
To avoid interpretation issues, the NDA also should clearly set forth any intended exceptions to the nondisclosure requirements. For example, instead of permitting disclosure of the evaluation materials as “legally required,” consider the more specific, “in compliance with the legal requirements of a competent judicial, administrative or regulatory authority, such as in response to a subpoena or court order, or as otherwise compelled by securities laws or stock exchange rules.”
4. Return or Destroy. The seller will want the right to require the buyer and its authorized recipients to destroy or return to it documents containing confidential information. This provides an important level of control over any copies that the buyer and its authorized representatives make, or any document that the seller or its authorized representatives create based on the confidential information. The following types of provisions may dilute the ability of the seller or target to protect its confidential information and should be considered carefully:
An NDA may contain a residuals clause designed to allow the receiving party and its authorized recipients to freely use confidential information retained in the unaided memory of their personnel. In the context of an M&A transaction, a residuals clause undermines the integrity of the confidentiality obligations in the NDA. For example, what if the evaluation material is the seller’s technology road map for its solution, including new features that may be patentable? This type of information can be easily remembered and a residuals clause may give the receiving party an out from its confidentiality obligations.
In some M&A transactions, the potential buyer may “kick the tires” on the seller’s product or solution or there may be meetings between the parties that turn into joint brainstorming sessions. In these situations, the NDA may need to have intellectual property provisions, including a license setting out the limits of such tire kicking, clarifying ownership of the IP, including any IP that may be created based upon the confidential information, and excluding any other express or implied licenses.
Particularly in light of the heightened sensitivity around confidential information in the context of an M&A transaction, as well as the recent trend toward increased scrutiny of privacy law practices by regulatory authorities, the parties in an M&A transaction can get ahead of potential issues by thinking beyond the “standard” template.