The instinct to ask for an NDA before sharing a business idea is understandable. You worked on it, it feels valuable, and you do not want someone running off with it. But whether an NDA actually helps depends on what you are sharing, who you are sharing it with, and what you put in the agreement itself.
This article covers when an NDA makes sense, when it gives false confidence, what federal law requires in any NDA you use with a contractor or employee, and what a well-constructed NDA should contain. The relevant tool is our NDA builder — but first, the substance.
When an NDA actually helps
An NDA is most useful when the information you are sharing has concrete, documentable value that is not already known or publicly accessible. The clearest cases:
Sharing unreleased product specs with a vendor you are evaluating. Sharing pricing, customer lists, or financial data with a potential partner. Onboarding a contractor to work on proprietary code or designs. Preliminary acquisition or partnership discussions where both sides reveal sensitive details.
Protecting a general business concept — "an app that connects dog walkers with owners" — which courts typically will not treat as a trade secret. Sharing with investors who routinely decline to sign NDAs at the early pitch stage. Situations where the "secret" is already known or could be reverse-engineered from public information.
The underlying legal protection is trade-secret law. Under the federal Defend Trade Secrets Act (18 U.S.C. § 1839), a trade secret must (1) derive independent economic value from not being generally known, and (2) be subject to reasonable measures to keep it secret. An NDA is one of those reasonable measures — it is evidence that you tried to protect the information. But it does not transform a generic idea into a protectable secret.
What most NDAs miss — and what federal law requires
Under 18 U.S.C. § 1833(b), any NDA or confidentiality provision used with an employee or contractor must include a written notice that the receiving party cannot be held liable for disclosing a trade secret to a government official or attorney in order to report a suspected law violation, or in a court filing made under seal.
If your NDA leaves this out, you lose the right to seek exemplary (punitive) damages — up to twice actual damages — and attorney fees in DTSA litigation, even if the other party willfully stole your trade secrets. This is not optional boilerplate. It is a federal statutory requirement.
Most downloaded NDA templates skip the DTSA whistleblower notice entirely. The downstream consequence is concrete: if you ever need to enforce the NDA in federal court, you cannot recover punitive damages or attorney fees, even if you win on the merits. Clausio adds this notice automatically and flags it if it is missing — you can generate a clause-checked NDA here.
What a solid NDA should include
These are the clauses that matter in a well-constructed NDA. Each one closes a specific gap.
1. A precise definition of confidential information
The definition needs to cover the right scope: too broad and courts may find it unenforceable; too narrow and your actual secrets are not covered. The definition should align with the DTSA's trade-secret definition — information with independent economic value, protected by reasonable secrecy measures (18 U.S.C. § 1839).
Oral disclosures are often excluded from boilerplate NDAs. If you will be sharing information verbally, the NDA needs to explicitly cover oral disclosures, typically with a follow-up written summary requirement.
2. Permitted purpose
This clause limits what the receiving party can do with your information — evaluation only, for instance, or use only in connection with the specified project. Without it, a court may find that the receiving party was free to use the information competitively as long as they did not technically "disclose" it to a third party. The DTSA defines misappropriation to include use as well as disclosure (18 U.S.C. § 1839(5)).
3. Standard exclusions
Every enforceable NDA needs carve-outs for information the receiving party: already knew before signing, learns from a third party who had no obligation of confidence, independently develops, or is required by law to disclose (with notice to the disclosing party where possible). Without these exclusions, you create compliance obligations the other party cannot meet, which courts use to undercut enforcement.
4. Duration — and why "forever" is a problem
Courts in New York, Texas, Delaware, and Massachusetts have declined to enforce perpetual confidentiality obligations on ordinary business information. They find it an unreasonable restraint.
Best practice: trade secrets protected indefinitely (the DTSA has no statutory expiry under 18 U.S.C. § 1839), and other confidential information subject to a fixed two-to-five-year window. This bifurcated approach is both legally sound and practically reasonable.
5. Return or destruction of materials
When the agreement ends, what happens to the information? Without a return-or-destroy clause, confidential documents and data can sit in the other party's systems indefinitely. A well-drafted NDA requires the receiving party to return or certify destruction of all confidential materials, including copies and electronic records (18 U.S.C. § 1836(b)(2) gives courts the power to order ex parte seizure in DTSA cases, but a contractual obligation is much cleaner).
6. Remedies — including the right to seek an injunction
Money damages often cannot fix a trade-secret disclosure after the fact. Once the information is out, it is out. An injunction clause states explicitly that breach causes irreparable harm and that the disclosing party can seek an injunction without posting a bond. The DTSA also allows exemplary damages of up to twice actual damages and attorney fees for willful misappropriation — but only if the DTSA § 1833(b) whistleblower notice is included (18 U.S.C. § 1836(b)(3)(C)).
7. Governing law
This matters more for NDAs than for most contracts. California, Delaware, and New York differ on irreparable-harm stipulations, NDA duration enforceability, and whether non-solicitation clauses embedded in an NDA get treated as void non-competes (California is aggressive on this under Cal. Bus. & Prof. Code § 16600). Choose a state with a substantial connection to the parties or the transaction; courts apply the Restatement (Second) of Conflict of Laws § 187 test.
Get a clause-checked NDA — free to preview.
Answer five questions. Clausio drafts a tailored NDA — mutual or one-way — with the DTSA whistleblower notice, standard exclusions, and bifurcated duration included. Flag every missing clause before you download.
Create my NDA free →Mutual vs. one-way — which do you need?
A one-way (unilateral) NDA binds only the receiving party. Use it when you are the only one sharing confidential information — pitching an idea to a developer you are evaluating, for instance, or onboarding a contractor to work on your IP.
A mutual (bilateral) NDA binds both parties. Use it when the conversation is two-way — partnership discussions, joint ventures, or due diligence where both sides reveal sensitive details. Mutual NDAs are generally accepted by both parties without friction and provide symmetric protection, which is why they are often the default choice when you are not sure.
The NDA template page has a fuller breakdown of both types, and the NDA builder lets you choose and adjust before downloading.
What an NDA cannot do
An NDA is a contractual obligation — it does not make information physically confidential, and it does not prevent disclosure. It creates a remedy if the information is disclosed. That remedy is most valuable when the disclosing party can prove: (1) a specific obligation existed, (2) specific confidential information was disclosed, and (3) the receiving party violated the obligation.
Courts are skeptical of claims that a general business idea was stolen. The more specific and documented the information, the stronger the claim. The NDA is the legal framework; the documentation of what was shared and when is equally important.
A note on this article
The legal citations here are sourced from publicly available primary sources: law.cornell.edu (LII) for federal statutes, with California's legislature site for state law. This article is for general educational purposes — it is not legal advice and does not account for your specific jurisdiction or circumstances.
Not legal advice. Clausio is an AI-assisted document drafting tool — not a law firm and not a substitute for a qualified attorney. Using Clausio does not create an attorney-client relationship. Nothing on this page constitutes legal advice or a legal opinion. For advice about your specific situation, consult a licensed attorney in your jurisdiction. Full disclaimer →
Related resources
- NDA template — full clause breakdown with legal basis and a free AI-drafted preview
- Build your NDA → — mutual or one-way, with the DTSA notice included
- Freelance contract template — for when you also need the underlying engagement covered
- What clauses does a freelance contract need? — including the confidentiality clause that pairs with your NDA
- Independent contractor vs. employee — the DTSA §1833(b) notice requirement applies when your NDA is used with a contractor