The Tricky Business of NDAs

ZeniMax recently challenged Oculus VR over unspecified technology used in the Oculus Rift. They claim that between John Carmack leaving id Software, a subsidiary of ZeniMax, to join Oculus and Oculus having access to ZeniMax technology in the early stages of Oculus development, as well as the veritable library of know-how Carmack developed during his time at id, Oculus breached its duty to hold technical information confidential by integrating it into their own product. ZeniMax may be right. Employers generally own work produced by their employees within certain restrictions. These ownership rights are usually further bolstered within employment contracts by explicit assignments. In many cases, if you work on something while employed at a particular company, the company owns that work product. id Software claims that Carmack’s contract contained just such a clause. Under that type of contract, if he was working on a project anything he made belongs to id Software, unless an explicit exception was made.

Without seeing Carmack’s employment contract, the assignments it may or may not contain are entirely conjecture; but the non-disclosure agreement at issue is available online. It is relatively straightforward; it contains no transfer of any property or rights, and seeks to ensure that any shared information remains confidential. In conjunction with a particular type of employment contract, it could theoretically form the basis for claims like those made by ZeniMax. Whether Carmack’s transfer to Oculus leads to a settlement or litigation is yet to be seen, but non-disclosure agreements generally can be much more complex than they initially seem.

Non-Disclosure Agreements (NDAs) are some of the shortest, and possibly most common, agreements, and, as such, seem deceptively  familiar and simple. But, they are can be very complex. One thing to be aware of is who a NDA is written to protect. Some are described as mutual but actually only protect one party’s data. The individual or company providing the NDA has the power to write themselves in as the “discloser” and cast the other party as the “receiving party.” A document written this way can leave the “receiving party” open to misuse of their data or unauthorized disclosure without any recourse.

Another NDA issue cropping up more and more frequently is the re-use and misuse of NDAs. Whether a company is using the same NDA for a plethora of dissimilar purposes or an unestablished company has pulled an untested NDA off the internet, the document can be unfit for the purposes, fail to be valid in the jurisdiction, or have unnecessary complexities that bog down the relationship. Most concerning, these types of agreements often fail to protect the types of data the parties intend.

Beyond these somewhat obvious pitfalls, there can significantly trickier things in NDAs. The first of these comes up if the duty to maintain confidentiality ends with the term. Put simply, if the contract expires in one year and the confidentiality obligations do not survive termination of the agreement, all the confidential information shared throughout the course of the contract can be made public after that first year, including information given the day before the expiration of the contract as well as information that has long standing implications for future plans. NDAs are almost always intended to be temporary, but not so temporary that they fail to protect information. A NDA should last long enough to reach a formal agreement, since it’s meant to form a basis for initial conversation.

Another way a NDA can limit what information is protected is through extensive requirements for what can be considered confidential. For example, a NDA could require that confidential information be labeled “confidential” in red ink, 24.7 point font, Helvetica, and only disclosed to Bob Smith in Accounting. Anything that does not meet all these unreasonable criteria would be eligible for use or disclosure. While most NDAs are not as outlandish as the foregoing, how “Confidential Information” is defined is a very important point in the agreement. The other side of this issue is the inclusion of exceptions as to what is confidential. While certain exceptions may be legally required, some NDAs include so many exceptions that confidentiality is meaningless.

The “purpose” described in an NDA is often overlooked as legal voodoo, but it sets limits on what information can be disclosed and in what circumstances that information can be used. Further, a well written purpose can set both parties on track to a mutually beneficial long term relationship. While purposes can range from “a commercial relationship between the parties” to a “strategic relationship,” a “commercial relationship” is the language typically agreed upon.

Another thing to watch for in many NDAs is the inclusion of people not involved in the deal, third parties and affiliates. These outside parties are often excused from the limits of the NDA, and where they are included, are extremely difficult to enforce the confidentiality restrictions against. Ideally, to make it easier to find and, if necessary, legally challenge, third parties and affiliates, they are listed in the document. Where this isn’t possible, NDAs usually require third parties and affiliates be held to at least the same level of confidentiality as required by the NDA prior to the disclosure.

Some NDAs include strange provisions, the least unusual of which is a requirement that any dispute be settled in a nonstandard or biased forum, for example one with unusual laws or that is likely to give preference to one party. Another uncommon inclusion to NDAs is a license to use confidential information for testing purposes without limitation. This clause would allow a consultant, who isn’t legally bound to confidentiality, to determine how the confidential information functions and to attempt to reproduce it. Relatedly, and equally rare, some NDAs include assignments, meaning intellectual property transferred as confidential information becomes the property of the receiving party. Equally odd are indemnification provisions or restrictions on hiring practices, which, while common in business agreements or other contracts creating long term relationships, have no place in an NDA.

NDAs are necessary to conduct business while protecting ideas and technology, but they can also be deceptively dangerous. Even seemingly innocuous agreements, like the one between id Software and Oculus can lead to litigation. The shortest documents can hold the greatest power.

About Suzanne Jackiw

Suzanne Jackiw is an official contributor to Law of the Game. She’s a student at Chicago-Kent College of Law, focused on Business and Intellectual Property issues related to video game law; and, she works as a business intern with several small indie game companies and as a law clerk for The Game Attorney. She has attended many video game development conferences, including Steam Dev Days and the Game::Business::Law Summit. The opinions expressed in her columns are her own. Reach her at Suzanne[dawt]Jackiw[aat]Gmail[dawt]com.

Leave a Reply