Friday, November 25, 2011

Confidential Disclosure Agreements and Indemnities

Can there be an indemnity clause in a Confidential Disclosure Agrement that includes indirect losses.That was a question that was posed on LinkedIN

The first question to ask is whose information is being disclosed? A Non-disclosure Agreement (NDA) or Confidential Disclosure Agreement (CDA) could be for disclosures between the supplier and the customer,.It could also cover the disclosure of a third party’s confidential information that the supplier is authorized to further disclose. To disclose another party’s information the CDA or NDA needs to allow you to share that confidential information. If it doesn't you have no right to share that information even if you were to disclose it under a CDA or NDA. If the party allows further disclosures, it will require that you have an CDA with that Customer that protects the third party's rights in their confidential information.

For information between the customer and the supplier there would be no indemnity used.Indemnities only apply to third party claims. A breach of the CDA or NDA would result in damages that are allowed in the CDA. For third party confidential information that the supplier has that they want to share with the customer,you would include an indemnification in the CDA or NDA with the customer. You want the customer to indemnify you if they breach the CDA from claims by the third party that the breach by thee customer will also be a breach of your agreement with the third party.

One suggestion is to always keep confidentiality obligations separate from any purchase agreement so that the limitation of liability and the damages can be different and so the term of the responsibility to protect the information can be different.The key in establishing limitations of liability is what types of losses will you sustain from the breach and what is reasonable. While in a purchase agreement limiting certain breaches to only direct damages may be reasonable, most of the time you don’t want to limit liability based upon third party claims as you can’t control what those third party claims may be.For a breach of confidentiality obligation the question would be what types of damages would be claimed. Any direct damages would be very small. The major damages that would be claimed would be loss of revenue, loss of profit and any consequential damages such as costs to stop any infringements or actions to enjoin the use of or further disclosure of the information. In confidentiality agreements you don’t want to limit liability for breach of the obligations. You want the information held and protected in a manner where there will not be a disclosure.

With third party information there are multiple options to manage it. You could have a separate agreement with the customer and have the indemnification included in that CDA or NDA. You could have a three way agreement, Lastly you could have a separate CDA or NDA be created between the customer and the third party. Each approach has its own benefits and risks,The separate agreement with the indemnification approach may have the advantage of not having to involve the third party in the discussion or negotiations. When you do a CDA with an indemnity you are still liable to the third party. The customer would has to indemnify you. If they don't or don't have the assets to cover the damages, you would still be liable to the third party. A three-way agreement works provided that the agreement is clear that there is no joint liability and each party is severally liable for their own breaches. That way if the customer breached the CDA or NDA the third party would need to proceed only against the customer and the supplier would not be liable for the customer’s breach. Establishing a separate CDA or NDA between the customer and the third party eliminates the supplier as a party to that transaction. Since they are not a party they would not be liable and they would not need an indemnity as the third party would need to go directly after the customer.

There may be times where you may not want to involve the third party because of the sensitive nature of the discussions between the supplier and the customer. In those cases you want no limits on liability, the indemnity, and you want to make sure that the customer has the assets and resources to stand behind that indemnity. For all other situations I would suggest avoiding the indemnity approach and have a separate agreement between the discloser and the third party.
Indemnities don't absolve you of liability and they are only as good as the company that is making the indemnity commitment,

If you learned from this post, think about how much more you could learn from the book.
The book is only US$24.95 plus shipping. The hot-link to is above the date.