BeforeSigning
SampleStart Now
All guides
May 12, 2026Researched by the BeforeSigning editorial team

NDA explained (2026): what it actually says, when to sign, and what to negotiate

Quick answer: A non-disclosure agreement (NDA) is a contract that requires you to keep specified information confidential. In 2026, there are four common types: mutual NDA (both sides protect each other's information), one-way NDA (only you have confidentiality obligations), employment NDA (embedded in offer letters and onboarding), and transaction NDA (used for M&A and partnership discussions). The five clauses that most often get abused: overly broad definition of "confidential information," excessive duration (5+ years), residuals clauses that grant the other party use of what they learn, non-compete language disguised as confidentiality, and assignment clauses that let the counterparty transfer the NDA to anyone. Most NDAs are negotiable, especially mutual versions. Refusing to sign an unreasonable NDA is sometimes the right move.

A startup founder is invited to discuss a potential partnership with a Fortune 100 company. Their legal team sends a one-way NDA: founder agrees to confidentiality on all information shared by the Fortune 100, indefinitely, with broad residuals language giving the Fortune 100 unlimited use of any information the founder discloses. The founder almost signs it — it looks like standard boilerplate. Their attorney spots the asymmetry: the Fortune 100 has zero confidentiality obligation while the founder is locked indefinitely. They counter-propose a mutual NDA with a 3-year duration. The Fortune 100 agrees within an hour. The partnership conversation proceeds, with both sides protected.

This is the most common NDA pattern. The drafting party (almost always the larger party) sends a maximally favorable version expecting you'll sign without reading. Most don't read. The ones who read can usually negotiate substantially. This guide covers the four NDA types, what each clause actually does, what's enforceable, and the specific redline language to propose.

Key takeaways

  • Four common NDA types in 2026: mutual, one-way, employment, and transaction. Each has different conventions.
  • Always prefer mutual. If you're being asked to sign one-way, ask why and propose mutual unless there's a clear reason (e.g., you're a vendor with no information of your own to protect).
  • Duration matters. 2-5 years is standard. Indefinite or "in perpetuity" terms are predatory unless the information is genuinely a trade secret.
  • Definition of "confidential information" should be limited to information specifically marked, designated as confidential at time of disclosure, or that a reasonable person would understand to be confidential. Blanket "all information learned during the relationship" is too broad.
  • Residuals clauses are sometimes hidden — they let the counterparty use what they remember from your disclosure. Worth striking unless mutual.
  • Federal trade secret protections (Defend Trade Secrets Act 2016) include whistleblower carve-outs that override conflicting NDA language.

Part 1: the four NDA types

Mutual NDA

Both parties have confidentiality obligations to each other. Standard for:

  • Partnership discussions where both sides share confidential info
  • Joint development agreements
  • Vendor-customer relationships where both share business data
  • M&A early-stage talks

Default to mutual whenever both sides will be sharing anything sensitive.

One-way NDA

One party has confidentiality obligations; the other doesn't. Reasonable in narrow cases:

  • Job interviews where the candidate is signing pre-disclosure of company internals
  • Service vendor receiving customer information without sharing their own
  • Investor due diligence reviewing company materials

In most other cases, one-way NDAs disguise an asymmetric power dynamic. Push for mutual.

Employment NDA

Embedded in offer letters, employment agreements, and onboarding packets. Restricts what employees can disclose during and after employment.

Most expansive type in practice — covers ongoing access to confidential information for years. Often combined with non-compete and non-solicit clauses (creating a "restrictive covenants" bundle).

State law constrains employment NDAs in some jurisdictions (California, New York, Washington have stricter rules). Federal law (Defend Trade Secrets Act) requires whistleblower carve-outs.

Transaction NDA

Used in M&A, financing rounds, and major commercial deals. Often elaborately negotiated by attorneys on both sides. Common features:

  • Specific "Permitted Purpose" defining how the information can be used
  • Detailed handling and destruction protocols
  • Multi-tier obligations (board members, advisors, employees who learn the information)
  • Specific carve-outs for information that becomes public independently

Transaction NDAs are usually fair-form because both sides have attorneys involved. Most contention is around duration, residuals, and the Permitted Purpose definition.

Part 2: the 9 clauses that matter most

Clause 1: definition of "confidential information"

What it says: defines what information is covered by the NDA.

Fair definition: "Confidential Information means information that is (a) marked as confidential at the time of disclosure, (b) identified as confidential within 30 days of oral disclosure, OR (c) that a reasonable person under the circumstances would understand to be confidential."

Predatory definition: "Confidential Information means any and all information of any kind disclosed by either party to the other during the term of this Agreement, including but not limited to business plans, technical information, financial information, personnel information, customer information, and all other information of any nature whatsoever."

The predatory version captures literally everything, which makes any conversation potentially a breach.

What to negotiate: require marking or notice for written disclosures; require a "confirming memo" within 30 days for oral disclosures.

Clause 2: duration / term

What it says: how long the confidentiality obligation lasts after the relationship ends.

Fair term: 2-5 years post-disclosure for general business information. Trade-secret protection can be indefinite under separate trade-secret law.

Predatory term: "in perpetuity," "indefinitely," "until information becomes public" with no carve-out for natural information aging.

What to negotiate: explicit time limits (3-5 years post-disclosure for general confidential info; longer permissible for genuine trade secrets like formulas, source code, customer lists).

Clause 3: permitted purpose

What it says: what you're allowed to do with the disclosed information.

Fair language: "The Receiving Party may use Confidential Information solely for the purpose of evaluating a potential business relationship between the parties."

Predatory language: very narrow purpose definitions ("solely for the purpose of evaluating the specific potential transaction described") combined with broad confidentiality, which can prevent you from using common knowledge later.

What to negotiate: purpose language broad enough to cover legitimate follow-up activities (sharing with advisors, internal evaluation, etc.) while still being limited to the relationship at hand.

Clause 4: exclusions from confidentiality

Standard exclusions that should always be in your favor:

  • Information already known before disclosure (with documentation)
  • Information independently developed without reference to the disclosure
  • Information that becomes publicly known through no fault of yours
  • Information rightfully obtained from a third party without confidentiality obligation
  • Information required to be disclosed by law, regulation, or court order (with notice to disclosing party where permitted)

Red flag: NDAs that omit one or more of these standard exclusions.

Clause 5: residuals

What it says: sometimes hidden in NDAs. Permits one party (usually the larger one) to use information that "remains in the unaided memory" of their personnel.

Fair residuals: mutual residuals (or no residuals clause at all). If one party gets to use what they remember, the other side should too.

Predatory residuals: one-way residuals favoring the large party. Combined with broad confidentiality on your side, this is the worst case: they get to use what they learn from you, but you can't use what you learn from them.

What to negotiate: strike entirely, or make mutual.

Clause 6: assignment

What it says: whether the NDA can be transferred to third parties.

Fair language: "Neither party may assign this Agreement without the prior written consent of the other party, except in connection with a merger, acquisition, or sale of all or substantially all assets."

Predatory language: broad assignment rights for the counterparty (often the larger entity), but not for you. Or "the Receiving Party's obligations transfer to its successors and assigns" — meaning your confidentiality obligation follows you forever, but their confidentiality protections can be transferred to anyone.

What to negotiate: mutual assignment restrictions.

Clause 7: remedies and injunction

What it says: what happens if either party breaches confidentiality.

Standard provision: monetary damages plus injunctive relief (court order to stop the breach). Usually fair — confidentiality breach often requires immediate stop-action.

Predatory variant: liquidated damages clauses that pre-commit you to specific dollar amounts on breach (e.g., $100,000 per breach). These shift risk asymmetrically to you.

What to negotiate: strike liquidated damages; rely on actual-damages standard.

Clause 8: governing law and venue

What it says: which state's law governs the agreement and where disputes must be litigated.

Fair version: governing law from a jurisdiction with reasonable confidentiality law (Delaware, New York, California for most commercial). Venue in a neutral location or each party's home jurisdiction.

Predatory version: governing law and venue exclusively in the disclosing party's home state, forcing you to litigate in their backyard.

What to negotiate: for cross-border deals, propose a neutral jurisdiction; for in-state deals, the home state of either party is typically fine.

Clause 9: whistleblower carve-out

What it says: confirms that nothing in the NDA restricts your right to report illegal activity to government agencies.

Federal requirement: the Defend Trade Secrets Act (DTSA) of 2016 requires NDAs that may apply to trade secret-related information to include a whistleblower notice. Most modern NDAs include this; older or aggressive drafts may not.

Required language: notice that the employee has a right to report illegal conduct to law enforcement, regulatory authorities, or self-regulatory organizations, and is immunized from civil and criminal liability under federal and state trade-secret laws for such disclosures.

Red flag: any NDA without this carve-out is likely unenforceable on its trade-secret provisions, and the absence suggests the drafting party hasn't updated their forms in 8+ years.

Part 3: when to refuse an NDA

Sometimes the right answer is "no."

Don't sign if:

  • You're at a job interview and the NDA prevents you from talking about the company being a candidate or the interview content for years. Reasonable interview NDAs are narrow (don't disclose what specific technical problems we discussed); broad ones can prevent you from even mentioning you interviewed.
  • The duration is indefinite without a trade-secret justification.
  • There's no whistleblower carve-out, signaling the drafting party hasn't updated their forms in years.
  • The counterparty refuses to negotiate on basic mutuality, exclusions, or duration.
  • The "Permitted Purpose" is so narrow that signing would prevent legitimate follow-up activity.
  • You can't afford the legal review for a high-stakes NDA (e.g., $50M M&A discussion) and don't trust the form.

Acceptable to sign without negotiation:

  • Routine vendor NDAs with mutual terms and 2-3 year duration
  • Interview NDAs with narrow scope (specific products/technologies discussed)
  • Partnership exploration NDAs that are clearly mutual and have reasonable Permitted Purpose

Part 4: post-signing best practices

After signing any NDA:

  1. Keep a copy of the signed NDA and any related communications.
  2. Inventory what was disclosed: keep notes on what specific information you learned (and disclosed), so later "did we cover X?" questions are answerable.
  3. Maintain separation: don't intermingle confidential information with your own work product. Use clearly labeled folders / repositories.
  4. Train anyone you share with: if your NDA permits sharing with internal team members or advisors, make sure they understand the confidentiality obligation flows to them.
  5. Note duration: calendar the expiration date so you know when the obligation actually ends.

Part 5: when an NDA dispute happens

Most NDA breaches are handled through informal discussions and cease-and-desist letters rather than litigation. Common scenarios:

  • Inadvertent disclosure: you mention something in a sales meeting that you forgot was covered. Usually resolved with apology and "won't happen again" commitment.
  • Employee changing jobs: former employee takes confidential information to a new employer. May trigger trade-secret litigation in addition to NDA breach.
  • Public disclosure: confidential information ends up in a press release or LinkedIn post. Triggers cease-and-desist; may escalate to lawsuit.

The cost of NDA litigation is high (typically $50K-$500K+ in legal fees). Both sides usually prefer to settle quickly. The strongest defense against NDA disputes is documentation — what was disclosed, when, under what understanding, and what you did with it.

Editorial methodology

This guide describes common NDA practices in 2026 U.S. commercial and employment contexts. State-specific rules (notably California's restrictions on employee non-disclosure provisions that limit discussing illegal conduct, New York's restrictions on settlement NDAs covering harassment) substantially modify the analysis in specific contexts. Federal law (Defend Trade Secrets Act 2016) requires whistleblower carve-outs in trade-secret-related NDAs. This guide is informational, not legal advice — for transactions involving NDAs in M&A, large commercial deals, or sensitive employment matters, retain an attorney. Last reviewed: 2026-05-12.

For other contract review topics, see Every contract clause you should never sign without reading, The 11 contract clauses that cost the most, and Should I sign a non-compete?.

For NDA-related employment considerations (offer letters often contain NDA-equivalent confidentiality clauses), see Offer letter red flags in 2026. For situations where confidentiality and resume content interact — particularly when interviewing for competing companies after signing strong NDAs — see How to tailor your resume to a job description.

Ready for a verdict on your own situation?

BeforeSigning gives you a specific, dollar-amount analysis tailored to you in about 30 seconds. One-time $9.99, no account, no subscription.

Get My Contract Summary — $9.99