skip to Main Content

The good old non-disclosure agreement. I have to be honest – I kind of had a fascination with these for a while. More than the idea of it actually being useful or doing anything in particular, having an NDA and getting somebody to sign it made me feel like my projects (and by extension, me) were “official”. After all, NDAs were what the big companies used for their big projects with their big budgets, just like EULAs and other wonderful bits of legal cruft.

But besides making me feel more important, were they really worth messing with, or is it the project management equivalent of adding Esq. to your name?

Be excellent to each other, and sign my NDA

Be excellent to each other, and sign my NDA

When does an NDA not make sense?

Stella Garber at raises some good questions about how useful and enforceable non-disclosure agreements are on software development projects. Despite our intrinsic protectiveness over ideas that we come up with, nearly all of the big players in this arena will tell you that ideas aren’t really worth anything on their own. Sure, you may have a great way of executing, or marketing, or whatever, but even that isn’t worth anything without followthrough

We all want to believe that the idea itself is special, or unique, or an instant hit, but that is never, ever the case. A great idea doesn’t mean much without the hard work it takes to implement, refine, and promote it.

Don’t believe me? Look at any programming tutorial site. It’s pretty common to see beginner walk-throughs that clone popular sites. Here’s a TaskRabbit clone that barely requires a server. Clones of Slack are the project-du-jour. Are they full-featured out of the box? No, but the point is that with a few hours and the ability to cut/paste from a tutorial, you can have 80% of the functionality of one of these hugely successful pieces of software – and nobody will use it. If the idea was so important, every $13/hr programmer on UpWork would be a millionaire.

When I was having my WordPress search plugin developed, the idea didn’t even cross my mind, for obvious reasons. Even for premium plugin versions, you’re just distributing PHP code that anybody can view, so an NDA is a moot point. And as I mentioned above, core¬†functionality itself is fairly trivial to implement.

You can also run the risk of pissing off a good developer if you throw some onerous agreement at them right up front. They’re no strangers to the idea that execution is far more important than implementation of the idea itself, and by implying right up front that you don’t trust them, especially when doing so gets you nothing in return, could very well be a huge turn off.

Should I ever use one?

I think there is a circumstance where it makes sense. Not from an actual legal protection standpoint, but from the standpoint that the cost is so low, that you might as well, and because of the message it sends. That circumstance is when you hire a virtual assistant to help out with sensitive data. That can be either data sensitive to you and your firm, or sensitive client data.

Keep in mind that this is in no way going to replace proper vetting and research before hiring someone, but it sends a message to the contractor that the issue is important and it’s probably not worth it to them to abuse their access to your data. Because you can simply fill in a few names in the sample agreement below, I’d recommend it any time you have a contractor or hired VA working on anything where they have access to client information, whether that’s simply access to members of a mailing list, or they’re doing data-entry for you and reading hundreds of sensitive financial or medical records for your clients every day.

How likely is it that you’re going to want to incur the stress and expense of pursuing litigation against somebody in Batangas or Karachi? Not very, and that’s why hiring the right person in the first place is so important, but in the same way these made me feel more “official” when I first started managing projects, they’ll indicate to your contractors that you expect everything to be above board.

Non disclosure agreement sample

I had a lawyer draft up an NDA for use on a few different projects. The big one was some outsourcing to virtual assistants who handle some data entry and financial document labeling. Is it worth the trouble of enforcing? Will they pay attention to it? Is there any incentive for them to keep the data anyway? Again, the biggest benefit to this is it tell the contractor that this is important to you and probably not worth their time to violate, but I can’t stress enough that proper vetting and research about your contractor is a much better way to ensure you won’t have issues.

Long story short, it’s a quick and easy way to let contractors know that you mean business, particularly with projects where client info or sensitive information about your firm is being exchanged. If you’re relying on a $300/mo VA in a foreign country to do handle sensitive information, you aren’t going to have a huge amount of recourse if things go sideways, but when an agreement is a quick, easy, and free way to tell them you’re serious about the data and provides you with some CYA cred for investors and customers, it’s a no-brainer.

This agreement features a few extra clauses in case you feel they’re helpful, otherwise, they can be removed entirely:

  • Non-solicitation
  • Non-recruit
  • Return of property

The return of property clause Is the only one I’ve ever put in an agreement, and only with regards to license keys for software, not physical property.


[ulp id=”9hubX4dxeLlODjjR”]