The Non-Disclosure or Confidentiality Obligation clause can be either a separate clause or the language can be included in the definition of confidential information. The clause typically contains three elements: (a) confidentiality; (c) non-disclosure; and (b) non-use.
In the case of acquisition agreement (which will generally be governed by a separate confidentiality agreement), the provision may be general and broad, frequently prohibiting "use" of the information. However, since the term "use" is extremely broad, some provisions will add language to the effect: "except for the specific purposes contemplated by the transaction."
In the case of employment and consulting agreements, the provision typically contains more detail regarding use and protection of confidential information. In the case of service agreements, such data protection may also include data security and backup requirements.
(a) Confidentiality. Each party agrees to hold the disclosing party's Confidential Information in [strict] confidence [in accordance with the terms of this Agreement].
(b) Non-Disclosure. Each party agrees not to disclose any Confidential Information to third parties (including, without limitation, any clients, affiliates, independent contractors and consultants) without the prior, written consent of the disclosing party except as expressly permitted in this Agreement.
(c) Non-Use. Each party agrees not to use any Confidential Information for any purpose except for the Disclosing Purpose without the prior written consent of the disclosing party.
1.1 Best Efforts Standard
Use of Confidential Information. The receiving party will keep the Confidential Information in confidence and, except as expressly provided in this Agreement, will not disclose it to anyone without the disclosing party's prior written consent. The receiving party will not use, or permit others to use Confidential Information for any purpose other than for the purpose of evaluating possible business arrangements. The receiving party will use its best efforts to avoid disclosure, dissemination or unauthorized use of Confidential Information.
1.2 Protection of Confidential Information (Employee Agreement)
Employee agrees that:
(a) Employee shall not use in any manner, directly or indirectly, any Confidential Information except in promoting the Company's business, and as necessary in performing the duties of his/her employment with the Company;
(b) Employee will not use any Confidential Information for his/her own benefit or for the benefit of any person or entity other than the Company, and will not permit or allow any Confidential Information to be used in competition with the Company.
(c) During his/her employment with the Company and at all times thereafter, Employee shall take all reasonable steps to prevent any unauthorized disclosure or use of any and all Confidential Information. Employee further agrees to notify the Company immediately in the event that he/she becomes aware of any unauthorized use or disclosure of Confidential Information.
2.1 Confidentiality and Non-Disclosure
The obligation to keep information confidential incorporates the requirement not to disclose it to others and therefore the separate and additional requirement of non-disclosure is not necessary.
2.2 Standard of Confidentiality
Some agreements require a higher standards, such as holding the information in strict confidence. The obligation to hold information in confidence is clear: it means not to disclose to to others. The additional requirement of "strict" confidence adds further, but less clear requirements of data protection and security.
Alternatively, the agreement may assert liability for any breach of confidentiality obligations, such as: "The Receiving Party shall be responsible for any breach of confidentiality obligations and restrictions on use by its employees, contractors, consultants or agents."
However, such higher standards of care may set impractical standard of performance. For example, New York University, Office of General Counsel notes: "...often times, agreements require NYU (and, in the case of research agreements, the researcher) to hold documents "in strict confidence," or "use its best efforts" to protect the confidentiality of documents. Such strict language is inadvisable, as a company could construe such vague language to require unreasonably strict standards of security to which the University could not reasonably adhere." Office of General Counsel Memorandum, Confidentiality Agreements: Pitfalls to Consider, February 15, 2012.
Some agreements expressly state that despite requiring a reasonable standard of care, the parties are not liable for inadvertent disclosure. "Neither Party shall be liable for the inadvertent or accidental disclosure of Proprietary Information if such disclosure occurs despite the exercise of such care."