A non-disclosure agreement (NDA) is one of the most commonly used legal documents in business, and one of the most frequently drafted incorrectly. NDAs that are too broadly worded are unenforceable. NDAs that are too narrow leave genuinely sensitive information unprotected. Getting the scope right requires understanding exactly what you are trying to protect and what the courts in your jurisdiction will actually enforce.
This guide covers the essential clauses every NDA must include, the common drafting mistakes that make NDAs fail, and the practical considerations specific to business contexts in Malaysia and Southeast Asia.
What an NDA Actually Does — and Does Not Do
An NDA creates a contractual obligation for the receiving party to keep information confidential and not to use it for purposes other than those specified in the agreement. It gives you the right to seek remedies — typically damages or an injunction — if the receiving party breaches that obligation.
What an NDA does not do: it does not prevent someone from disclosing information. It creates a legal consequence for disclosure after the fact, not a physical or technical barrier. If someone is determined to disclose your confidential information, an NDA will not stop them — it gives you the tools to seek compensation or to stop them legally after the fact through court action.
This practical reality means NDAs are most valuable when the receiving party has something to lose if they breach — such as their professional reputation, an ongoing business relationship, or significant financial exposure from a damages claim.
Types of NDAs
Unilateral NDA
One party discloses confidential information; the other party agrees to keep it confidential. Used when a business shares information with a contractor, employee, investor, or vendor. The disclosing party is the "owner" of the confidential information; the receiving party bears the confidentiality obligation.
Mutual NDA
Both parties disclose confidential information to each other, and both parties agree to keep the other's information confidential. Used in joint ventures, merger discussions, or partnership negotiations where information flows in both directions. Mutual NDAs are often simpler to negotiate because both parties are in the same position.
Essential Clauses in an NDA
Definition of Confidential Information
This is the most critical clause in any NDA. The definition determines what is actually protected. If it is too broad — "all information shared between the parties" — courts may find it unenforceable because it does not give the receiving party a meaningful way to know what must be kept confidential. If it is too narrow, you may fail to protect information you intended to keep secret.
A well-drafted definition typically includes:
- Specific categories of information (trade secrets, business plans, financial information, client lists, technical specifications, proprietary processes)
- How information is designated as confidential (in writing at the time of disclosure, or marked "Confidential")
- Whether oral disclosures are covered (and if so, whether they must be confirmed in writing within a specified period)
Exclusions from Confidentiality
Every NDA should state what is not confidential. Standard exclusions include:
- Information that was already publicly known before the NDA was signed
- Information that becomes publicly known through legitimate means after signing (not through a breach by the receiving party)
- Information that the receiving party already knew before the NDA (and can demonstrate with prior records)
- Information independently developed by the receiving party without reference to the disclosed information
- Information that must be disclosed by law or court order (with a requirement to notify the disclosing party before disclosure where possible)
Permitted Use
The NDA should specify the purpose for which the confidential information may be used. The receiving party should only be permitted to use the information for that specific purpose — typically the evaluation of a potential business relationship or the provision of specific services. Any use beyond the permitted purpose is a breach.
Obligations of the Receiving Party
Beyond keeping information confidential, the receiving party typically agrees to:
- Limit access to the information to employees or contractors with a need to know
- Ensure those employees or contractors are bound by equivalent confidentiality obligations
- Use the same level of care to protect the disclosed information as they use for their own confidential information (and at least a reasonable standard)
- Return or destroy all confidential information at the disclosing party's request or upon termination of the agreement
Term and Termination
The agreement should specify how long it remains in force. A common structure is:
- The NDA remains active for a defined period (typically 2 to 5 years from signing)
- Confidentiality obligations for trade secrets and genuinely sensitive commercial information survive for a longer period or indefinitely
An NDA that purports to last forever for all types of information is difficult to enforce in many jurisdictions. A term of 2 to 5 years for general confidential information, with indefinite protection only for specific trade secrets, is more defensible.
Remedies and Enforcement
Include a clause acknowledging that breach of the NDA would cause irreparable harm and that the disclosing party is entitled to seek injunctive relief without having to prove financial loss. This is important because damages for a breach (lost profits from a competitor using your information) are often difficult to quantify.
Enforceability in Malaysia
Malaysian courts enforce NDA provisions that are reasonable in scope, duration, and geographical application. Key points:
- NDAs governing commercial confidential information are generally enforceable under the Contracts Act 1950
- NDAs used in the employment context (especially post-employment restrictions) are subject to the common law rule against unreasonable restraint of trade — overly broad restrictions will not be enforced
- Trade secrets may receive some protection even without an NDA under common law, but a written NDA provides far stronger and more predictable protection
Generate an NDA with Popupnote
The Non-Disclosure Agreement Generator on Popupnote produces structured NDAs covering all the essential clauses described in this guide — unilateral or mutual, with configurable confidential information definitions, permitted use clauses, and term lengths. The output is a formatted, editable document suitable for review by legal counsel before signing. Runs in your browser, no account required.