
Ask HN: Should I Sign an NDA?? - throwawaytmrrw
I&#x27;m a founder who freelances to support my startup. I&#x27;m in talks with a client to build a &#x27;Fintech app to assist with personal financial planning.&#x27;<p>My company is in the blockchain space and there is a low chance of any conflict.<p>The potential client is a director at a wealth management firm. She&#x27;s requested that I sign an NDA before we meet.<p>Should I sign it??
======
tptacek
NDAs are practically universal in the software consulting market. It would be
borderline unprofessional† to refuse to sign one on principle. Two things you
can do if you're really worried about this: (1) offer your own MNDA instead of
their paper, or (2) pay $300 or so to get a lawyer to review their NDA.

If you go with option (2), you can buy yourself a little time to try to
qualify the client prospect by saying you'll sign an NDA, but you'll have to
have it reviewed at some expense before signing, so you'd like to make sure
there's an actual deal there before signing.

† _This is probably not exactly the word I want to use here._

~~~
bahjoite
> NDAs are practically universal in the software consulting market.

Please would you explain what you mean by "practically universal".

~~~
oevi
Not OP, but also in software consulting. Working with software means in most
cases working with customer data, which is sensible by nature (either because
it contains some kind of knowledge or employee details).

------
binarymax
That depends. What does the NDA say and what are the clauses?

NDAs are typical when sharing perceived sensitive information. If the clauses
are wholly about protecting that information transference and not otherwise
binding you, then consider it. If the NDA clauses would restrict any further
business by you in the market or domain, then run.

 _IANAL - if you have access to one and can afford one - do that_

~~~
tptacek
An NDA that restricts future business is a non-compete. It's a valid point:
businesses do sometimes sneak noncompete language into IP agreements, which
are sometimes what they mean when they say "NDA".

You can clause-by-clause compare an NDA to your own standard MNDA and, if
you're not confident they're basically the same document, offer your own MNDA
instead of theirs.

------
tlogan
If you are consulting you should already have your own version of NDA and
lawyer which will do necessary review of their NDA. Many gigs require NDA. In
some cases it is just a checkbox so that big bosses are happy so you cannot
assume that the client is "pain in the neck".

Regarding your startup, my personal opinion is that it is not smart to work on
gig which is in fintech while you are working on fintech startup. It is just
not worth trouble. Even if you do not sign NDA. Find some other gig. This my
personal opinion.

------
BatFastard
Some folks seem to be a bit crazy about NDAs on both sides. As someone who has
asked and been asked many times. I would say thoroughly read the NDA, make
sure it allows for knowledge that is already public, and knowledge that you
already have (esp on block-chain). Its reasonable to keep financial data
confidential, likewise proprietary idea's. So as long as its reasonable there
is no reason not to sign it.

~~~
dtnewman
Like many others here, I'm not a lawyer, so don't take this as qualified legal
advice.

But yes, I totally agree here. I once lost out on a great opportunity because
I was stubborn about signing an NDA that probably would have had zero effect
on my future work. In reality, it's usually a formality that companies make
you sign to protect themselves. Or maybe because their investors demand it.
But most companies aren't looking to sue you and most people signing NDAs
aren't looking to screw over the companies they do work for. But yes,
occasionally companies do come across someone who is up to no good (e.g. an
unscrupulous consultant who also does work for a competitor) and in those rare
cases they want the NDAs there to protect themselves.

------
joelennon
Do you have investors? Check any documents or shareholders agreements you've
signed to make sure you can actually do this type of work without breaking an
existing contract. At the very least you may need written permission from your
investors in order to go ahead.

As for signing an NDA, I've found that often people who require them are
pedantic about unimportant things and difficult to work with, so unless there
is a very good reason they'd need one I'd be very cautious about getting
involved.

------
zekevermillion
One should have a strong bias against signing an NDA, or indeed anything at
all, as a condition of hearing about a possible gig. Most clients, especially
individual clients, should be able to describe what they need in a non-
confidential way prior to agreeing on terms. Once you know what's expected,
and what's in it for you, then it is normal to sign a work-for-hire agreement
that contains NDA terms. If you're a free software person, you might find that
objectionable as well but that's more of a personal ethical choice, and if
you've made that choice you would likely not be entertaining this current gig
in the first place.

------
dave_sullivan
For that situation, I wouldn't. If I'm visiting someone at a Fortune 500,
yeah, I usually have to sign one at the door. If it's someone with "an idea",
I won't sign them.

I've literally walked away from deals because of pissing contests over signing
an NDA. But sometimes I say screw it and just sign it if I'm already
interested in the work; although in that case, I make sure it's a mutual-NDA.
Pick your battles and all that.

But here's the thing: they're a bad way to start a prospective relationship
and unenforceable. So it shows that the person you're talking to is a)
litigious and b) doesn't understand how the law works. Those are people I tend
to avoid.

I'll also say this: I've never signed an NDA and then been told something I
didn't know already.

~~~
tptacek
Why do you believe NDAs are "unenforceable"?

~~~
dave_sullivan
I should add "under california law". But it's very hard to prove anything, and
whether you end up winning or not, it's expensive.

Of course there's nuance there, but in the case of "Hello contractor, I've got
an idea and I want you to sign an NDA for me to tell you about my predictive
analytics solution", unless the contractor literally steals the name of the
company and weirdly specific plans you provided in writing, there is no case.
And even if there was a case, do you have tens of thousands of dollars to
chase it?

Is there a famous case where an NDA became a key factor? I think Facebook
would be the one everyone thinks of, but that wasn't a case of an NDA, there
was a lot more going on there. But if Mark had just said "Actually, I'm
severing any business relationship and starting an entirely new codebase,
company, etc. by myself" he probably would have been fine. Especially in
California.

~~~
tptacek
You're describing the only case in which an NDA would legitimately be
enforceable, and acknowledging that they're enforceable in that case.

As I said elsewhere on the thread: it's true that some companies try to sneak
more general IP agreements into NDAs, including noncompete clauses, but the
terms of a standard MNDA are pretty straightforward.

------
joezydeco
_My company is in the blockchain space and there is a low chance of any
conflict._

How are you 100% sure of that if you haven't heard the idea from your
potential client?

------
joshmanders
I personally won't sign an NDA without a non-refundable $10,000 deposit.

Not worth my time to go through those hoops. If they think their stuff is so
snowflake special and need to protect it with an NDA, they can pay my fee for
signing an NDA.

~~~
tedunangst
Of the times you have proposed NDA in exchange for a fee, what were the
outcomes? They pay? They walk? They waive the NDA?

~~~
joshmanders
Walked. Apparently their idea wasn't worth $10k. Or they probably didn't think
their idea was worth paying 2x hourly rate on top of the deposit.

NDA's and Non-Competes both change my requirements.

Without them my rates are $150/hr with 40 hours pre-paid upfront to discuss
the project. When we move forward those 40 hours are credited to them.

If non-compete/NDA is involved, my rate goes to $300/hr with non-refundable
$10,000 deposit that does not translate to credits.

~~~
ry4n413
Hey Josh, This was very helpful. Ryan

------
dude01
I dunno, the fact that your startup is in the blockchain space is a little too
close to banking/fintech for my tastes. PLUS, larger companies don't have a
problem abusing NDAs if they can get something out of it.

~~~
tptacek
Why does it matter how close the spaces are?

~~~
dude01
Because then it's more likely to have overlap between their startup and the
NDA content. And the more overlap, the easier it would be for them to threaten
about NDA breach in the future.

The most likely scenario: if their startup does really well and becomes
popular, you can be sure that this company with the NDA will look and see if
they can grab some money with a lawsuit threat.

------
4258HzG
One thing to consider is if the client you're dealing with requiring it, or is
their firm requiring it by policy? If it's the later, the kind of leeway
you'll have in terms of getting appropriate terms signed off by their legal
team is quite different.

For example, for early discussions a mutual disclosure agreement is another
nice way to get compliance with a company's standard legal terms (ie. both
parties agree to not reveal anything confidential or sensitive), and can be
useful to get things started far enough to get upper management support
required to make exceptions to their standard legal procedures. (I've been in
the situation where my and a supplier's legal team's where far and distant
enough from a project not to prioritize resolving incompatible differences in
standard contract terms for months eventually requiring a loud "nudge" from
upper management behind a closed door.)

~~~
tptacek
This will be the case at virtually any firm that (a) has a lawyer either on
staff or retainer and (b) works with customer private data of any sort. There
won't be any leeway whatsoever from firms like these on NDAs.

~~~
4258HzG
That is basically the case that the person you're talking to requiring it
(small company), if the 'contract' is basically a substitute for a hire, or if
programmers are viewed there as fungible goods.

For companies large enough to have a large bureaucracy of legal staff whose
standard terms are a Byzantine compromise of many different departments /
businesses requirements / and past initiatives. Then local legal aids will
typically had a fixed set of options of types of contracts they'll entertain
quickly (in order to get anything done). For example, they might have a mutual
disclosure agreement on file. Later, if the questioner offers something
important enough to get upper management's attention minor modifications can
be made within limits. Then again you have to offer something unique and
important for that to happen.

------
pm24601
Only if you can carve out exceptions for things related to your work in
blockchain. See a lawyer, for real.

But most importantly, find a lawyer that can balance your needs and what is
practical.

For example, real world here. I was signing a contract with a contracting
house to work at a big bank. The lawyer told me: "This is a basic - screw-you
one-sided contract. But don't worry too much about that - because the more
one-sided sometimes the better when you go to a judge. HOWEVER, these 3 items
you MUST get changed."

One of the specific things I remember is the phrase "related to" because in
software everything is related to everything else in a legal sense. (IANAL)

Contrast this with a well-meaning, less experienced lawyer friend who said -
you have to change everything - it is a horrid contract.

Because I was very specific, and could clearly articulate the reason for the
changes - the changes happened. But big difference between the 2 different
lawyers' suggestions.

------
drawkbox
NDAs that just cover exact work you are doing for the client and protection of
their clients are fine. Really most just want you not talking about what you
are doing with the client to others or taking their clients.

Non-competes are the problem and a huge anti-innovation monster out there
lurking to get you. They can appear in NDAs, contract agreements and
standalone. Refuse to sign these or make sure they ONLY last as long as the
contract itself if you must. Some clients try to get you to sign a non-compete
for 2+ years on 3-month contracts, many times they are just sending on a
default template but some do it on purpose. That is just blatant ownership
especially when you come on to transfer knowledge and skills to them in
building up their products. They can own the work you do for them because they
paid for it, but don't let them own you.

------
akulbe
I have a _much_ bigger issue with non-compete agreements than I do with
signing an NDA.

Yes, I'm happy to treat confidential information confidentially.

Don't mess with my ability to earn a living, though. That's what non-compete
agreements seem like, to me.

¯\\_(ツ)_/¯

------
dangerboysteve
I guess that would depend on the nature and scope of the NDA. I would be more
concerned about the contract you'll get from the wealth management firm. It
may have some boilerplate about everything you develop is our property.

------
dmalvarado
That's not uncommon, and I work for a wealth management firm. All consultants
sign NDA's if they are going to pitch services to us. But, you'd be surprised
at which companies are looking into blockchain..

------
leecarraher
I would ask for a pre-meeting before signing anything. then they have to
decide what they want to share. And maybe in the meeting you can figure out
whether or not you want to pursue a contract with them.

------
EduardoBautista
Find a lawyer and get an NDA made that you can use with your clients. It's
almost always better to use yours than theirs, as there is a smaller chance
for surprises.

------
killjoywashere
My org signed one NDA with BigCorp, and I watched a sister org on the same
project with more leverage not sign an NDA, and have the same level of
engagement and more leverage by not being yoked to an NDA.

There's a pro-con to it, no doubt. If you think you have leverage, skip it. If
you don't have leverage, probably easy enough to eat it.

------
droithomme
Has she also agreed to sign your NDA as well? Given your position as a
founder, it's more important that she sign a binding NDA than you sign any NDA
from some potential client. It seems she has things very backwards and is a
confused person. She should sign your NDA. You should not sign hers.

~~~
tptacek
The norm here would be for the NDA to be mutual. Yes, don't sign a unilateral
NDA. Sure: if a prospect offers a unilateral NDA, you could consider that a
red flag. In ~12 years of consulting, I've never seen that happen; even the
janky NDAs that include noncompete language have had mutual NDA language.

If their NDA is basically the same as your NDA, it's not worth fighting to
make sure you're signing your paper and not theirs.

------
user5994461
No...

Unless you read and understand ALL of it and there is no crazy terms in it.

------
ajarmst
Non-disclosure agreements have become pro-forma. They're as expected as
handshakes in any early meeting between people who might discuss intellectual
property. And in IT, _any interesting conversation_ is by definition
intellectual property. So, you don't have to sign it, but then you don't get
to have interesting conversations.

------
tmcpro
I wrote about exactly this: [https://medium.com/startup-study-group/why-i-
wont-sign-an-nd...](https://medium.com/startup-study-group/why-i-wont-sign-an-
nda-4193aeda7251)

~~~
old-gregg
Mm... no. You wrote about a completely different problem. Signing an NDA for
an _idea_ is indeed not a good idea. In the case of OP there's an established
business with, presumably valuable, internal information to be revealed to a
contractor (vendor). NDAs are understandably common/expected in cross-vendor
relationships.

