10 Common NDA Mistakes That Make Your Agreement Unenforceable

1. Vague confidential information definitions

The most damaging NDA mistake is defining confidential information too broadly or too vaguely. Phrases like all information shared or anything discussed are almost impossible to enforce because they do not give the receiving party clear notice of what they must protect.

Courts require that confidential information definitions be specific enough for the receiving party to know what they can and cannot disclose. A definition that encompasses the entirety of human knowledge exchanged between the parties is neither reasonable nor enforceable.

The fix: Use a hybrid approach — a general category definition followed by specific examples relevant to your industry and situation. For example: Confidential Information includes but is not limited to business plans, customer lists, pricing data, product specifications, source code, and financial projections.

2. Missing exclusions

Omitting standard exclusions from your NDA makes it appear unreasonable and one-sided. Courts may interpret the absence of exclusions as evidence that the NDA was not drafted in good faith.

Every NDA should exclude information that is already publicly available, information the receiving party already knew, information received from a third party without restrictions, and information independently developed by the receiving party.

Without these exclusions, the receiving party faces liability for information they obtained legitimately through other channels. This overreach can make the entire NDA vulnerable to challenge.

3. Unreasonable duration

NDAs with excessively long durations (ten years, twenty years, or perpetual for non-trade-secret information) invite legal challenges. Courts evaluate whether the duration is proportionate to the type of information being protected.

For general business information, one to five years is the standard range. Durations exceeding five years for routine business data may be deemed unreasonable. Only trade secrets warrant indefinite protection, and the NDA should clearly distinguish between trade secret and non-trade-secret information.

On the other end, setting a duration that is too short (less than one year for valuable information) may not provide adequate protection. Match the duration to how long the information will retain its competitive value.

4. No governing law clause

Failing to specify the governing law and jurisdiction leaves a critical question unanswered: which state's laws will govern the NDA if a dispute arises? Without this clause, the parties may end up litigating the preliminary question of jurisdiction before even addressing the substance of the breach.

Choose a state where NDA law is well-developed and where you have a practical advantage in litigation (such as your home state). Include both a governing law clause (which state's laws apply) and a jurisdiction clause (where disputes will be resolved).

This is one of the easiest clauses to include and one of the most costly to omit.

5. Embedding non-compete restrictions

Some NDAs attempt to include non-compete provisions disguised as confidentiality restrictions. For example, a clause stating that the receiving party shall not engage in any business activities similar to those of the disclosing party is actually a non-compete restriction, not a confidentiality obligation.

This is problematic because non-competes are subject to different (and much stricter) legal standards than NDAs. In states like California, non-compete provisions are virtually unenforceable. Including non-compete language in an NDA can potentially invalidate the entire agreement.

Keep your NDA focused on confidentiality. If you need non-compete protection, draft it as a separate agreement with terms that comply with your state's specific requirements.

6. Sharing before signing

The most common and most preventable NDA mistake is sharing confidential information before the NDA is signed. An unsigned NDA provides zero legal protection — it is simply a draft document with no binding effect.

This happens more often than you might think. In the urgency of a new business relationship, parties begin substantive discussions without pausing to finalize the NDA. By the time the agreement is signed, significant confidential information has already been shared without protection.

Make NDA execution a prerequisite for any substantive discussion. Modern e-signature tools make it possible to execute an NDA in minutes, so there is no practical reason to share confidential information without protection in place.

7. Missing return-of-materials

Many NDAs fail to include a clear return-of-materials clause that requires the receiving party to return or destroy all confidential information when the NDA expires or the relationship ends.

Without this clause, the receiving party may retain copies of your confidential documents, electronic files, and notes indefinitely — even after the NDA has expired. While the confidentiality obligations may have ended, having your proprietary information sitting on someone else's server creates ongoing risk.

A good return-of-materials clause covers physical documents, electronic files (including cloud storage), notes and summaries derived from confidential information, and copies in backup systems. It should specify a timeline for return or destruction and include a certification requirement (the receiving party must confirm in writing that all materials have been returned or destroyed).

8. Insufficient consideration

For an NDA to be enforceable, both parties must receive consideration — something of value. For new employees and new business relationships, consideration is usually straightforward (the job, the business opportunity, access to information). For existing employees asked to sign NDAs after the employment relationship has begun, consideration can be an issue.

Several states require independent consideration for existing employees beyond continued employment. If you ask a current employee to sign an NDA without providing a raise, bonus, promotion, or other tangible benefit, the NDA may be unenforceable.

The fix is simple: when asking existing employees to sign NDAs, provide something of tangible value in return. A modest bonus, extra paid time off, or a stock option grant can serve as adequate consideration.

9. Using outdated templates

Legal standards evolve. An NDA template from five or ten years ago may not reflect current legal requirements, including recent whistleblower protection laws that require specific immunity notices, state laws restricting NDAs in employment contexts, federal legislation affecting NDA scope (like the Speak Out Act), and evolving court interpretations of reasonableness standards.

Using an outdated template can result in missing legally required provisions (like the DTSA whistleblower notice), including terms that are no longer enforceable, and failing to address modern information sharing practices (cloud storage, electronic communication).

Always use current NDA templates that reflect the latest legal standards. Online NDA generators like NDANow keep their templates updated, eliminating this concern.

10. Not marking materials as confidential

While most NDAs do not legally require confidential materials to be labeled, failing to mark them creates evidentiary problems. If a breach occurs, the receiving party can argue that they did not know the information was considered confidential because it was not clearly identified.

Marking materials as Confidential — whether through document stamps, email headers, watermarks, or folder labels — creates a clear record that the information was treated as confidential. This supports enforcement and eliminates ambiguity about what was and was not covered by the NDA.

Best practice: mark all confidential documents and communications as such, even if your NDA does not technically require it. The marginal effort is insignificant compared to the evidentiary value it provides.

How to avoid these mistakes

The easiest way to avoid NDA drafting mistakes is to use a proven NDA generator that includes all essential provisions, uses current legal language, and prompts you for the information needed to create a properly customized agreement.

NDANow's generator is designed to prevent all ten of these common mistakes. It uses specific, hybrid definitions of confidential information, includes all standard exclusions automatically, sets reasonable durations based on your selection, includes governing law and jurisdiction clauses, keeps NDA terms focused on confidentiality (no embedded non-compete language), requires e-signature before sharing information, includes return-of-materials provisions, and uses current legal language with all required notices.