I am not a lawyer. I do not even play one on TV. I have no legal training or experience in any way whatsoever. Anything noted here should be taken as business advice, not as legal advice.
After the huge response to my last entry on Non-disclosure Agreements, I was contacted by an esteemed associate of mine who is (was?) facing a similar problem.
The situation is pretty common: He is entering an agreement with an organization which will use his software to supplement their own business practices. As a result, they want to know in detail how the software works. This all seems pretty sensible, but the wrinkle is that in the meantime they are using their own tool to do the analysis.
Here are some of the interesting aspects I see…
First of all, no NDA or non-compete is “airtight”. If you believe that your contract has covered all possibilities, situations, and options, you're either deluding yourself or you've paid for your attorney's boat and you're still deluding yourself. This is not a tirade against lawyers. Having a proper agreement in place can protect you and/or your customers/partners/employees from many things and I don't do any business with someone without having all the terms enumerated and approved by everyone. You just have to remember that a contract is to business as a condom is to sex. It provides some protection, but the only 100% tried and true method for 100% protection is to just not participate.
When I began CaseySoftware, I started with a contract from Nolo.com and had it reviewed by an attorney. Sure, you can easily go with the base package, but having some of the terms and conditions customized for your local jurisdiction, specific business, and your business practices will help you sleep better at night if you ever have to use it.
Next, if you want to stay competitive, you have to protect the “secret sauce”. There are lots of strategies for doing this. You could go the DMCA route and smack anyone who ever gets close to figuring out and/or attempts to reverse engineer it, but this in not a way to make friends or influence people (positively). Alternatively, you could go the Creative Commons route which encourages people to hack, expand, and play with your IP as long as proper attribution is given and they don't sell it. This normally applies to content, but the concept is the same.
I normally go a third route. I break the process down into all the various steps, determine which steps are special and involve proprietary methods or processes, and finally simplify these pieces to black boxes which a high-level explanation. When I put the entire process back together, I have identified every piece which should only get the high-level explanation and every piece which I can go into detail about. If you prepare this in advance, you might still get stuck saying “I'm sorry, I can't get into that”, but you know exactly where the lines are and you're not protecting irrelevant aspects.
Finally, most agreements need some “good faith” involved. From Wikipedia:
Good faith, or in Latin bona fides, is the mental and moral state of honesty, conviction as to the truth or falsehood of a proposition or body of opinion, or as to the rectitude or depravity of a line of conduct, even if the conviction is objectively unfounded. This concept is important in law.
For those of us without a law degree, this means “when someone agrees to the terms, they're not planning to break them and they don't have their fingers crossed”. This all comes down to trust. If you're signing an agreement with someone who has complaints from regulatory agencies, “forgets” his wallet when you meet for drinks, or quibbles over every little term of the contract, you might consider moving along. Alternatively, if this is someone you went to college with, have known for 10, 20, or more years, or comes recommended from trusted associates, it's a whole other story. In this area, you have to go with your gut instincts.
I've gone against my gut instincts on three occassions and have regretted every single one. The first time, I did some major upgrades and cleanup for a dating website in exchange for graphic design services. That was over a year ago and I'm still waiting. The second time, I worked with some “house-flippers” in exchange for a credit towards purchase of a home. That was over 7 months ago and I'm still waiting. The final one was performing a revamp of a site to improve traffic. The customer didn't get the concept and the site shriveled. Every single time, I didn't go with my instincts and every time, it was a nightmare.
So what does it boil down to?
Simple… can potential business partners/customers be trusted? And regardless of how much you trust them, you must determine which things will and will not be shared.