• Advertisement
Sign in to follow this  

Non-Disclosure Agreements over the net?

This topic is 4420 days old which is more than the 365 day threshold we allow for new replies. Please post a new topic.

If you intended to correct an error in the post then please contact us.

Recommended Posts

How effective are "electronic" NDA's? Do they even count at court?

Share this post


Link to post
Share on other sites
Advertisement
Moved to the business forum.

To partially answer the question: it mainly depends on how the parties are authenticated in the 'signing' process, and on how local jurisdiction recognizes this process. From what country are you from ?

Share this post


Link to post
Share on other sites
Ever played in a beta to a game online? You sign a nda before they let you download it so id say get a layer to draft it for you and then its 100% legally binding.

Share this post


Link to post
Share on other sites
Thanks for the replies. Does this means a "I agree checkbox" is legally binding?

@Yann

I'm in Germany.

Share this post


Link to post
Share on other sites
I'm no lawyer, but I'd imagine an "I agree" checkbox would for the most part be legally binding. As long as you can prove who it came from.

Share this post


Link to post
Share on other sites
Quote:
Original post by CMD
Thanks for the replies. Does this means a "I agree checkbox" is legally binding?

@Yann

I'm in Germany.


I don't know about in Germany, in the USA some of those have resulted court cases where the person who developed the software with the "I agree checkbox" lost due to various issues. I'm not a lawyer but I have the feeling you need something more substantial than 'just a check box'. At least force them to scroll to the bottom. =)

Share this post


Link to post
Share on other sites
I think having your developers print out, sign and scan the signed doc then send back to you is more than enough. A little longer winded than the checkbox but I suspect as close to secure you will get without lenghtly posting back and forth.

If you don't get to romantic about it, the purpose of a signiture is to validate an agreement for BOTH parties. When someone agrees to a legal contract you need to give the person agreeing some kind of permanent record of what they agreed to - and keep a record of this.

Share this post


Link to post
Share on other sites
I am not a lawyer. However, I'm under the impression that no online agreement is actually legally binding within Australia, I'm not sure about other countries. Website owners have been stung by this when trying to protect themselves with clauses in ToS agreements in the past. However, this was thrown in as an aside note during an only-partially-related university lecture, so I'm not sure how reliable that information actually is.

I'd say you'll probably want to check with a lawyer to be sure.

Share this post


Link to post
Share on other sites
Quote:
Original post by Kazgoroth
I am not a lawyer. However, I'm under the impression that no online agreement is actually legally binding within Australia, I'm not sure about other countries.


I'm no lawyer either and I'm certainly no expert on Australian law, but I don't believe that's true. If all online agreements you commit to are not legally binding, e-commerce would be out of the window. The same goes for many other popular internet applications, like MSN or Windows Updates for example. I can hardly believe that Microsoft would publish their products in a land where ToS agreements on these services would not be legally binding.

If you're really anxious about the NDA, you should indeed contact a lawyer to be absolutely sure. Over here in Holland there are several facilities, including legal aid, provided to starting businesses for free or for a reduced charge. Perhaps that's the same in Germany?

Anyway, I guess that you could have people 'sign' NDA's by e-mail and accepting only 'proprietary' addresses, like from ISP's or privately registered domains (so barring Hotmail, GMail etc). That way you can demonstrate that you've taken the appropriate steps to verify the other party's identity. This should mean something when it comes to taking legal steps, but as I said, I'm not a lawyer so it's just an educated guess.

Share this post


Link to post
Share on other sites
Guest Anonymous Poster
Quote:
I don't know about in Germany, in the USA some of those have resulted court cases where the person who developed the software with the "I agree checkbox" lost due to various issues.

The terms of the agreement has to be related to the *use of the software*: it's called an EULA (End User License Agreement). It spells out the copyright protection, the grant of license, descriptions of other rights (such as duplication for backup purposes), limitations (such as resale, reverse engineering, decompilation, disassembly, separation of components, rental, etc), export restrictions, Government-specific usage clauses, warranty against defects (media and bugs), and limitation of liability from the *use of the software*. If you can reasonnably prove that there is no way a user could use the software without having read the entire agreement and checked that "I Agree" button, then the agreement has some bite to it.

If a EULA adds clauses that encompass areas not strictly involving the software such as non-disclosure on the company's internal operations and financing then you risk invalidating the EULA as a whole. Too many restrictions that are not directly related to the *use* of the software may cause invalidation.

Quote:
How effective are "electronic" NDA's? Do they even count at court?

Only if you can certify that there is no other way another party could have "signed" the NDA, which is very difficult to prove with Internet. Faxes are sometimes accepted, but not in every jurisdiction. It doesn't prevent parties to exchange documents electronically, but "execution copies" are expected to be signed by both parties.

Share this post


Link to post
Share on other sites
Quote:
Original post by CMD
Thanks for the replies. Does this means a "I agree checkbox" is legally binding?

@Yann

I'm in Germany.

Not a chance then. German courts are notorious about requiring everything in writing - and by writing I mean signed in ink on physical paper. Even faxes are not always accepted, since they are pretty easy to counterfeit using digital technology. There are some established (ie. historic but still valid) business procedures that are legally binding without a physical support (eg. "Handschlag"), but none is portable to a digital medium, because it requires the physical presence of both parties, and sometimes a third neutral one.

Now, digital signing procedures are currently being installed by the EU, and those will be legally binding. They require governmentally issued encryption keys, and a specific cryptographic signing process. AFAIK, there are no widespread solutions available yet though.

That said, clicking a box would be legally binding, if you could prove without a doubt that:

a) the document or data is only accessible through the NDA page, and that there is no other way. No direct link to the content bypassing the NDA, nothing. This can be very difficult to implement technically, and to prove to a technically incompetent judge.

b) you can guarantee the identity of the signing party. This is almost impossible in Germany, due to very strict privacy laws. You can record their IP, but you'll never be able to prove their identity through an ISP match, unless a crime is somehow involved.

And finally, be careful when copying American NDAs and/or EULAs available on the net. Often, 50% and more clauses typically found in American EULAs are invalid in EU countries, because they conflict with local law. This can render the entrie agreement null and void. Make sure to draft an agreement in accordance with local law.

Essentially, get a lawyer :)

Share this post


Link to post
Share on other sites
Thanks for the replies.

A scanned NDA legally binding then? It counts as physical once I've printed it, doesn't it? Only the "transfer" would be electronic, i.e. 1st party: send via email > 2nd party: print > sign > scan > send back to 1st party > print. In essence, it's the same as the traditional NDA process, with the difference of being transfered with electronic mail instead of physical.

Share this post


Link to post
Share on other sites
Quote:
Original post by CMD
Thanks for the replies.

A scanned NDA legally binding then? It counts as physical once I've printed it, doesn't it? Only the "transfer" would be electronic, i.e. 1st party: send via email > 2nd party: print > sign > scan > send back to 1st party > print. In essence, it's the same as the traditional NDA process, with the difference of being transfered with electronic mail instead of physical.


This would essentially be a fax, only less secure (since with a fax, you have a trace on the callers phone bill, and a trace of the connection on the phone company logs, both of which are very hard to manipulate). With email, the usual spoofing/manipulation rules apply, so this form of communication will probably be considered less secure than a fax by courts.

It's already lightyears ahead of a simple checkbox, of course. It should provide basic protection for low security projects. For critical projects, where an information leak can cost you a lot of money (or even ruin your business), you should definitely insist on a physical copy of the signed document though.

Share this post


Link to post
Share on other sites
Quote:
Original post by CMD
How effective are "electronic" NDA's? Do they even count at court?


For projects on which I have worked remotely, NDA's are often sent to me via email. Usually we print and sign two copies and immediately scan or fax a signed copy back to the client. This faxed or scanned copy is usually viewed as a temporary solution so we can immediately begin discussing the project.

One copy of the original is then posted (overnight courier if necessary) to the sender for their legal records. The second copy is kept by us for our records.

This is the way many other agreements have been handled as well. My experience is that many companies prefer a hard document with a signature.

Share this post


Link to post
Share on other sites
Microsoft has invested a lot of time and money into protecting it's products and rights. So if MS does it, it's legal in your country (if it detects your country or changes to your language, consider it legally binding and most likely tested in court (maybe not by MS themsleves)).

If you copy their format, yours should be binding also.

Share this post


Link to post
Share on other sites
Legal advice should only be gotten from those who have a license to practice law in your jurisdiction.

What I've been told is that the DMCA may, in fact, make click-wrap licenses legally binding in the US, although I've also heard on the radio that a license that was too much legalese was held as non-binding when a guy didn't read it because he didn't understand it. So for any specific license and any specific circumstance, I think you really have to check with a licensed legal professional.

Laws in Germany are likely quite different from the US, btw.

Last, the golden rule always applies: he who has the gold, makes the rule. So if there's enough at stake, don't worry about whether the license is formally binding or not; worry about what the other party would do to you if you went against them! Licenses and agreements are intended to be vehicles for cooperation in mutual understanding, not arbitrary rule sets to be bent as far as you can take them.

Share this post


Link to post
Share on other sites
Quote:
Original post by Mike2343
Microsoft has invested a lot of time and money into protecting it's products and rights. So if MS does it, it's legal in your country (if it detects your country or changes to your language, consider it legally binding and most likely tested in court (maybe not by MS themsleves)).

If you copy their format, yours should be binding also.

I would strongly suggest not copying legal documents from other companies. EULAs, confidentiality agreements and other contracts are often specifically designed for a certain legal corporate structure and business models, that will most likely not match your own. As hplus0603 mentioned, get in touch with a lawyer and have him draft your legal documents specifically for you. He will also provide insurance against incorrect advice.

Most governments offer legal help to new companies, often free of charge. Many also offer standard legal documents to download, that are in accordance with national law.

Copying Microsoft EULAs is a particularily bad idea, actually. They are basically build on US law, and contain tons of 'patches' and conditional clauses in order to fit other jurisdictions. Also, MS often incorporates clauses that are known to be invalid in certain jurisdictions, as a psychological barrier. An example is the non-reverse engineering clause. Those can quickly backfire, if you don't know exactly what you're doing (MS does, but a copied patchwork document might not).

Share this post


Link to post
Share on other sites
Quote:
Original post by Mike2343
Copying Microsoft EULAs is a particularily bad idea, actually. They are basically build on US law, and contain tons of 'patches' and conditional clauses in order to fit other jurisdictions. Also, MS often incorporates clauses that are known to be invalid in certain jurisdictions, as a psychological barrier. An example is the non-reverse engineering clause. Those can quickly backfire, if you don't know exactly what you're doing (MS does, but a copied patchwork document might not).


I agree with that. I remember reading something about EULA's not being legally binding. I think most software companies do it as a level of psychological protection. The problem with electronic disclosures is what's been stated above, you have to have proof that the actual person signed it. In a court of law I could say that my dog accidentally touched the keyboard, inadvertently triggering the checkbox, and you would have no way of proving this false. When signing my loan in Colorado they had a weird law where I actually had to fingerprint the document proving that I physically touched it.

I expect to see people continue to use EULA's till a massive lawsuit is filed that goes to the Supreme Court and hopefully deemed unconstitutional.

Until then, write a program for your OS that always runs in memory that states "By registering yourself in this computer's memory you agree to nullify and void any contractual agreement between computer user and party including but not limited to EULA's and NDA's including instances where computer user agrees to such an agreement. If you do not agree to this policy, remove your program from this computer's memory immediately." I saw that somewhere on Fravia about reverse engineering and it made me laugh. I wonder if it would hold up in court.

Share this post


Link to post
Share on other sites
An EULA is not an NDA. An EULA is mearly a list of the terms underwhich a copyright owner will allow you to use their copyright material. The legal backing behind an EULA is ultimately copyright law.

You should always get an original signed copy of an NDA. Email it to the person, get them to print two copies, sign them and post them back. You sign both a post one back to them. If you are in a hurry then faxing a copy is legally acceptable in a lot of locations. I wouldn't trust any other digital copies without talking to a lawyer.

Apart from the validity issue of having a signed original, doing it this way ensures you have some valid contact address should problems occur.

Share this post


Link to post
Share on other sites
Sign in to follow this  

  • Advertisement