Misuse of Non-disclosure Agreements (NDAs)

This guidance is intended to help you understand your obligations and the standards of behaviour expected of you as a regulated legal professional in accordance with the CILEx Code of Conduct.  


You should be aware of and apply this guidance if you advise on, negotiate or seek to enforce a non-disclosure agreement (NDA), regardless of the context in which the NDA arises. You should have it in mind when acting for a client, your firm  or if you are party to one yourself, when acting in either your professional or personal capacity.  


Although this guidance doesn’t form part of our formal rules, we will take it into account when considering any concerns about your conduct in relation to the misuse of NDAs and confidentiality agreements and you may be called upon to justify any departure from it.  

What is the misuse of an NDA?

Non-disclosure agreements (NDAs) are agreements, contracts or clauses that seek to prohibit or limit the disclosure of information by requiring parties to the agreement to keep certain information confidential. They are common in legal practice and can serve a useful purpose in the workplace and other commercial settings to preserve trade secrets and maintain reputation. NDAs are often used in employment settings as part of the recruitment process, or as part of a settlement agreement on termination to make workers keep the things they have seen or experienced private. They are also common in many other kinds of disputes (or potential disputes) to prevent the parties involved from discussing the circumstance leading to the agreement e.g. the dispute, the contents of the agreement and sometimes the existence of the agreement itself.


Whilst there are some legitimate uses for NDAs, there are many circumstances where they are inappropriate, unenforceable or unlawful and their misuse can be very damaging. This includes where the NDA seeks to cover up inappropriate behaviour or wrongdoing, especially if there is a risk of repetition of the behaviour, by seeking to:


• prevent or discourage a person from reporting any form of discrimination, harassment or sexual harassment;
• prevent or discourage a worker from making protected disclosure under the Public Interest Disclosure Act 1998 (whistleblowing);
• prevent or discourage a person from reporting a relevant matter to us, or another regulatory body, government agency, the police or other law enforcement agency, including making any disclosures required by law;
• prevent or discourage a person from cooperating with a criminal investigation or prosecution , or any other regulatory, legal or governmental investigation or inquiry;
• influence the substance of any report, disclosure or cooperation with such an investigation or inquiry;
• prevent or discourage the disclosure of the NDA, or the circumstances surrounding it, to legal advisers, medical or other professionals who are bound by a duty of confidentiality, such as counsellors, and tax advisors.


You must not draft, seek to enforce or otherwise misuse NDAs in these ways. In addition, when advising on, drafting or dealing with NDAs, you must not:


• attempt to mislead others, for example by telling a worker, in the absence of a lawful settlement agreement, that the clause can take away their employment rights to make an ET claim;
• take unfair advantage of the other party, for example their lack of legal knowledge, experience or any imbalance in power or resources, especially if the other party is vulnerable or unrepresented;
• use undue pressure, threats, intimidation, or other oppressive tactics, for example imposing unrealistic or artificial time limits to agree the terms of NDA, or preventing a party from receiving a copy of the agreement;
• use or threaten to use a clause that you know to be unenforceable;
• discourage any party from taking legal advice, or making a permitted disclosure.


CILEx Code of Conduct

Misusing an NDA in the ways outlined above risks breaching the following Principles of the CILEx Code of Conduct which require you to:


Principle 1: uphold the rule of law and the impartial administration of justice 


Principle 2: maintain high standards of professional and personal conduct and justify public trust in you, your profession and the provision of legal services;

  • Outcome 2.2: you must not engage in any conduct that could undermine or affect adversely the confidence and trust placed in you and your profession by your client, your employer, professional colleagues, the public and others


Principle 3: behave with honesty and integrity 

  • Outcome 3.2 you must not intentionally mislead anyone you deal with
  • Outcome 3.3:you must report to CILEx Regulation without delay any suspicion that a person has breached the Code unless legal professional privilege or client confidentiality apply
  • Outcome 3.4 you must report to the relevant authority any misconduct of a person which falls to be regulated by that authority unless legal professional privilege or client confidentiality apply


Principle 4: comply with your legal and regulatory obligations and deal with regulators and ombudsmen openly, promptly and co-operatively

  • Outcome 4.1: You must understand and comply with the law and regulation applicable to you
  • Outcome 4.3: You must not place others in breach of any regulatory requirement or rule of professional conduct


Principle 5: act competently, in the best interests of your client and respect client confidentiality

  • Outcome 5.8 you must provide prompt, clear and accurate information and advice to your client, advise them openly and honestly and keep them up to date with information they need about the work you are performing for them within agreed timescales


Principle 6: treat everyone fairly and without prejudice

  • Outcome 6.1 you must ensure your business or your role within it, your business model, processes and practices adequately assist consumers and clients to access justice and the full range of legal services; and provide each client with equal opportunity to secure a favourable outcome in their matter, irrespective of their vulnerability or susceptibility to discrimination.


Best Practice Tips


  • When seeking, or advising clients who are seeking an NDA, always explore alternative options for meeting the goal before settling on an NDA
  • Be clear that the agreement does not stop a party from seeking medical or professional advice, or advice from their employer (in relation to work-related agreements)
  • Avoid using, or encouraging the use of NDAs as a matter of routine, leading to a culture which lacks openness and where workers do not feel confident that their complaints will be taken seriously or lead to workplace improvements
  • Avoid using NDAs where there is little or no point in seeking confidentiality, for example where the issue is already in the public domain
  • Ensure any agreements you produce are well drafted, clear and unambiguous. You should use plain standard English and be clear about the types of disclosures that can be made and to whom
  • Provide clear advice to your client – whether they are the person seeking the NDA, or person subject to it, about exactly what is and isn’t permitted in the NDA and keep a written record of the advice given
  • Ensure the NDA is relevant to the issues and claims that are likely to arise from a dispute
  • Do not put undue pressure on any party to agree to the terms, allow sufficient time
  • If the agreement is part of a settlement agreement under the Employment Rights Act 1996,  ensure that you are aware of the requirements governing those agreements, including for the employee to be in receipt of independent advice.
Dealing with confidential information that is subject to an NDA

If you are in receipt of information that you are aware is subject to confidentiality/ an NDA agreement, for example if your client comes to you for advice about a matter that is subject to an NDA, or seeks to enforce one, there are a number of points to consider.


Firstly, you should remember that you are required under Principle 5, Outcome 5.12 of the Code to maintain confidentiality in respect of your client’s affairs, except where to do so would conflict with the law or the Code or where your client explicitly authorises you to disclose confidential information.


This means that in order to share the confidential information with any other person, including the courts in relation to a claim, other regulators and law enforcement agencies on behalf of your client,  you will need to be able to demonstrate that the disclosure is being made:


  • to comply with a specific legal obligation that applies to you/your firm;
  • the Code; and/ or
  • is being made with the client’s express permission for a specific purpose.


In addition, Principe 3, outcome 3.3 requires you to report to CILEx Regulation without delay any suspicion that a person has breached the Code unless legal professional privilege or client confidentiality apply.


This means that if you become aware that a person or firm we regulate has misused an NDA, you will need to obtain your client’s permission to disclose any information that is subject to an NDA to us. You would also need your client’s permission to report any such confidential information to another regulator under Principle 3, Outcome 3.4, which requires you to report to the relevant authority any misconduct of a person which falls to be regulated by that authority, unless legal professional privilege or client confidentiality apply.


Unless you can point to a clear legal or regulatory provision that allows you to disclose confidential information without your client’s consent, you will need to obtain your client’s explicit authorisation to share the confidential information.


In all cases you must ensure that you comply with all your other legal and regulatory duties, including for example:


  • Data protection legislation
  • The requirement under Principle 5 of the Code to act in your client’s best interests, which includes ensuring that your client does not inadvertently breach a lawfully constituted NDA; and
  • Ensure you do not act where there is a conflict of interest, or a significant risk of one arising with another client to whom a duty of disclosure is owed.


You should also ensure that you keep a record of your advice to your client and their informed written consent so that there is an audit trail to show you have complied with your obligations.