Open top secret envelope on table.

On the sale of a company, it is pretty much inevitable that the company’s valuable confidential information will need to be disclosed.  A prospective buyer will want to see that information so it can evaluate the business offered for sale.  But the selling shareholders, and the target company itself, will be nervous about their business being damaged as a result of its most sensitive and valuable information entering the public domain.

Well advised selling shareholders will not disclose their company’s confidential information unless and until confidentiality obligations have been imposed on any potential buyers who wish to receive that information.

NDAs: not a perfect solution

Whilst a non-disclosure agreement (NDA) should be sought by sellers and can offer valuable protection during and after due diligence exercises, contrary to what sellers may think (or hope) they do not provide any guarantee that confidential information will be protected and remain secret.

Regardless of how well an NDA is drafted, the following issues should be borne in mind:

  • the most effective remedy for breach of an NDA is an injunction to prevent disclosure from taking place. But this will only help a seller seeking to stop a potential breach. Once information has been disclosed, an injunction is of little or no use. And often the seller will not know of an unauthorised disclosure until after it has taken place by which time it will be too late for an injunction to be of any help;
  • once information has entered the public domain, no legal remedy under the NDA will make it secret again. Once the genie is out of the bottle, there is no way to put it back in!  Damages may be the only remedy available, but they may not be adequate; and
  • even the most scrupulously honest prospective buyer (they do exist) will find it difficult not to take the confidential information into account when drawing up its own future plans regardless of what the NDA says.

Practical solutions

Rather than a definitive solution to the problem, sellers should consider an NDA to be just one part of an overall package of practical measures that should be taken to protect valuable confidential information.

Practical ways of keeping information confidential are likely to have more value than the ability to sue for damages, or an account of profits for wrongful disclosure (or both).  Therefore, the disclosure of confidential information as a whole needs to be properly managed and controlled by the sellers and their company.

Practical measures that disclosing sellers should consider include:

  • making information available via a secure electronic data room, where access can be carefully controlled and documents cannot be removed. Data rooms have become increasingly sophisticated and various security settings can be applied to different documents depending on their sensitivity;
  • not disclosing highly sensitive information until the later stages of a transaction when an agreement is more certain (or even not disclosing it at all);
  • only providing hard copies of the most sensitive information and perhaps only during the course of a meeting;
  • clearly marking information as ‘confidential’;
  • encrypting files attached to emails, if the use of email to send confidential information cannot be avoided;
  • specifying a single point of contact through which all requests for information must be routed: this enables one person to control the manner and extent of disclosures but will also help in preventing the prospective buyer from soliciting key staff;
  • keeping accurate, up to date records of exactly what has been disclosed: this could be vital evidence in any subsequent litigation arising from a breach of the NDA. If information is disclosed orally, make a note of what was said; and
  • seeding traceable information within the disclosed confidential information: include your Grandma’s details in the customer list. If in due course she starts getting marketing information from the prospective buyer, you know they’re using the confidential information!

Identify information which cannot be disclosed

Finally, prior to the disclosure of any information, sellers should identify whether there is any information which cannot be disclosed, either because it is already subject to a confidentiality obligation to a third party or because there are legal restrictions on release (for example, customer data held on computers, or personal information about employees).  Sellers should undertake a review of all major contracts prior to disclosing information to a prospective buyer to identify any potential issues.

This post was edited by Stephen Richards. For more information, email

Leave a Reply

Your email address will not be published. Required fields are marked *

seventeen + 8 =

This blog is intended only as a synopsis of certain recent developments. If any matter referred to in this blog is sought to be relied upon, further advice should be obtained.