What Makes Confidentiality Agreements Legally Enforceable?

Confidentiality agreements must be supported by consideration, meaning the receiving party must gain something of value in exchange for accepting the restriction. In employment contexts, continued employment may constitute sufficient consideration; in vendor or contractor relationships, the opportunity to access confidential information or conduct business may serve that purpose. The agreement should be signed before or at the time sensitive information is disclosed, not after the fact, as retroactive agreements often face enforceability challenges. Courts in New York have required that the confidentiality clause be conspicuous and that the parties demonstrate mutual intent to be bound, particularly when the agreement is embedded in a longer contract.

Overly broad confidentiality restrictions may be deemed unenforceable as restraints on competition, particularly if they extend indefinitely or prohibit disclosure of information that becomes publicly available. A corporation seeking to enforce an unreasonably broad agreement faces dismissal risk because courts balance the business partner's legitimate interest in protecting secrets against the public interest in free competition. Defining reasonable time limits (e.g., two to five years post-termination) and carving out information already in the public domain strengthens the agreement's defensibility. Conversely, an agreement that is too narrow may fail to protect the corporation when needed, leaving the company without a clear legal basis to seek damages or injunctive relief.

A formal cease-and-desist letter is typically sent after the corporation and its counsel have confirmed the breach and assessed the strength of the claim. The letter should identify the specific confidential information involved, cite the relevant contractual provision, demand cessation of the unauthorized use, request return or destruction of the information, and specify a reasonable deadline for compliance (often 10 to 30 days). A well-documented demand letter demonstrates the corporation's diligence in attempting to resolve the matter without litigation, preserves the record for potential injunctive relief, and may prompt settlement discussions before costly litigation begins. Sending the letter via certified mail or email with read receipt ensures proof of delivery.

A corporation may seek injunctive relief to stop ongoing or threatened disclosure, monetary damages for past harm (including lost profits or unjust enrichment), and in some cases, attorney fees if the confidentiality agreement permits. To obtain a preliminary injunction before trial, the corporation must typically show a likelihood of success on the merits, irreparable harm that cannot be remedied by money damages alone, and that the balance of equities favors the corporation. In New York and federal courts, corporations often file for a temporary restraining order (TRO) on an emergency basis when disclosure is imminent, then seek conversion to a preliminary injunction at a hearing. The burden shifts once the corporation establishes a prima facie case of breach; the breaching party must then show why the injunction should not issue.

A confidentiality agreement creates a contractual duty not to disclose or misuse protected information, while trade secret law (under the Defend Trade Secrets Act and state statutes) protects information that derives economic value from not being generally known. A corporation may pursue both a breach of confidentiality claim and a trade secret misappropriation claim if the same information is both contractually protected and qualifies as a trade secret. The advantage of a confidentiality agreement is that it does not require the corporation to prove the information was not reasonably known; the agreement itself establishes the duty. However, trade secret claims may offer additional statutory remedies, including treble damages and attorney fees for willful misappropriation. Courts recognize that breach of confidentiality is a distinct cause of action from trade secret theft, even when the facts overlap.

The statute of limitations for breach of contract claims in New York is generally six years, but the clock may begin running from the date of breach or from the date the corporation discovered the breach, depending on the facts. A corporation that delays filing suit risks losing evidence, allowing the breaching party to relocate assets, or permitting further unauthorized disclosures. Early injunctive relief is often the most effective remedy because it stops the harm before it compounds. Additionally, if the confidentiality agreement includes a notice requirement or a dispute resolution process (such as mediation or arbitration), the corporation must comply with those procedural prerequisites or risk waiving its right to sue in court.

A corporation's ability to protect its confidential information depends on having a well-drafted confidentiality agreement in place before sensitive data is shared, documenting the measures taken to maintain confidentiality, and acting promptly when a breach is discovered. The corporation should work with counsel to ensure that the agreement clearly defines what is confidential, imposes reasonable restrictions, and specifies remedies that align with business needs. When enforcement becomes necessary, early legal intervention, thorough evidence preservation, and a clear understanding of available remedies position the corporation to stop the breach and recover damages. Forward-looking considerations include conducting regular audits of who has access to confidential information, requiring signed acknowledgments of confidentiality obligations, and maintaining a documented log of security measures that strengthen the corporation's position if litigation arises.