If you’re any kind of consultant or contract programmer, and you’re an open-source person, one of the persistent minor (and sometimes not-so-minor) irritations of doing business is NDAs (Non-Disclosure Agreements). Your client will often want you to sign one. About 1% of the time they’re protecting actual business-critical information; the other 99% they’re suffering from an unfounded delusion that they’re protecting business-critical information – but the rigamarole is 100% annoying 100% of the time. Besides, even if (like me) you consider it a point of personal honor not to blab things you’ve been told in confidence, you probably have a philosophical objection to being gagged.
I haven’t signed an NDA in least the last 12 years of active consulting, and over my entire 27 years of such I’ve maybe signed a grand total of two NDAs, and I’ll never sign one again. Herewith, a short course in how to evade them.
The general rule is this: set up circumstances where the pain to them from having the NDA exceeds the extent to which they’re willing to trust you. Basically, this means that you have to make the NDA have potentially unpleasant legal consequences for them.
The best way I know to do this is to be a director or other officer of a corporation, with fiduciary responsibility to the corporation. You tell them: “I never sign NDAs because I refuse to end up in a no-win legal situation – the NDA terms might require me to violate my fiduciary responsibility, or vice-versa.” Back when I was a director of VA Linux, this was a nuclear bomb that immediately vaporized all talk of NDAs whenever I brought it up.
Even without a directorship, a variant of this works pretty well. Tell them you never sign NDAs because you’ve had other clients in the past and will have more in the future, and you don’t care to get caught in the no-win situation that an NDA puts you in the gunsights of a nonperformance or honest-services prosecution (or vice-versa).
If they press the point, tell them you’ll sign that NDA if, and only if, they will sign an agreement indemnifying you against all costs arising from any lawsuit arising from a conflict between the NDA and any future agreements or fiduciary responsibilities you may assume. That’ll usually shut them right up; they’ll set the limited downside risk that you’ll blab something against a potentially unlimited risk from a big messy civil lawsuit and fold up like cheap cardboard.
This does mean they have to need you enough so that the soft option isn’t to say “No NDA, no business,” and walk you out the door. But if they didn’t need you to cover something nobody in-house can do as effectively, they wouldn’t be asking for the NDA in the first place. So hang tough about this. Most NDAs are pro-forma, ass-covering gestures to begin with; chances are the person trying to get you to sign one knows this is true about his piece of paper and won’t fight very hard to defend it.
It’s always good to point out that you have a reputation to protect, and you’re not going to injure your client by flapping your lips because if word got around that you did that sort of thing you wouldn’t have any clients anymore. Stand on your dignity, point out that you’re a professional, and sound a bit offended at the suggestion that anyone would be crass enough to doubt your discretion (but don’t overdo that last part lest it seem like posturing).
This battle is worth winning for reasons other than avoiding legal risk. It sends a clear message that you are a professional with a backbone and a clear sense of your own worth – not to be jerked around and chickenshitted at. And that is always a good thing to establish before the job starts.