NDAs: What We Think of Them and When We Sign Them

We have worked on so many projects (especially Joomla projects) for the past several years – these projects ranged in size from very small projects to large, governmental projects. From time to time, we have a project where the client asks us to sign an NDA (Non-disclosure Agreement) before starting the actual work. In many cases we refuse, here’s why:

  • If we sign an NDA for each and every project we take, we will reach a point where we can’t do anymore work: The NDA consists of clauses that are more or less like the following:
    • The code that you did for us cannot be used for anyone else: The thing is, in our industry (especially when developing on Joomla’s platform), everyone reuses his or other people’s code. We’d be lying if we say that each and every line of code that we create is original because this is simply not the case. In fact, a considerable chunk of the code that we do on any project consists of some code that we did previously for another client or that someone else did and shared with the public (of course, we do review all the code that was not created by us). It just doesn’t make sense to re-invent the wheel, or force us to re-invent the wheel.

    • You cannot re-use any information you learn from us: But how about the information that the client learns from us? We had a 2 hour meeting with a client here in Montreal a couple of weeks ago and we literally overwhelmed that client with the wealth of information that we have. We didn’t tell the client that he cannot use this information anywhere, in fact, we encouraged him to use (and re-use) that information and to even distribute it. We were amazed when that very same client asked us to sign 3 documents (including an NDA) that will tame our freedom (something that we appreciate a lot here at itoctopus) in order to start the work. Also, who’s to say that the information that we learn from the client’s project is not something that we already know? (Which is usually the case in 99% of our projects.)

    • All the information that you gain when working on our project is top secret: We acknowledge that some information that the client gives us is confidential (such as credentials and non-public database content) and we abide to that, but this doesn’t mean that all the information is top secret.

    • We will drag you to a court of our choice if we even think that you violated the terms in our NDA: This is by far the most disturbing part in an NDA and a very bad way to start a longterm business relationship. It’s like saying to a new friend the following: “If I even think that you have ever lied to me at any point in time, then I’ll drag you to court”. This is probably the main reason whey we are very reluctant to sign an NDA on the spot.

  • The NDA has so many details and ambiguous clauses that only a lawyer will be able to decipher: Any programmer worth his salt has probably seen so many NDAs in his lifetime and he’ll certainly agree with us that an NDA is a multiple page document with fine print everywhere. Sometimes even a word in the right place can make the NDA document 2 times stronger. While there are many standard NDAs out there, there are many companies that have their own NDAs, and we just don’t have the time nor the resources to take an NDA to a lawyer everytime a new client sends us one.

  • The NDA is usually governed by a country other than our home country: Canada is our home country, and the majority of our clients are from the US. NDAs in the US are drafted differently than those here in Canada (Quebec in particular) – this is because many US states have loose regulations over NDAs – something that makes the latter even more restrictive.

  • Some NDAs have very threatening language: Nobody likes to be threatened, including ourselves. We have seen NDAs that included a very harsh penalty (which is usually paying the client a substantial amount of money and/or some jailtime) in case the NDA is thought to be breached. We consider such NDAs to be very threatening and we’ll dismiss the project on the spot if the client asked us to sign one containing such language.

  • An NDA always assumes bad faith about the other party: We have yet to see something like “We think that your work will complement our vision – and that’s why your work makes all the difference for us” in an NDA. What we usually see is something like “We think that you might steal our information, and if we even suspect that then we’ll take immediate (and harsh) action”.

  • An NDA is drafted with the sole purpose to protect the client at the expense of the developer/development company: If you can show us an NDA that has only a sentence – one sentence – that caters for the interest of the developer/development company then it’ll be one NDA we have never seen in the lifetime of our company.

  • We’re trusting you from the get-go – why not do the same?: We have never ever made any of our clients sign on any document (except for a Joomla maintenance contract – but even at that there are no penalties and it’s easily cancellable) – and we expect that this will remain the case for the foreseeable future. We don’t even charge repeat clients up-front (which is something that almost all of our competitors do). We have full trust in our client even before starting the project – how come some of our clients just don’t trust us?

  • We are ethical developers and our clients know it: We have immaculate ethics when it comes to our work. We treat our clients’ websites as if they were our own and we ensure that our code works properly on our clients’ websites before invoicing them. We treat all of our clients’ data as confidential and we never disclose that information to any other party without the explicit and written permission from our clients. We stay up at night until we fix a problem on a client’s website, and we have no problem waking up in the middle of the night in case of a Joomla emergency. Our clients know this, and that’s why we have nearly a 0% customer churn rate.

So, the question is, do we or do we not sign an NDA at itoctopus?

If you’re a first time client, then the answer is most likely to be “No” – we won’t sign an NDA with you, because we believe that if you want to work with us, then you should trust us at least the same way we trust you. But there are some situations where we are willing to sign an NDA, such as:

  • The client is US or Canada (excluding the city of Montreal) based and is at least a two months old client who has generated at least $15,000 in revenue for us. Also, the reason why the client wants us to sign an NDA is strictly because of company policy. In this situation, we are comfortable signing an NDA with the client.
  • The client is based in Montreal and is at least a one month old client who has generated at least $15,000 in revenue for us. The reason why the client wants us to sign the NDA must be one of the following:

    • Emerging company policy that applies across the board.
    • R&D credit (companies in Canada can claim contractors’ efforts – but only at about 47%)

    • The company is a sub-contractor for another company and that other company requires that everyone signs an NDA. In this situation we’ll only sign an NDA with the subcontractor (our client), but not with the other company.

  • The client is a governmental agency in the US or Canada.

  • Exceptional cases.

So now you have it – this post defines our policy when it comes to NDAs and reflects our true opinion about these documents. If you have any questions about this post, or if you have a large Joomla project that you need us to work on (but you need us to sign an NDA first), then feel free to contact us. We are ready to explain our point of view and find a common ground where each party is happy – after all, we are the friendliest Joomla developers on this planet!

No comments yet.

Leave a comment