Seven NDA Red Flags Every Developer Should Recognize Before Signing

Most Developers Sign NDAs Without Reading Them

It happens before client calls, before job interviews, before product demos. A PDF arrives, the other party says "it's standard," and developers click sign. The problem is that "standard" NDAs vary wildly — and some contain provisions that can affect your career, your side projects, and your IP ownership for years.

Here are the seven clauses that should make you stop, push back, or walk away.

Red Flag 1: The Everything-Is-Confidential Definition

The language: "Confidential Information means any and all information disclosed by either party in any form, whether written, oral, electronic, or otherwise, regardless of whether it is marked confidential."

The problem: This definition is so broad it could cover a casual conversation, an industry-standard practice you discuss, or information you independently develop. If a dispute arises, the other party can argue that almost anything you do or say violated the NDA.

What to do: Narrow the definition to specific categories related to the purpose of the relationship. "Confidential Information means technical specifications, financial projections, and customer lists exchanged specifically in connection with [the proposed partnership]."

Red Flag 2: Missing Standard Exclusions

Every well-drafted NDA should exclude five categories of information from confidentiality obligations. If any are missing, that is a negotiation point:

1. Information that enters the public domain (not through your fault)
2. Information you already knew before signing
3. Information you develop independently without using their information
4. Information you receive from a third party with no confidentiality obligations
5. Information you're required to disclose by law or court order

An NDA without these exclusions can expose you to liability for sharing things you have every right to share.

Red Flag 3: Perpetual Duration

The language: "The confidentiality obligations set forth herein shall survive indefinitely" or "there shall be no time limitation on the receiving party's obligations."

The problem: Business relationships end. People change jobs, start companies, move into adjacent fields. A perpetual NDA is an indefinite restriction on what you can discuss, potentially for the rest of your career.

What to do: Request a fixed term — 3 years is typical for general business information, 5 years for more sensitive technical information. Trade secrets can survive longer, but even those should have some end date.

Red Flag 4: No Prior Knowledge Carve-Out

The language: No mention of existing projects, prior inventions, or pre-existing knowledge.

The problem: If you're already working on a similar project before you sign the NDA, the absence of a carve-out creates ambiguity. The other party could later claim your pre-existing work was developed using their information.

What to do: Add a prior knowledge carve-out and attach an Exhibit A listing all projects and technologies you were working on before signing. Get both parties to sign the exhibit before you begin.

Red Flag 5: The Hidden Non-Compete

The language: Buried in Section 7 or 8: "During the term of this Agreement and for [X] years thereafter, the Receiving Party agrees not to engage in any business that competes with the Disclosing Party."

The problem: This is a non-compete agreement inside what was presented as a simple confidentiality document. Non-compete agreements are separate, significant legal commitments that restrict your ability to earn a living. They require independent analysis, negotiation, and often separate compensation.

What to do: Flag it explicitly. "I noticed this appears to include a non-compete provision. That falls outside the scope of a confidentiality agreement and would need to be a separate conversation with independent review."

Red Flag 6: Blanket IP Assignment

The language: "Any inventions, discoveries, or works created by the Receiving Party in connection with or arising from the Confidential Information shall be assigned to and owned by the Disclosing Party."

The problem: This converts an NDA into a work-for-hire arrangement. If you're a freelancer or consultant, this clause could transfer ownership of anything you create that has even a loose connection to what you learned under the NDA.

What to do: Remove it entirely. IP assignment belongs in a separate contractor agreement or employment agreement, not in an NDA.

Red Flag 7: One-Sided Remedies

The language: "In the event of a breach, Receiving Party shall pay Disclosing Party $50,000 per incident as liquidated damages" — with no equivalent provision for breaches by the Disclosing Party.

The problem: Asymmetric remedies are a classic power imbalance. If they breach, you have no pre-set remedy and face expensive litigation. If you breach, you owe a predetermined (and potentially excessive) amount.

What to do: Request mutual liquidated damages, or negotiate the amount down to something proportional to actual potential harm.

The Bottom Line

None of these flags means you should automatically refuse to sign. They mean you should negotiate. A company that reacts to a reasonable NDA negotiation with hostility is showing you something important about how they operate.

The developers who are most protected are not the ones who refuse all NDAs — they're the ones who read them.

---

*Disclaimer: This article is for educational purposes only and does not constitute legal advice. Consult a qualified attorney for specific legal questions.*