NDAs tend to be a straightforward type of document with limited scope and a fairly well-known universe of issues. So having a computer program parse the document and itemize issues seems like a good idea.
But what does it mean that the AI “beat” the humans? That the program simply spotted the issues and listed them faster and more completely than the lawyers? Not that impressive a victory. It’s how the issues get resolved that are important.
Did the AI interact with a lawyer on the other side and get issues resolved? Not likely, but the story doesn’t tell us exactly what the test consisted of and how “victory” was determined. (It is possible to download the 40-page report and analyze it, but I am not willing to spend the time to do that, and I bet most commenters, like me, are just responding to the headline take-away.)
While AI can be a great tool, one of the problems with it is that often no one knows how the program makes decisions. Not knowing what you don’t know can present serious blind spots. For example, it may be possible for a counter-party to a transaction who has access to the same AI as you to construct a document with text containing an issue that the AI won’t spot but that the counter-party planted in the document for his or her advantage. If the document is reviewed only by AI (and given a cursory review by a bored low-paid worker who expects AI to catch all the issues), then there is an open back door to your legal castle.
Computers haven’t put accountants out of business, and they won’t put lawyers out of business either. They will make lawyers more efficient, but whether that translates into lower fees remains to be seen.
Your points on "beating" and decision making are very well taken. Same on the resilience of the professions. My own take here is basically that it's accommodating inefficient behavior---a thousand implementations of the same basic deal terms---rather than correcting it. The cure for the common NDA is standardization, which is something the profession can do for itself.
Along those lines, I recently launched an initiative to stop pointless waste on review of routine MNDAs:
The idea was not to write the world's greatest NDA, or to offer whiz-bang features with software, but to create a boring, unsurprising, neutral NDA with a distinctive name that spreads word about itself, creating opportunities to sign routine NDAs without waiting for redundant legal review.
Would love to read your thoughts, here or by e-mail.
I have not carefully read the entire NDA, but I offer the following comment.
If a recipient of information protected by an NDA is a legal entity, such as a corporation, Section 4 of your form requires the recipient to enter into a confidentiality written agreement with each employee (and others working for the recipient) who receive information protected by the NDA. This is both too much and too little!
It is too much because it is burdensome on the recipient to require employees to sign a written agreement every time the corporation receives receive information protected by an NDA. There might be 20 employees who need to see the information, and keeping track of who has signed and who hasn’t and making sure that an employee who has signed doesn’t share information with an employee has not yet signed is an administrative burden.
I don’t ask for this provision when representing the disclosing party, and I would resist this when representing the recipient.
In any event, how does the disclosing party police this requirement?
It is too little because the recipient fulfills its obligation by entering into a written agreement with the employee as required by your form of NDA. If there is a written agreement with the employee and the employee improperly discloses the information protected by the NDA, the recipient points to the written agreement and says, “I did what you asked.” So why would the recipient be liable for the wrongful disclosure by its employee?
To whom is the employee liable if the employee improperly discloses the information protected by the NDA? Presumably the disclosing party would want to sue based on the fact that the employee signed a written agreement agreeing to keep the information confidential, but unless the disclosing party is a third-party beneficiary of the recipient’s written agreement with the employee, the disclosing party has no rights under that agreement.
In the absence of an express statement in the NDA that the recipient’s agreement with the employee is intended for the benefit of the disclosing party (i.e., the disclosing party is a third-party beneficiary of the agreement), it is a litigable issue whether the disclosing party a third-party beneficiary. There is nothing in the NDA form that requires the recipient’s agreement with the employee to contain such a clause.
In some situations, both the disclosing party and the recipient might prefer not to identify the source of the information protected by the NDA.
Even assuming that the written agreement with the employee allows the disclosing party to sue the employee for wrongful disclosure based on that agreement, does the employee have adequate resources to pay a judgment?
Instead of requiring such agreements between a recipient and an employee, it might be more effective to state in the NDA that the recipient is required to instruct its employees on the confidential nature of the information, that the recipient is responsible for any disclosure of information by its employees in violation of the NDA, and that the recipient will be liable for any damages resulting therefrom.
Thanks very much for this comment. I'm glad I looked back on my threads page and saw it!
First, I should make clear that I did not set out to write the very best NDA possible. Rather, I set out to write the NDA that I thought companies and their counsel would find the quickest and easiest to approve. In other words, to reflect current practice, which we might both to agree falls well short of optimum.
Alas, my experience from prior projects is that better terms don't provide enough incentive to standardize. Everybody likes their NDA, and the difference between OK and better isn't compelling. But my hope is that if we standardize otherwise, through CT's self-propagating mechanism, that standard can then become a platform for better terms.
Now to your points on employees and confidentiality.
The covenant to sign NDAs with employees is essentially a commitment to best practice. The parties are confirming that NDAs, or more likely CIIAAs, are part of the hiring packets for both sides. Note the exception for professionals under non-contractual confidentiality obligations, like lawyers. That tracks reality, in my experience.
You are correct that absent express language, and without privity, disclosers could end up without direct claims against breaching employees. That's an absolutely fair point, though I'd hasten to add that the company, rather than its employee, is usually the deep pocket, and an injunction to the company is usually what's needed to stop any bleeding.
The terms addressing employer responsibility are in section 4(m) of version 1.1.0:
> (m) Compliance and Oversight.
>
> (i) Receiving Party shall ensure that its Advisers abide by the confidentiality obligations of Receiving Party under this agreement. If Receiving Party is a legal entity, Receiving Party shall also ensure that its Personnel abide by the confidentiality obligations of Receiving Party under this agreement. Breach of Receiving Party obligations by Receiving Party Personnel or Receiving Party Advisers will be deemed breach of this agreement by Receiving Party itself.
>
> (ii) If Receiving Party is a legal entity, Receiving Party shall provide Disclosing Party copies of confidentiality agreements with Personnel who receive Confidential Information on Disclosing Party request.
Again, thank you very much. Writing what you did took time, I know.
If you'd like to discuss further, please do e-mail me. Otherwise, I can't be sure I'll see it. I'd be more than happy to make time for a call, or arrange a meal, coffee, or libations next I'm down to San Jose from Oakland.
But what does it mean that the AI “beat” the humans? That the program simply spotted the issues and listed them faster and more completely than the lawyers? Not that impressive a victory. It’s how the issues get resolved that are important.
Did the AI interact with a lawyer on the other side and get issues resolved? Not likely, but the story doesn’t tell us exactly what the test consisted of and how “victory” was determined. (It is possible to download the 40-page report and analyze it, but I am not willing to spend the time to do that, and I bet most commenters, like me, are just responding to the headline take-away.)
While AI can be a great tool, one of the problems with it is that often no one knows how the program makes decisions. Not knowing what you don’t know can present serious blind spots. For example, it may be possible for a counter-party to a transaction who has access to the same AI as you to construct a document with text containing an issue that the AI won’t spot but that the counter-party planted in the document for his or her advantage. If the document is reviewed only by AI (and given a cursory review by a bored low-paid worker who expects AI to catch all the issues), then there is an open back door to your legal castle.
Computers haven’t put accountants out of business, and they won’t put lawyers out of business either. They will make lawyers more efficient, but whether that translates into lower fees remains to be seen.