Today I was asked by a design agency to sign an NDA (a.k.a. Confidentiality Agreement, Non-Disclosure Agreement, etc.) prior to starting an analysis of its existing website. I was going to be checking on WordPress core files, plugins, scripts, etc. in an effort to figure out if there are any security vulnerabilities and if any best practices are being violated by the website. The total contract was worth $300.
The work never got started, because I refused to sign the confidentiality agreement.
There is a good deal of legal and financial risk in signing an NDA, because it opens me up to litigation. That risk needs to be offset by either solid reasoning or the right amount of cash. The agreement in this case did not meet my threshold for taking on that risk.
But I also feel that I am in the right on the issue. I have worked hard to build an ethical company that people can trust. When my clients want me to keep secrets, they just ask me to keep specific secrets. It isn’t hard. In fact, it is friendly!
There are very few initiatives that are worthy of an NDA. Most initiatives are run-of-the-mill, have been done 100 times before, and don’t require an NDA. Certainly, a website maintenance agreement like the one I describe above does not need an NDA.
So there’s my rant. What do you think of NDAs?