The non-disclosure agreement is the default opening document of Indian commerce, signed before the pitch meeting, the due diligence and the first day of work. In law it is an ordinary contract under the Indian Contract Act, 1872: binding, but only on conditions. When it is breached, Indian courts respond first with injunctions, then with damages, and only exceptionally with criminal process. The same courts, however, refuse to enforce NDAs that are vague, oppressive or non-competes in disguise — and no NDA can silence a whistleblower or lock up information the public already has.
An Ordinary Contract, With Extraordinary Stakes
India has no dedicated trade secrets statute. Confidential information is protected through what commentators describe as a patchwork of remedies drawn from contract law, intellectual property law and equitable principles of confidence. The NDA sits at the centre of that patchwork, and its enforceability begins with the ordinary contractual checklist: offer and acceptance, lawful consideration, free consent, lawful object and certainty of terms.
Each element does real work in NDA disputes. Consideration in the employment context is usually the employment relationship itself, continued employment, or access to confidential information; an NDA signed after employment has already begun, with no fresh benefit to the employee, may be challenged for want of consideration, though some courts accept continued employment as sufficient. Consent extracted under threat of termination, or through deception about the agreement's scope, renders the contract voidable. And the object must be lawful: an NDA deployed to conceal corporate fraud, environmental violations or criminal conduct is void as contrary to public policy. Finally, the terms must be certain — a clause promising "indefinite confidentiality for all types of information" is precisely the kind of drafting courts are likely to reject.
Section 27: The Line Between Protecting Secrets and Restraining Trade
The provision most often invoked against NDAs is Section 27 of the Contract Act:
"Every agreement by which any one is restrained from exercising a lawful profession, trade or business of any kind, is to that extent void."
The settled position is that a genuine confidentiality obligation is not a restraint of trade. In Niranjan Shankar Golikari v. Century Spinning & Manufacturing Co. Ltd. (1967) the Supreme Court held that restrictive covenants operating during the subsistence of employment are not hit by Section 27 at all, while covenants extending beyond termination are strictly scrutinised: absolute post-employment restraints are void, but partial restraints protecting legitimate interests — above all trade secrets — are enforceable. In Superintendence Company of India (P) Ltd v. Krishan Murgai, (1981) 2 SCC 246, the Court drew the line in a sentence: an employer "cannot stipulate freedom from competition. But he can protect his trade secrets or his confidential information." Confidentiality obligations, on this footing, can operate both during and after employment.
The Bombay High Court's decision in V.F.S. Global Services Pvt. Ltd. v. Suprit Roy, 2008 SCC OnLine Bom 1083, shows how courts apply the distinction in practice. The agreement combined a confidentiality clause with a two-year bar on taking up similar employment. The court enforced the confidentiality element, holding that a clause protecting trade secrets does not restrain anyone from exercising a lawful profession, and struck down the non-compete element as an unreasonable restraint under Section 27, warning that employee confidentiality agreements must not be "unreasonably restrictive of the individual rights of the employee". The lesson for drafters is severance: courts will save the confidentiality core and excise the restraint.
Two further High Court decisions complete the frame. In BLB Institute of Financial Markets Ltd. v. Ramakar Jha (Delhi High Court, 2009), the court held that the restraint-of-trade doctrine bites when the contract comes to an end, and that it applies to all contracts, not employment contracts alone — while confidentiality clauses protecting trade secrets remain distinguishable from broad restraints. And in Bombay Dyeing & Manufacturing Co. Ltd. v. Mehar Karan Singh, (2010) 7 Mah LJ 48, the Bombay High Court enforced a confidentiality clause against a director who had disclosed confidential information to a competitor that later employed him, confirming that narrowly drafted obligations survive termination — provided the protected trade secrets are specifically identified.
For genuine trade secrets, the obligation can run in perpetuity. Indian courts recognise a legitimate interest in indefinite protection of information that is not publicly available, commercially valuable and guarded with reasonable care — but only where the clause is narrowly tailored to the actual secret and is not functioning as a disguised non-compete.
What Amounts to a Breach
A breach occurs when a party who received confidential information — or a third party who knows of it — discloses it, uses it, or permits its use contrary to the agreement. The recognised forms include:
- unauthorised disclosure to competitors, customers or other third parties;
- publication or making the information publicly accessible;
- exploitation of the information for personal or commercial gain;
- failure to maintain reasonable safeguards against unauthorised access; and
- retention or continued use of confidential materials after termination.
To establish breach of confidence, Indian courts apply a three-element test derived from English equity and adopted in cases such as Zee Telefilms Ltd. v. Sundial Communications Pvt. Ltd. (Bombay High Court, 2003) and John Richard Brady v. Chemical Process Equipment P Ltd, 1987 SCC OnLine Del 236:
- The information must be confidential in nature — capable of identification, original rather than publicly known, and sufficiently developed to be realisable as an actual business or technical asset. Vague or generic material does not qualify.
- The circumstances must have imported an obligation of confidence — whether from an express NDA, the employment relationship, or a confidential relationship evident from the dealings.
- There must be unauthorised use or a credible threat of it.
The burden lies on the party alleging breach, who must produce cogent evidence — at minimum to a prima facie standard — of the disclosure, its source in the confidential relationship, its unauthorised character, and resulting damage or a risk of irreparable harm. Brady supplies the underlying equitable principle: a person who receives information in confidence cannot abuse it to the detriment of the discloser.
Remedies: The Injunction Comes First
Interim, perpetual and mandatory injunctions
Injunctive relief is the primary remedy in NDA disputes for a structural reason: once information is out, it cannot be un-disclosed, and money cannot restore the competitive advantage that secrecy conferred. Courts treat the disclosure of trade secrets and proprietary strategy as the paradigm of irreparable harm — which is why well-drafted NDAs expressly acknowledge that breach would cause irreparable injury for which damages are inadequate.
A temporary or interlocutory injunction, restraining further disclosure while the suit is pending, requires the applicant to establish a prima facie case that a valid NDA has been breached, a risk of irreparable injury, and a balance of convenience in its favour. The Karnataka High Court's decision in Homag India Private Limited v. Ulfath Hussain (2016) underlines the urgency courts attach to this relief: it held that the trial court ought to have granted a temporary injunction where a former employee was alleged to have leaked the plaintiff's confidential information to a rival. After trial, a perpetual injunction can permanently bar disclosure, use or possession of the information. Courts may also grant mandatory orders — return of all confidential materials, deletion of copies from personal devices, written certification of destruction — though they are generally reluctant to do so before final judgment absent extraordinary circumstances.
Zee Telefilms itself illustrates the remedy in action: the plaintiff had pitched an original television concept to the defendant, which then launched a show based on it without permission; finding the concept original and sufficiently developed, the court restrained further use and airing of the show.
Damages under Sections 73 and 74
Section 73 of the Contract Act entitles the non-breaching party to compensation for the loss or damage actually caused by the breach. In confidentiality cases the recognised heads include the diminished value of the trade secret, lost profits and business opportunities, increased costs incurred to mitigate the harm (accelerated product development, counter-marketing), and the expense of securing information after the breach. The loss must be proved; courts will not award speculative or unquantifiable damages — a real constraint, since the harm from a leak is often precisely the kind that resists quantification.
Section 74 permits the parties to stipulate the consequences in advance:
"When a contract has been broken, if a sum is named in the contract as the amount to be paid in case of such breach... the party complaining of the breach is entitled, whether or not actual damage or loss is proved to have been caused thereby, to receive from the party who has broken the contract reasonable compensation not exceeding the amount so named..."
A liquidated damages clause spares the claimant the burden of proving actual loss, but courts scrutinise such clauses strictly: the sum must be a genuine pre-estimate of loss made at the time of contracting, compensatory rather than punitive, and proportionate to the information at stake. A figure that looks like a penalty will not be enforced as written — the court will award only what it considers reasonable compensation, and has the power to cut the stipulated amount down.
Profits, performance and the paperwork of compliance
Where the breach has enriched the wrongdoer, the discloser may seek an account of profits — disgorgement of the gains attributable to the misuse, whether earned by the departing employee or the competitor who received the information. Specific performance is available to compel compliance with the contractual obligations themselves: continued confidentiality, return of documents and devices, destruction of copies, adherence to post-termination duties. Courts order it where damages are inadequate or impractical — typically because the value of the information lies in its secrecy, not its market price — and it usually travels together with injunctive relief. NDAs may also contain indemnities, under which loss is triggered by the occurrence of a specified event without proof of breach (recipients commonly negotiate liability caps, and such claims may be treated as debt claims), and fee-shifting clauses entitling the prevailing party to recover legal costs.
Where Every NDA Gives Way
Information the law will not treat as secret
Confidentiality cannot attach to information already in the public domain, or which becomes public without fault of the recipient. Two refinements matter. Information circulating within a limited segment of an industry may still be confidential if not disclosed to the general public; and a recipient who itself caused the publicity by breaching the NDA cannot then invoke the public domain as a defence. The obligation likewise does not cover information the recipient already possessed before disclosure — though the burden of proving prior knowledge sits on the recipient, and courts are sceptical of claims that an employee independently knew an employer's elaborate processes — or information independently developed through lawful means, which in practice demands contemporaneous documentary proof, since courts will probe whether the development was truly independent or subconsciously derived from the disclosed material. Disclosure made with the discloser's explicit, informed consent is no breach at all.
Nor can an NDA reach an employee's general knowledge, skill and experience. Courts consistently distinguish specific trade secrets, which are protectable, from the general industry knowledge and abilities an employee acquires on the job, which are not: no one can be required to unlearn a profession, even one learned partly at the former employer's expense. At the other end of the spectrum, "mere ideas" and generic concepts fail the threshold of protection — confidential information must be identifiable, original and sufficiently developed, the criteria articulated in Zee Telefilms. Where no express NDA exists, an implied duty of confidence can still arise from the relationship, but its scope is narrower, confined to genuine trade secrets and information specifically communicated in confidence.
Disclosures the law affirmatively protects
An NDA yields to legal compulsion. A court subpoena, a regulatory demand from bodies such as the RBI or SEBI, a statutory disclosure requirement or a government investigation all override contractual confidentiality: the duty to comply with legal process sits above the duty to the counterparty. The practice, where possible, is for the compelled party to notify the discloser in advance so that it can seek a protective order limiting or sealing the disclosure.
No NDA can silence a whistleblower. Indian law lacks a comprehensive whistleblower statute for the private sector, but public policy — reflected in the courts' approach, in statutory protection for government-sector whistleblowing, and in legislation such as the Sexual Harassment of Women at Workplace (Prevention, Prohibition and Redressal) Act, 2013 — bars enforcement of confidentiality against a party exposing criminal activity, fraud, corruption, bribery, environmental violations, or threats to public health and safety. For the same reason, an NDA cannot prevent disclosure to regulators, law enforcement or internal compliance functions, and Section 28 of the Contract Act separately voids agreements that restrict a party from enforcing its contractual rights — so an NDA cannot stop anyone from filing suit, defending a claim, complying with discovery or consulting counsel.
The Reasonableness Audit: Scope, Duration, Balance
Even a validly formed NDA must survive a reasonableness review. On scope, sweeping definitions — "all proprietary information", "any information related to the business" — are the classic point of failure: they blur the line between trade secrets and general business information, may capture public domain material, and lack the certainty courts need to enforce. The IIMA practice note on Indian confidentiality drafting puts it bluntly: "A sweeping clause that encompasses all kinds of information will not suffice." Courts favour itemised categories (manufacturing processes, source code, customer lists with purchase histories, financial projections), clear marking requirements and express public-domain exclusions.
On duration, the working rule is that confidentiality in ordinary business information becomes progressively harder to enforce beyond roughly two to five years, because such information loses competitive value over time; genuine trade secrets, by contrast, can be protected indefinitely. Courts weigh the nature of the information (a formula against a pricing strategy), industry practice, the protection genuinely necessary to the discloser's legitimate interest, and the effect on the recipient's future opportunities. Geographic scope is less developed in Indian case law, but a worldwide obligation without justification invites the same restraint-of-trade suspicion. Grossly one-sided or unconscionable NDAs — obligations imposed entirely on one party, or terms oppressive in light of the parties' bargaining power — will not be enforced.
The discloser's own conduct is also audited. A party that failed to mark information as confidential, implemented no meaningful safeguards, or itself made the information public will find its claim weakened or extinguished. And beyond doctrine lie the practical frictions of enforcement in India: proving the source of a leak, quantifying the loss, the time interim relief can take despite its urgency, cross-border enforcement of judgments, and the reality of a mobile skilled workforce.
Criminal Exposure: The Exception, Not the Rule
Breaking an NDA is primarily a civil wrong. Criminal liability requires more — dishonest intent, a digital dimension, or conduct amounting to theft, criminal breach of trust or cheating — but where it exists, the two tracks run in parallel: the information owner can sue for an injunction and damages while simultaneously filing a criminal complaint with the police or the Cyber Crime Cell.
| Provision | Conduct captured | Maximum penalty |
|---|---|---|
| Section 72, Information Technology Act, 2000 | Disclosure of electronic records or information by a person who secured access to them, in violation of a lawful contract or law — the provision engaged by leaks of digitally stored confidential information where an NDA covers it | Imprisonment up to 2 years, fine up to ₹1 lakh, or both |
| Section 66B, IT Act, 2000 | Dishonestly receiving stolen computer resources — e.g., confidential files transferred without authorisation to a personal device or third party | Imprisonment up to 3 years, fine up to ₹1 lakh, or both |
| Section 66D, IT Act, 2000 | Cheating by personation using computer resources — access to confidential systems obtained under false pretences | Imprisonment up to 3 years and fine up to ₹1 lakh |
| Section 303(2), Bharatiya Nyaya Sanhita, 2023 | Theft — misappropriation of documents, devices or prototypes embodying confidential information | Imprisonment up to 3 years, fine, or both |
| Section 316, BNS 2023 | Criminal breach of trust — misuse of information or property entrusted within a confidential relationship (employee, consultant, fiduciary) | Imprisonment and/or fine |
| Section 318(2), BNS 2023 | Cheating — e.g., entering an NDA with no intention of honouring it, or obtaining access to information by dishonest misrepresentation | Imprisonment up to 3 years, fine, or both |
Mens rea is the gatekeeper: an unintentional or negligent disclosure will rarely found a prosecution, while a deliberate breach from which the breacher profits may support both civil and criminal liability. The standard defences track the civil exceptions — the information was not confidential or was already public, no fiduciary or confidential relationship existed, the owner consented, the disclosure was legally compelled, or criminal intent was absent.
A Statute in Waiting: The Law Commission's 2024 Report
The Law Commission of India's Report No. 289 on Trade Secrets and Economic Espionage (2024) proposes to replace the patchwork with a dedicated statutory framework. It defines a trade secret by four criteria: the information is not widely known or accessible; it has commercial value because of its secrecy; its owner has taken reasonable steps to protect it; and its disclosure would damage the holder. The report proposes civil remedies (injunctions, damages, destruction of materials), recommends that trade secret cases be handled by the Commercial Courts, suggests criminal penalties for willful misappropriation, and acknowledges the continuing role of contract, common law and IP statutes. As at June 2026 the proposal had not been enacted, so the contract-led regime described above — with its acknowledged variation in approach across High Courts — remains the operative law. The four-part definition is nonetheless already useful: documenting that information meets these criteria is the strongest available foundation for claiming perpetual protection.
Practical Takeaways
- Define confidential information with specificity — itemised categories and examples, not sweeping formulas. Vagueness is the single most common reason NDAs fail.
- Keep confidentiality and non-compete obligations in separate clauses, and expect only the former to survive; a confidentiality clause that operates as a restraint on future employment will be struck down.
- Match duration to the information: roughly two to five years for ordinary business information; indefinite protection only for genuine, narrowly identified trade secrets.
- Build the injunction case into the document: acknowledgments that breach causes irreparable harm, that damages are inadequate, that the discloser may seek injunctive relief, and that no remedy is exclusive.
- Stipulate liquidated damages only as a genuine, documented pre-estimate of loss — a punitive figure will be cut down under Section 74.
- Include carve-outs for public domain information, legally compelled disclosure, prior knowledge, independent development and lawful third-party receipt, plus an express whistleblower clause preserving disclosure of illegal conduct to authorities.
- Mark information as confidential at disclosure and maintain demonstrable safeguards (access controls, encryption, audit trails) — both for enforceability and to satisfy the Law Commission's trade secret criteria.
- For digital information, remember the criminal dimension: IT Act exposure can support a parallel criminal complaint in serious, deliberate breaches.
- Ensure real consideration and documented voluntary consent, and consider arbitration or mediation clauses to mitigate litigation delay.
Key Authorities
- Niranjan Shankar Golikari v. Century Spinning & Manufacturing Co. Ltd., (1967) 2 SCR 378 (Supreme Court) — restraints during employment fall outside Section 27; post-employment restraints are enforceable only if partial, reasonable and protective of interests such as trade secrets.
- Superintendence Company of India (P) Ltd v. Krishan Murgai, (1981) 2 SCC 246 (Supreme Court) — an employer cannot stipulate freedom from competition but may protect its trade secrets and confidential information.
- V.F.S. Global Services Pvt. Ltd. v. Suprit Roy, 2008 SCC OnLine Bom 1083 (Bombay High Court) — confidentiality clause upheld as no restraint of trade; two-year post-employment non-compete severed and struck down. Source
- Zee Telefilms Ltd. v. Sundial Communications Pvt. Ltd. (Bombay High Court, 2003) — three-element breach-of-confidence test; injunction granted against a show built on a confidentially pitched concept. Source
- John Richard Brady v. Chemical Process Equipment P Ltd, 1987 SCC OnLine Del 236 (Delhi High Court) — information received in confidence cannot be abused to the discloser's detriment.
- Bombay Dyeing & Manufacturing Co. Ltd. v. Mehar Karan Singh, (2010) 7 Mah LJ 48 (Bombay High Court) — narrowly drafted confidentiality obligations bind a director and survive termination where the protected information is specifically identified.
- BLB Institute of Financial Markets Ltd. v. Ramakar Jha, OMP 241/2008 (Delhi High Court, 2009) — the restraint-of-trade doctrine applies once the contract ends, and to all contracts, not employment alone.
- Homag India Private Limited v. Ulfath Hussain (Karnataka High Court, 2016) — interim injunction ought to issue where a former employee is alleged to have leaked confidential information to a rival.
- Indian Contract Act, 1872, Sections 27, 28, 73 and 74 — restraint of trade, agreements barring legal proceedings, and the damages framework.
- Information Technology Act, 2000, Sections 72, 66B and 66D — criminal liability for digital confidentiality breaches.
- Bharatiya Nyaya Sanhita, 2023, Sections 303, 316 and 318 — theft, criminal breach of trust and cheating as applied to misappropriated confidential information.
- Law Commission of India, Report No. 289, Trade Secrets and Economic Espionage (2024) — proposed statutory trade secrets framework; not yet enacted.
This analysis reflects the law as at June 2026. It is published for general information and does not constitute legal advice.