A mutual non-disclosure agreement protects confidential information flowing in both directions, so when two companies share secrets to explore a deal, neither can use or leak what the other reveals. Most templates get the basics right and then miss the two things that decide whether the NDA actually holds up: a defensible definition of what is confidential, and a federal whistleblower notice the law requires. This guide shows you when to use a mutual NDA, what to include, what makes it enforceable, what it cannot do, and gives you a clear structure to copy.
The short answer
A mutual (bilateral) NDA binds both parties to keep each other's confidential information secret, used when both sides disclose, such as in a partnership, merger, or joint venture. Use a unilateral NDA when only one side shares. To be enforceable it needs a clear definition of confidential information, standard exclusions, a reasonable scope and duration (often one to five years, longer for trade secrets), consideration, and a legitimate business purpose. Two things most templates omit: the federal Defend Trade Secrets Act whistleblower-immunity notice (required to keep double damages and attorney's fees on the table), and an awareness that an NDA cannot bar reporting illegal conduct or, since the 2022 Speak Out Act, cover pre-dispute workplace sexual harassment or assault.
This article is general information for a U.S. audience, not legal advice, and confidentiality law varies by state. For a high-stakes deal or an employment NDA, have an attorney review the agreement.
Need the NDA today?AI Lawyer drafts a clean, ready-to-sign mutual NDA from a few questions: parties, what is confidential, the term, and the required notices. Free to try, no credit card.
A mutual non-disclosure agreement, also called a bilateral or two-way NDA, is a contract in which both parties agree to protect each other's confidential information. Each side is both a discloser and a recipient, so each is bound to keep the other's secrets, use them only for the agreed purpose, and not share them with outsiders. It is the standard NDA when two companies exchange sensitive information to evaluate a deal.
The "mutual" part matters because it makes the obligations even-handed. A partnership, merger talk, or joint venture involves both sides opening their books, so a one-way NDA would leave one party exposed. The mutual form puts the same duty on everyone at the table.
Mutual vs unilateral NDA: which do you need?
Use a mutual NDA when both sides will disclose confidential information, such as a partnership, merger, or joint venture. Use a unilateral (one-way) NDA when only one side discloses, such as an employer to an employee, or a startup to a contractor. Using the wrong one hurts you: a one-way NDA where both share leaves one party unprotected, and a mutual NDA where only one shares hands the other party obligations they do not need.
Match the NDA to who is actually disclosing: one-way, two-way, or among several parties.
Type
Who is bound
Typical use
Unilateral (one-way)
Only the receiving party
Employer to employee, company to contractor
Mutual (bilateral)
Both parties
Partnership, merger, joint venture, vendor talks
Multilateral
Three or more parties
A deal among several companies at once
The practical test: list who will actually share confidential information. If it is both sides, you need a mutual NDA. If it is genuinely one direction, a unilateral NDA is cleaner and stronger for the discloser.
What should a mutual NDA include?
A solid mutual NDA names the parties, defines confidential information clearly, lists the standard exclusions, limits how the information may be used, sets the term and survival, spells out the return or destruction of materials, states the remedies for breach, and includes the required federal whistleblower-immunity notice. The definition and the exclusions carry the most enforceability weight.
The anatomy of an enforceable mutual NDA, from the parties through to remedies.
Clause
What it should say
Parties
Both parties, each as discloser and recipient
Confidential information
A clear, specific definition of what is protected
Exclusions
Public, already known, independently developed, or legally compelled
Use restrictions
The information is used only for the stated purpose
Term and survival
How long the duty lasts, and what survives termination
Return or destruction
What happens to materials when the deal ends
Remedies
Injunction and damages for breach
Required notices
The DTSA whistleblower-immunity notice (see below)
Signatures
Both parties sign and date
The clause people write too loosely is the definition of confidential information. Too vague and a court may refuse to enforce it; too narrow and your real secrets fall outside it.
What makes an NDA enforceable, and how long should it last?
Courts treat an NDA like any contract: it needs clear consent, consideration, and a legitimate business purpose, and it must not violate public policy. The most common reasons an NDA fails are a vague or overbroad definition of confidential information and an unreasonable scope or duration. A confidentiality term of one to five years is widely enforceable, with longer or perpetual protection generally reserved for genuine trade secrets.
Factor
Enforceable
Risky
Definition
Specific, identifiable categories of information
"Everything we ever discuss"
Duration
One to five years, longer for true trade secrets
Perpetual on ordinary business information
Scope
Tied to a legitimate purpose
Sweeping restrictions unrelated to the deal
Purpose
Protects real confidential information
Suppresses lawful reporting or competition
Set the term to the life of the information. Pricing and roadmaps may matter for a couple of years; a formula that is a true trade secret can be protected as long as it stays secret. Tying the duration to the type of information is what keeps it reasonable.
The notice most NDAs forget: DTSA whistleblower immunity
Federal law requires an immunity notice in any agreement that governs an employee's use of trade secrets or confidential information, including NDAs. Under the Defend Trade Secrets Act (18 U.S.C. §1833(b)), a person cannot be held liable for disclosing a trade secret in confidence to the government or an attorney solely to report or investigate a suspected violation of law, or in a sealed court filing. If your NDA leaves this notice out, you lose the right to recover exemplary (double) damages and attorney's fees in a DTSA case.
This is the single most overlooked clause in NDA templates, and it has a real price. The notice does not weaken your NDA; it simply tells the signer they are still allowed to report illegal conduct. Omitting it does not void the agreement, but it strips away two of the most powerful remedies the federal trade-secret law offers.
You can satisfy the notice by including the immunity language directly in the NDA, or by cross-referencing a separate policy document that sets out the employer's reporting policy. Either way, the notice must exist for agreements that touch trade secrets, so build it into your standard template.
What a mutual NDA cannot do
An NDA cannot be used to hide illegal conduct or to stop someone from reporting a crime or a legal violation to authorities, and courts will not enforce provisions that try. Since the federal Speak Out Act of 2022, a non-disclosure or non-disparagement clause signed before a dispute arises cannot bar claims of workplace sexual assault or sexual harassment. NDAs still protect genuine trade secrets and proprietary information.
The boundaries to keep in mind:
It cannot silence reports of illegal activity or override whistleblower protections.
It cannot, under the Speak Out Act, cover pre-dispute workplace sexual harassment or assault claims.
It cannot bind someone without consideration or a legitimate purpose.
It cannot be so broad or perpetual that it stops ordinary competition or lawful speech.
Within those limits, a mutual NDA remains a strong tool for protecting trade secrets, pricing, customer data, and the other information a real deal depends on.
Common mistakes to avoid
The mistakes that make NDAs fail are predictable: a vague definition of confidential information, a perpetual or unreasonable term, using a mutual NDA when only one side discloses, omitting the DTSA whistleblower notice, and trying to cover conduct the law will not let you restrict.
Defining confidential information as "anything shared," which courts may refuse to enforce.
Setting a perpetual term on ordinary business information instead of one to five years.
Using a mutual NDA when only one party actually discloses, diluting that party's protection.
Leaving out the DTSA whistleblower-immunity notice and forfeiting double damages and fees.
Drafting clauses that try to suppress lawful reporting, which a court will strike.
Frequently asked questions
What is the difference between a mutual and a unilateral NDA?
A mutual NDA binds both parties to protect each other's confidential information and is used when both sides disclose. A unilateral NDA binds only the receiving party and is used when one side discloses, such as an employer to an employee. Match the NDA to who actually shares information.
Are NDAs enforceable in court?
Yes, when they meet ordinary contract requirements and are reasonable. Courts enforce NDAs that have a clear definition of confidential information, a reasonable scope and duration, consideration, and a legitimate purpose. They refuse to enforce vague, overbroad, or perpetual NDAs, or any provision that suppresses lawful reporting.
How long should a mutual NDA last?
A confidentiality term of one to five years is common and widely enforceable for ordinary business information. Genuine trade secrets can be protected for as long as they remain secret. Tie the duration to how long the information actually stays sensitive rather than choosing an arbitrary perpetual term.
What must be included for the agreement to hold up?
A clear definition of confidential information, standard exclusions (public, already known, independently developed, legally compelled), use restrictions, a reasonable term, remedies for breach, and the required DTSA whistleblower-immunity notice. The definition and the exclusions are the parts courts scrutinize most.
What is the DTSA whistleblower notice and do I need it?
It is a notice, required by the federal Defend Trade Secrets Act, telling signers they are immune for disclosing a trade secret to the government or an attorney to report a suspected violation of law. You need it in any NDA that governs trade secrets, because omitting it costs you the right to recover double damages and attorney's fees under the DTSA.
Can an NDA stop someone from reporting harassment or a crime?
No. An NDA cannot bar reporting a crime or illegal conduct to authorities. Since the 2022 Speak Out Act, a pre-dispute NDA or non-disparagement clause also cannot cover claims of workplace sexual assault or sexual harassment. NDAs still protect legitimate trade secrets and proprietary information.
What happens if someone breaches a mutual NDA?
The non-breaching party can seek an injunction to stop further disclosure and sue for damages. A well-drafted NDA states these remedies, and where trade secrets and the DTSA notice are in play, the federal law can add exemplary damages and attorney's fees. Keep records of what was disclosed and when.
Do I need a lawyer to write a mutual NDA?
For a routine deal a solid, current template is often enough, especially one that includes the DTSA notice and reasonable terms. For a high-value transaction, an employment context, or complex trade secrets, a lawyer is worth a review. An AI tool can produce a strong, compliant first draft.
Sources and references
Defend Trade Secrets Act, 18 U.S.C. §1833(b), whistleblower immunity and the employer notice requirement (Cornell LII).
Speak Out Act of 2022 (S.4524), limiting pre-dispute NDAs and non-disparagement clauses for workplace sexual harassment and assault.
General U.S. contract-law principles on NDA enforceability, reasonable scope, and duration (Bloomberg Law and practitioner guidance).
Protect both sides, properlyDraft a mutual NDA that actually holds up.AI Lawyer builds a ready-to-sign mutual NDA from a few questions, with a defensible confidentiality definition, a reasonable term, and the required whistleblower notice built in. Free to start, no credit card required.Start free with AI Lawyer →
%22%2F%3E%3Cline%20x1%3D%22120%22%20y1%3D%2286%22%20x2%3D%22200%22%20y2%3D%2286%22%20opacity%3D%22.85%22%2F%3E%3Cline%20x1%3D%22120%22%20y1%3D%22110%22%20x2%3D%22200%22%20y2%3D%22110%22%20opacity%3D%22.6%22%2F%3E%3Cline%20x1%3D%22120%22%20y1%3D%22134%22%20x2%3D%22184%22%20y2%3D%22134%22%20opacity%3D%22.6%22%2F%3E%3Cline%20x1%3D%22120%22%20y1%3D%22158%22%20x2%3D%22200%22%20y2%3D%22158%22%20opacity%3D%22.45%22%2F%3E%3Cline%20x1%3D%22120%22%20y1%3D%22182%22%20x2%3D%22168%22%20y2%3D%22182%22%20opacity%3D%22.45%22%2F%3E%3C%2Fg%3E%3Cg%20fill%3D%22%235b3df5%22%3E%3Cpath%20d%3D%22M214%2036%20l7%2018%2018%207%20-18%207%20-7%2018%20-7%20-18%20-18%20-7%2018%20-7%20z%22%2F%3E%3Ccircle%20cx%3D%22250%22%20cy%3D%2292%22%20r%3D%224%22%20opacity%3D%22.8%22%2F%3E%3C%2Fg%3E%3C%2Fsvg%3E)