For in-house counsel drafting and enforcing NDAs in Ontario, the essentials are a precise definition of confidential information, a duration of two to five years (or indefinite for true trade secrets), carve-outs for legally required disclosure, and an express Ontario governing-law clause. For enforcement, preserve evidence, send a cease-and-desist letter, and pursue an interlocutory injunction under section 101 of the Courts of Justice Act alongside damages.
Since Ontario's Working for Workers Act, 2021 restricted most employee non-competition agreements, the non-disclosure agreement has become the front-line tool for protecting competitive information. That shift has pushed the drafting and enforcement of NDAs from "routine paperwork" to a core in-house counsel responsibility. At Hadri Law, our corporate and commercial team drafts and litigates confidentiality agreements across Ontario and cross-border contexts, and we see the same preventable issues repeatedly: vague definitions, unclear duration, and an enforcement plan that only gets invented after a leak occurs.
This guide walks through the clauses every NDA should contain, the drafting pitfalls that make NDAs unenforceable, how to tailor the agreement by use case, and the enforcement playbook to follow when a breach happens.
Why NDAs Matter More Than Ever for In-House Counsel
Before 2021, many Ontario employers relied on a combination of non-competition, non-solicitation, and confidentiality clauses. The Working for Workers Act, 2021 amended the Employment Standards Act, 2000 to prohibit most employee non-competition agreements, with narrow exceptions for certain executives and sale-of-business contexts (ontario.ca/laws). The practical result for in-house counsel is that the NDA and the confidentiality covenant are now doing more of the work they used to share with non-competes.
Canadian courts are generally willing to enforce properly drafted NDAs. The Supreme Court of Canada in Cadbury Schweppes Inc. v. FBI Foods Ltd., [1999] 1 S.C.R. 142 confirmed that the unauthorized use of confidential business information can give rise to liability and to equitable compensation, even in the absence of a written contract (CanLII). A well-drafted NDA strengthens that position by defining the information, the permitted use, and the consequences of misuse in writing.
What courts will not do is rescue a poorly drafted agreement. Overly broad, vague, or indefinite confidentiality clauses are routinely read down or struck out. The strength of the NDA template you approve now will determine whether your enforcement options are real or theoretical later.
Core NDA Clauses Every In-House Counsel Should Include
A defensible NDA for Ontario use should include each of the following elements. Missing one is usually what makes an NDA unenforceable in practice.
Identification of the parties. Name the disclosing party and the receiving party with full legal names. Specify whether the agreement is one-way (unilateral) or mutual. In an M&A or joint-venture context, mutual NDAs are standard because both sides exchange sensitive information.
Definition of confidential information. This is the single most important clause. Define the category broadly enough to capture what matters, but concretely enough that a judge can tell what is in and what is out. List examples: trade secrets, customer and supplier lists, pricing, financial data, strategic plans, source code, product roadmaps, and technical specifications. The phrase "including but not limited to" preserves flexibility without swallowing the definition.
Permitted purpose. State the specific purpose for which the information may be used, such as "evaluating a potential acquisition of the Disclosing Party" or "performing services under the master services agreement dated [date]." Any use outside that purpose is a breach.
Standard exclusions. The definition should not cover information that is publicly known through no fault of the recipient, that the recipient independently developed without reference to the confidential information, that was lawfully received from a third party without a confidentiality obligation, or that is legally required to be disclosed.
Duration. For ordinary commercial information, a term of two to five years is typical and more likely to be enforced than an indefinite period. For genuine trade secrets that retain their value through secrecy, confidentiality can be drafted to continue for as long as the information remains a trade secret and reasonable steps are taken to protect it.
Return or destruction of materials. On termination or written request, require the recipient to return or destroy confidential information and to certify destruction in writing.
Remedies acknowledgement. Include language confirming that damages may be inadequate and that the disclosing party is entitled to seek injunctive relief without posting security. Courts decide on injunctions themselves, but the clause reinforces the parties' shared expectation.
Governing law and forum. Specify Ontario law and the Ontario Superior Court of Justice. For cross-border deals, confirm jurisdiction, recognition, and enforcement of foreign judgments will work in practice.
No obligation to proceed. Make clear that signing the NDA does not commit either party to enter into any transaction.
Drafting Pitfalls That Make NDAs Unenforceable
Overbroad definitions are the most common problem. If the NDA purports to cover "all information of any nature concerning the Disclosing Party," Ontario courts are likely to read that as unreasonable and read the clause down, particularly in an employment context.
Indefinite duration for ordinary business information is another trap. Courts prefer reasonable, finite terms. Reserve indefinite or "as long as it remains confidential" language for true trade secrets.
Missing carve-outs for legally required disclosure create real problems when the recipient is later served with a subpoena or a regulatory production order. The carve-out should require prompt notice to the disclosing party and reasonable cooperation to seek a protective order.
Unspecified governing law, especially in cross-border deals, invites forum disputes that can cost more than the underlying breach. Silence is not neutral.
One-size-fits-all templates cause problems when used for high-stakes transactions. The NDA you use for a routine vendor evaluation is rarely the right document for a live M&A process or a clinical-trial collaboration.
Failing to specify who inside the recipient organization can access the information weakens enforcement. A well-drafted NDA limits disclosure to employees, advisors, and affiliates who have a need to know and who are themselves bound by confidentiality obligations at least as protective.
Tailoring NDAs by Use Case
Employees and independent contractors. Keep the scope tied to the role. Integrate the confidentiality obligations with the written employment or contractor agreement rather than signing a separate NDA afterward. Because non-competes are largely off the table in Ontario since 2021, the NDA plus a properly drafted non-solicitation of customers and employees now carries more of the protective load.
M&A and due diligence. Longer confidentiality terms are appropriate. Add non-solicitation of employees and key customers for the duration of the exclusivity period and a defined tail. For highly sensitive competitive data, use a "clean team" provision that restricts access to named individuals who are not involved in day-to-day competitive decision-making.
Vendor and supplier relationships. Focus the definition on technical specifications, pricing, supply chain, and process know-how. Coordinate the NDA with any services or supply agreement so that the two documents do not contradict each other on term, remedies, or governing law.
Investor and venture discussions. Sophisticated venture investors typically resist NDAs at the pitch stage. Rather than force the issue, use staged disclosure: share high-level information freely, reserve sensitive technical and customer detail for later stages, and require an NDA before opening a formal data room.
Mutual versus unilateral. Use unilateral when only one side is disclosing, such as a potential customer receiving product information. Use mutual where both sides exchange sensitive information, which is the norm in M&A, joint ventures, and strategic partnerships.
Enforcing NDAs: The In-House Counsel Playbook When a Breach Occurs
A suspected breach is not the moment to start thinking about enforcement. A prepared in-house counsel moves through a set sequence.
Preserve evidence first. Capture the evidence of disclosure, unauthorized use, or destination of the information before any outreach. That may include screenshots, email and message logs, device and system access records, and witness statements. Avoid tipping off the counterparty before you have the evidence you need.
Confirm the scope of the breach. Identify what was disclosed, when, to whom, and the likely competitive harm. An internal investigation, often in parallel with outside counsel, is essential before any external step.
Send a cease-and-desist letter. A properly drafted letter identifies the agreement, describes the breach, demands that use and further disclosure stop immediately, requires the return or destruction of materials, and sets a deadline for written confirmation. In some cases a well-timed cease-and-desist resolves the matter without litigation.
Consider an interlocutory injunction. Section 101 of Ontario's Courts of Justice Act gives the Superior Court authority to grant an interlocutory injunction where it is "just or convenient" to do so. The governing test from RJR-MacDonald Inc. v. Canada (Attorney General), [1994] 1 S.C.R. 311 requires the moving party to show (i) a serious issue to be tried, (ii) irreparable harm that damages cannot adequately compensate, and (iii) a balance of convenience favouring the injunction (CanLII). NDAs are well suited to this framework because, once confidential information is public, money alone cannot put the genie back in the bottle.
Pursue damages. Remedies can include actual damages, lost profits, an accounting of the wrongdoer's profits, or a reasonable royalty reflecting the value of the information used. The Cadbury Schweppes decision frames equitable compensation where traditional damages are difficult to quantify.
Seek punitive damages where conduct warrants. Punitive damages are available in Canadian civil cases where the defendant's conduct is high-handed, deliberate, or otherwise deserving of condemnation. They are the exception, not the rule.
Escalate to criminal or regulatory authorities if appropriate. Where the conduct may amount to theft of trade secrets, fraud, or breach of fiduciary duty, the matter may warrant a referral to law enforcement or a regulator in addition to the civil claim.
Preventive Measures for In-House Counsel
Enforcement is expensive. The best protection is a program that reduces the chance of a breach in the first place.
Maintain a master NDA template that is reviewed at least annually. Keep a register of every executed NDA, including counterparty, scope, duration, and expiry so that obligations do not silently lapse. Integrate NDA obligations with employee and contractor offboarding checklists, including reminder letters and the return of devices and materials. Train sales, business development, and R&D teams on when an NDA is required before discussions begin. Layer technical controls, such as role-based access, encryption, data-loss prevention, and audit logs, alongside the contractual protections. Document the need-to-know for each disclosure.
Frequently Asked Questions
Are NDAs enforceable in Ontario?
Yes, when the agreement is clear, reasonably scoped, supported by consideration, and protects a legitimate business interest. Ontario courts generally enforce properly drafted NDAs and are willing to grant injunctive relief in appropriate cases. Overbroad or vague NDAs may be read down or struck out by the court.
How long should an NDA last?
For ordinary commercial information, a term of two to five years is typical and defensible. For genuine trade secrets that retain value through secrecy, the confidentiality obligation can continue for as long as the information remains a trade secret and reasonable protective measures are maintained.
Can I get an injunction quickly if confidential information is leaked?
Yes, where the test for interlocutory relief is met. Under section 101 of the Courts of Justice Act and the RJR-MacDonald framework, the moving party must show a serious issue, irreparable harm, and that the balance of convenience favours the injunction. NDAs often fit this framework because disclosed confidential information generally cannot be un-disclosed.
What damages are available for breach of an NDA?
Actual damages, lost profits, an accounting of the defendant's profits, or a reasonable royalty based on the value of the information used. The Cadbury Schweppes decision confirms equitable compensation where damages are difficult to calculate. Punitive damages may be available in egregious cases.
Can NDAs be enforced against former employees in Ontario?
Yes. Reasonable confidentiality obligations in employment contracts survive the end of employment and are generally enforceable. Because most non-competes are now prohibited for employees in Ontario, a carefully drafted NDA and non-solicitation clause now carry more of the protective weight.
What if the counterparty is outside Canada?
Specify Ontario law and jurisdiction, and assess whether an Ontario judgment will be recognized and enforceable in the counterparty's home jurisdiction. In some cross-border matters it is worth using a local-law NDA or a parallel agreement to streamline enforcement.
Sources & Official Resources
Ontario Statutes Cited
- Courts of Justice Act, R.S.O. 1990, c. C.43, Section 101 Interlocutory Injunctions
- Employment Standards Act, 2000, Non-Compete Prohibition (Part XV.1)
Legislation Cited
Leading Cases Cited
- Cadbury Schweppes Inc. v. FBI Foods Ltd., [1999] 1 S.C.R. 142 (CanLII)
- RJR-MacDonald Inc. v. Canada (Attorney General), [1994] 1 S.C.R. 311 (CanLII)
Contact Hadri Law
If your company needs a defensible NDA template, a tailored agreement for an M&A or commercial transaction, or counsel to lead an enforcement response after a suspected breach, getting experienced legal advice early protects both the information and the business relationship.
Hadri Law's corporate and commercial team drafts, negotiates, and litigates confidentiality agreements for companies across Toronto, the GTA, and cross-border transactions. Call (437) 974-2374 for a free consultation. We serve clients in English, French, Spanish, and Catalan.
This article provides general information and is not legal advice. Every situation is different. Contact a lawyer to discuss your specific circumstances.
