NDAs

Mutual vs One-Way NDAs: Which One Are You Actually Signing?

May 2, 20268 min read
Mutual vs One-Way NDAs: Which One Are You Actually Signing?

The distinction nobody explains before they hand you the form

Most NDAs look identical on the first page. Same defined terms. Same boilerplate about "Confidential Information." Same five-year duration. Buried in the definitions, though, is the single question that decides whether this contract protects both sides or just one: who is the "Disclosing Party"?

If only one party is the Disclosing Party and the other is the Receiving Party, you've signed a one-way (unilateral) NDA. Whatever you tell them is protected; whatever they tell you is not. If both parties are defined as Disclosing and Receiving, you've signed a mutual (bilateral) NDA. Each side's information gets the same protection.

This sounds minor. It is not. Knowing which one you're signing — and pushing for the right one in the right situation — changes whether the NDA actually does its job.

When a one-way NDA is correct

One-way NDAs exist for a reason and aren't inherently unfair. They make sense when only one party is sharing sensitive information:

  • Vendor evaluations. A company is considering buying your software. They're not sharing anything secret with you; you're sending them sample data, architecture diagrams, and pricing models. One-way (you as Disclosing Party) is fine.
  • Investor pitches with a real moat. A founder pitches an investor. The founder is sharing the deck, financials, and roadmap. The investor isn't sharing trade secrets — they're sharing opinions and a term sheet template. One-way (founder as Disclosing Party) is appropriate.
  • Hiring conversations for sensitive roles. A startup wants to interview a candidate for a senior role and discuss specific projects, customers, or unreleased products. One-way (employer as Disclosing Party) is normal.

The pattern: in each case, the information flow is genuinely lopsided. A mutual NDA would just be ceremonial.

When you're being handed the wrong kind

The misuse case is far more common: a one-way NDA in a situation that should be mutual. Some examples:

  • Two companies exploring a partnership. Both will share roadmaps, technical capabilities, and customer lists. If the bigger party hands the smaller one a unilateral NDA in their favor, the smaller party walks away protecting nothing of their own.
  • A founder sharing IP with a potential co-founder or contractor. The founder shares the product. The contractor shares their methodology, prior work, and proprietary techniques. One-way NDAs in either direction leave one side exposed.
  • M&A early-stage discussions. Both buyer and seller share sensitive financials, customer information, and operational details. A one-way NDA here is almost always a draft that needs to be flipped to mutual.
  • Beta tester agreements that go further than testing. A unilateral NDA "to protect the beta product" is normal, but if the beta tester is being asked for product feedback that the company will use to improve the product, the tester's contributions deserve their own confidentiality protection.

The test: if both sides will actually disclose anything meaningful, the NDA should be mutual. If you find yourself disclosing under a one-way NDA where you're listed as the Receiving Party, you've signed away your ability to use your own shared information freely while getting no protection in return.

How to tell at a glance

Open the NDA. Read the first paragraph and the definitions section. You're looking for one of three patterns:

Pattern A — One-way (you protected):

"Discloser" means [Your Company]. "Recipient" means [Other Party].

Pattern B — One-way (you exposed):

"Discloser" means [Other Party]. "Recipient" means [Your Company].

Pattern C — Mutual:

"Disclosing Party" and "Receiving Party" each refer to either party in its respective capacity, depending on which party is disclosing or receiving Confidential Information at any given time.

Any other phrasing — "the Parties may from time to time disclose," "each Party agrees to protect" — is mutual. If only one party is named throughout, it's one-way.

What to ask for if it should be mutual

The fix is mechanical, not philosophical. Most lawyers can convert a unilateral NDA to a mutual one in 10 minutes by:

  1. Replacing defined terms. "Discloser" and "Recipient" become "Disclosing Party" and "Receiving Party," and the definitions are restructured so each party plays both roles depending on the context of the disclosure.
  2. Mirroring obligations. Every "Recipient shall…" becomes "the Receiving Party shall…" so both sides are subject to the same duties.
  3. Mirroring exceptions. If the unilateral version includes exceptions for "information independently developed by Recipient," that needs to apply to both sides under the mutual version.
  4. Mirroring remedies. Injunctive relief, indemnification, and damages should run in both directions.

If the other side resists converting to mutual, that's information. Either they don't believe they'll be sharing anything sensitive (in which case mutual is harmless — make them sign it), or they do plan to share but want to retain freedom to use your information without reciprocal restraint. Both answers tell you something.

A few clauses that matter regardless of mutual vs one-way

The unilateral/mutual question is the most important framing decision, but a few other clauses can quietly defang either type:

  • Definition of "Confidential Information." Look for "marked or identified as confidential at the time of disclosure" — this means anything not labeled is unprotected. For oral disclosures, look for a 30-day window to follow up in writing.
  • Term and survival. Confidentiality obligations should survive termination, typically 3–5 years post-disclosure (some "trade secrets" carve-outs continue indefinitely).
  • Permitted disclosures. Required disclosures to lawyers, accountants, and government bodies should be carved out. Subpoena response should require notice to the disclosing party where legally permitted.
  • Return or destruction of materials. On termination, the receiving party should be required to return or destroy all copies, with written certification.
  • Residuals clause. Watch for "Recipient shall be free to use any 'residual' information retained in the unaided memory of its personnel." This clause sounds harmless and is not. It effectively legalizes using your confidential information as long as the recipient doesn't write it down.

The 60-second pre-signature check

  1. Find the defined parties. One-way or mutual?
  2. If one-way and you'll be sharing anything meaningful — stop. Ask for mutual.
  3. Find the Confidential Information definition. Does it require labeling? If yes, build labeling into your workflow before disclosure.
  4. Find the term. Is it open-ended or capped? 3–5 years post-disclosure is normal.
  5. Find any "residuals" language. Strike it unless you genuinely don't care.

The NDA you sign in 30 seconds is the same NDA you'll be subject to for years. Five extra minutes of reading is the cheapest insurance you'll buy this quarter.

Ready to analyze your own document?

Upload it now for $4.99 and get instant plain-language analysis.

Written by the GetPlainDoc Team
We make complex documents understandable in any language.

This article is for informational purposes only and does not constitute legal advice.

Share this article

Related Articles

Analyze Your Own Document

Get instant plain-language analysis in minutes. Know exactly what you're signing.