NDASentry
Home / Taxonomy / Exclusions
CATEGORY 02 OF 10

Exclusions

Standard carve-outs for information that is public, independently developed, or rightfully received. Missing exclusions trap the recipient in obligations they cannot escape.

Part of The NDA Risk Taxonomy Patterns scored 3 Last updated 26 May 2026
The Question

What is not confidential?

The exclusions clause is the recipient's lifeline. While the definition section (Category 01) names what the agreement covers, the exclusions section names what it doesn't — the categories of information that even a broadly-drafted NDA cannot reach.

Standard exclusions cover four scenarios: information that was already public; information the recipient already knew; information the recipient independently developed; and information the recipient rightfully received from a third party with no duty of confidentiality. A fifth, often separate, exclusion handles compelled disclosure — when a court order or regulator requires the recipient to disclose (covered in Category 05).

An NDA without these exclusions makes the recipient liable for things they never agreed to keep secret in any meaningful sense. An NDA with weak or one-sided exclusions tilts the agreement to the disclosing party's advantage in every dispute that follows.

Legal Background

What every good NDA carves out

Industry-standard exclusions are nearly universal across well-drafted NDAs because U.S. courts will typically read them in even if they're not explicit. A perpetual confidentiality obligation on information that has been published in a newspaper is unenforceable regardless of what the contract says. The exclusions clause makes this explicit so the recipient doesn't have to litigate the point.

The four core exclusions: publicly known (information in the public domain through no fault of the recipient); previously known (information the recipient can document having before the disclosure); independently developed (information the recipient develops without reference to the confidential material); rightfully received (information the recipient legitimately obtains from a third party not bound by confidentiality).

The disclosing party often pushes back on the previously-known and independently-developed exclusions, since these are the ones that create real arguments in disputes. Watch for clauses that try to weaken these by requiring the recipient to prove prior knowledge by 'clear and convincing evidence' or by 'contemporaneous written records' — these heightened burdens shift the risk back to the recipient.

Example Clauses

What this looks like in real contracts

Standard — Four-Part Exclusion "Confidential Information does not include information that (a) is or becomes publicly known through no wrongful act of the Receiving Party; (b) was known to the Receiving Party prior to disclosure; (c) is independently developed by the Receiving Party without reference to the Confidential Information; or (d) is rightfully received from a third party without an obligation of confidentiality."
One-Sided — Recipient Has Higher Bar "Confidential Information does not include information that the Receiving Party can demonstrate, by clear and convincing evidence supported by contemporaneous written records, was known to it prior to disclosure or was independently developed without reference to Confidential Information."
Missing — No 'Required by Law' Carve-out (absence) When the exclusions section omits a carve-out for information required to be disclosed by law, subpoena, or court order, the recipient is in the impossible position of either breaching the NDA or complying with legal process. Compelled-disclosure handling is covered separately in Category 05.
Risk Patterns Scored

What NDASentry flags in this category

2.1 Missing standard exclusions

The agreement omits one or more of the four core carve-outs (publicly known, previously known, independently developed, rightfully received). The recipient is exposed for information that any reasonable contract would exclude from confidentiality, including information that becomes public through other means.

2.2 Narrow or one-sided exclusions

Exclusions are present but burdened with heightened proof requirements ('clear and convincing evidence,' 'contemporaneous written records'), or apply only to one party in a mutual agreement. These patterns shift the evidentiary cost of any dispute toward the recipient.

2.3 Missing 'required by law' exclusion

The agreement does not carve out disclosures required by subpoena, court order, regulatory demand, or other legal process. Without this exclusion, complying with a legal obligation can technically breach the NDA. The handling of compelled disclosure is covered in detail under Category 05.

Empirical findings — coming soon

We are scoring a corpus of public NDAs to publish prevalence data for each pattern in this taxonomy. The findings — including what percentage of real NDAs contain the patterns above, broken down by industry and jurisdiction — will appear here when the study is complete.

Common questions

What are standard exclusions in an NDA?
Four core carve-outs from confidentiality: (1) information already publicly known through no fault of the recipient; (2) information the recipient knew before the disclosure; (3) information the recipient independently developed; (4) information rightfully received from a third party not bound by confidentiality. A fifth exclusion typically covers compelled disclosure under legal process.
Can an NDA cover information that's already public?
No, generally not. Even without an explicit exclusion, U.S. courts will refuse to enforce confidentiality obligations on information that is in the public domain. A defensible NDA makes the exclusion explicit so the recipient doesn't have to litigate the point.
What does 'independently developed' mean in an NDA exclusion?
Information the recipient creates or develops without reference to or use of the disclosing party's confidential material. This is one of the most-negotiated exclusions because it determines whether the recipient can later work on projects in the same general area as the disclosure.
Should an NDA exclude information required to be disclosed by law?
Yes. Without a 'required by law' or 'compelled disclosure' carve-out, complying with a subpoena, court order, or regulator demand can technically breach the NDA. Most well-drafted NDAs include this exclusion either in the exclusions section or in a separate compelled-disclosure clause.
Related categories
01
Confidential Information Definition
What the contract treats as 'confidential.' Overbroad definitions create perpetual liability for information the recipient cannot reasonably segregate.
05
Compelled Disclosure
What happens when a subpoena, court order, or regulator demands the confidential information. Burdensome notice requirements or duties to contest legal process shift cost and risk to the recipient.
07
Use Restrictions
What the recipient may and may not do with the information they receive, including whether knowledge retained in memory is still restricted — the heavily-negotiated 'residual knowledge' question.

Score the NDA in front of you.

Drop your PDF. Get a clause-by-clause risk report scored against all ten categories. No account. No email. The document is deleted after the report.

Analyze · $9