Log in

No account? Create an account

Previous Entry Share Next Entry
Google's Evil NDA

Tomorrow I am going to interview over at Google. Before I do so, I need to sign an NDA which states, among other things, that I'm not allowed to tell anyone I'm interviewing over there, or indeed, to mention the name of Google at all. So I'm going to do all that now and get it out of my system, so I'm not tempted to violate the agreement after I've signed it. Since linking the entire NDA would likely violate Google's copyright on the document, I'll just quote sections of it below:

  • The biggest flaw, to my mind, is the lack of any expiration date. Clause 8, "This Agreement shall remain in effect until such time as all Confidential Information of Google disclosed hereunder becomes publicly known and made generally available through no action or inaction of Participant." Since some of the information "disclosed hereunder" will only ever be known to me and Google (see next bullet), this means that the NDA lasts forever. Technology moves fast — certainly it must be possible to put some time limit on the information I might (inadvertently) receive. 3 years? 5 years? 10? 20?
  • The definition of "Confidential Information" in section 2 includes, "the terms of any agreement and the discussions, negotiations, or proposals related to any agreement." So, according to the NDA, I can't even tell my mother (not an "employee, director, agent, or third party contractor", even if she signs a Google NDA herself) what salary or options are in any Google offer. I'd like to ask my friends at Google, say, what ballpark compensation I might expect, but under the terms of their NDAs they couldn't tell me either. Further, since it's highly unlikely that the terms of my offer become "publicly known ... through no action or inaction of Participant" this bullet combined with the previous makes the agreement eternal.
  • I can never mention Google again in any public statement after I sign this NDA:
    4. Participant agrees not to do the following, except with the advanced review and written approval of Google: (a) issue or release any articles, advertising, publicity, or other matter relating to this Agreement (including the fact that a meeting or discussion has taken place between the parties) or mentioning or implying the name of Google."
    So, after I sign this NDA, I can't tell you that I've done so. (Luckily, I haven't signed it yet.) I have crossed out "mentioning or implying the name of Google" in my copy, as I simply cannot in good conscience promise never to "mention or imply the name of Google" in public (say, on this blog) ever again. What lawyer wrote this crap?
  • The third clause of item 4, whose first clause is above, is:
    [4] (c) reverse engineer, disassemble, decompile, translate, or attempt to discover any prototypes, software, algorithms, or underlying ideas which embody Google's Confidential Information.
    As the NDA is very loosey-goosey about what, exactly, Google considers Confidential Information — nowhere in the NDA does is say that Confidential Information will be marked or identified in any way — this may effectively forbid me ever to take apart any of Google's software. US law allows me to (for example) reverse engineer for compatibility (what Ed Felten calls the Freedom to Tinker), and as a practicing computer scientist I'd rather not forfeit those rights for all time for all Google code. Time-limiting the NDA or clearly marking Confidential Information may have made this term less objectionable. One may also attempt to argue that "Confidential Information" is limited to stuff I directly observe or is presented to me — for example, if I'm told that there's some secret at the heart of Google Mail, I can't ever "view source" in my browser to try to discover what it is, but that I'm still free to view the source of (say) Google Calendar. I'd prefer that to be the case, but the language used in the NDA is:
    2. Google may disclose certain information under this Agreement it considers confidential and/or proprietary concerning Google's business and/or technology ("Confidential Information") including, but not limited to...
    Is the Confidential Information only that information which Google discloses, or is there a broad swath of Confidential Information owned by Google, some of which it may disclose, but all of which I'm forbidden to "attempt to discover"?
  • Finally, item 5 provides that "If Confidential Information is required to be produced by law, court order, or other governmental demand... Participant must immediately notify Google of that obligation," regardless of the fact that disclosure of a National Security Letter is illegal. Not that this possibility is likely, but it is just one more term with which it could be impossible to comply.

I have signed NDAs with other companies which seemed entirely reasonable. The Google NDA, however, seems to fly directly in the face of Google's reported "Do No Evil" motto. What's more, after tomorrow I may be entirely unable to complain about it — and I expect that current Google employees are similarly contractually bound not to comment. But while I can, let me say: this stinks!

UPDATE: A quick google for "Google NDA" turned up several more complaints about the Google NDA, such as this one from Colin Percival. Valleywag reproduces the entire Google NDA, so you can read it in its entirety yourself. Further, I've written an amendment to the NDA which remedies its faults as I see them. If I can get Google to agree to at least term 2 of this amendment, then you'll hear about my experiences here tomorrow.

UPDATE x2: I crossed out some terms before I signed the NDA this morning. At the end of the interview (4 or so hours later) my recruiter returned to tell me that he'd talked to his supervisor and it turns out that I could have not signed it at all. (Thanks for checking, Jeff!) They'll still talk to you if you decline. In fact, when you arrive at Google they ask you to sign a different NDA (a much less evil one) in order to get a visitor's badge, and it turns out that you can decline that as well: your badge will have a big red "No NDA" label or some such on it, but no harm done. So, my advice to future interviewees: be brave! Just decline the NDAs, and ask your recruiter to check with their boss if that makes them nervous. It would probably be a good idea to warn your recruiter first if you plan to do this, so that the boss-checking won't throw off the schedule. It will be all right.

Tags: , ,

  • 1
wow. that does seem pretty over-the-top.

Shouldn't there be a limitation in time NDA, by law? IANAL (even less in USofA), so it is a serious question.

So, even though there is far less software available for the Mac, for me there's enough , and enough is all I need.

All NDA's binding individuals are evil

NDAs are devices to bind corporations - not human beings.

Never sign them as an individual.

Either your employer trusts you to respect their commercial secrets, or they do not.

They can make every effort to bring the importance of continued commercial secrecy to your attention, and how your continued employment depends upon the care you demonstrate in maintaining this secrecy, but NDAs are simply unethical frighteners (and as ineffective as disclaimers at the foot of e-mails).

Funny, I've actually seen this NDA in action. A friend and coworker of mine went to Google last year and couldn't tell us where he was headed or what he was doing -- we just chalked it up to him being secretive. We only found out about him being employed there through some weird rumor mill.

It seemed almost comical at the time. Still sort of does...

Clearly NOT legal advice.

This is not legal advice

In my experience as a law school graduate waiting for results of the California Bar Exam, you cannot be bound by a contract that required you to do something illegal. Regardless of whether or not you sign this contract, you cannot be bound by the portion that requires you to illegally disclose your receipt of a National Security letter.

Again, this is not legal advice <-- the lawyers make me say this or I can get in trouble for illegally giving legal advice without a license.

Does Google have headquarters in Boston, or would you be moving to Cali? Other than this poorly drafted paranoid contract, I have heard only good things about Google, I heard that the founders are all Burning Man folks and it seems that they treat their employees really well other than making them sign away their firstborn. ;-) Best of luck with all your decision making over the next few weeks. I know that with a quality resume like you've got it will mostly be a matter of you choosing where you want to work and who you want to grace with your presence and your giant computer crunching brain.
Cheers hun.

This is not legal advice.

I asked my friend who lawyer and he says you cannot copyright contracts by their very nature.

(Before you sign it, I would assume that means you can feel free to post it online)

Unless they know him personally they can't say why he posts what he does. If you don't like his site, don't visit it.

As a result of the slashdot article, I've posted my own experiences dealing with Amazon and A2Z NDAs. They have the same trademark stupidity.


Tap once for yes, twice for no.

  • 1

Log in

No account? Create an account