Blockchain and NDAs

An ingenious way for DLT to help protect your business

Business secrets are precious little things. They can have a massive impact on a company’s success and, if you’re a founder or entrepreneur, protecting these secrets is paramount to the success of your idea and business. But, at some point, you’ll have to share some of your secrets — it’s pretty much unavoidable. We live in a globalized world and, aside from the threat of IP theft, we still have to collaborate with others all over the globe to achieve our goals. Outsourcing work or collaborating with teams around the globe is a common scenario these days, especially post Covid, with the #WFH revolution. Fortunately, there is a new generation of technological tools to help protect us as we do business around the world.

Secret Secrets

Let’s say your company wants to create a new product or service and needs to hire software developers to implement it. It is pretty much impossible to just hire some developers without telling them what they are going to build. Sharing these secrets poses a risk to your business, so you make use of a formal document to ensure some degree of protection against the proliferation of those business secrets. This formality is known as signing a “non-disclosure agreement,” or NDA. These contain, amongst other things, the definition of secret information and what happens in case of a breach of this agreement. Sometimes the penalties for a breach can be quite bad, so it is in the best interest of all parties to stick to the agreement.

This is all well and fine, but there is a certain problem. Let’s say you hire a software development company in another country, and have them sign an NDA. The receiving party of that non-disclosure contract, the developers, are probably contractors to many different businesses, and the probability that two or more of its customers have a similar business idea is definitely not zero. In fact in many of these global, digital industries it’s even pretty likely. Naturally, your developers should decline a second, conflicting project in order to not risk any problems. [Many won’t, but that’s another topic.]

But what happens if you decide to cancel or postpone your project but leave the NDA active? And what if those developers had already started work and so already had some of your proprietary information? What happens in one of the gazillion possible edge-cases where things are just similar but not the same? Typically, a proper NDA rules that information the receiving party (the developers) already possessed is not covered under the NDA, along with information acquired from third parties without any link to the disclosing party (you). In an ideal world, this would remove all the risks and all parties could go on with their business as usual. Unfortunately, we don’t live in an ideal world.

The worst possible scenario is a nightmare legal battle about who had which information first, who got it from whom and when etc. The most important element in all this is proof of “what” and “when.” Legal proof requires hard facts and a clear timeline. E-Mails and SMS messages are often used as facts, with their timestamp on a server proving the “when.” The attachments or text in the emails are the “what.” But you don’t always have an E-Mail or SMS when you need it, and these messages can sometimes get lost. Sensitive data is also sometimes destroyed, often deliberately. This alterability is one of the biggest problems with digital records.

How to prove something digitally

Now, luckily there is blockchain. One of the cornerstone features of blockchain technology, also known as distributed ledger technology, is that data that has been entered into the ledger cannot be modified later. In other words, anything recorded on a blockchain is permanent and public.

Blockchain is not a server, so it doesn’t have much storage space, but that’s ok. You don’t actually have to upload the documents you want to record. You wouldn’t want to do that anyway, because all data on a blockchain is public. All you’ve got to upload is the unforgeable fingerprint of the data, called the file hash. This is a tiny piece of data, a line of text merely 32 bytes long. The technique to derive a fingerprint from a file is already quite old, and extremely secure. If you apply the same algorithm to the same file you’ll get the same fingerprint. If you modify only a tiny element of the file, say you add a quotation to a document, the fingerprint is totally different.

Now, how is that useful for solving the problem of proof and NDAs? Let’s say you have a PDF that contains some business secrets or proprietary IP. All you’ve got to do is to calculate the fingerprint (the file hash) of this PDF and record it on a blockchain. Nothing secret will be revealed in this process because the document itself never leaves your possession. But, the exact time when you wrote the entry will be retained for all time, along with the unique document fingerprint and the blockchain address of the person who recorded it. As long as you control your private key, you can always prove that address is yours. Of course, you also have to keep that PDF unmodified and you have to protect your private key. But this simple security procedure can help save you a lot of money when it comes to legal proceedings, so this is a small price to pay.

To go back to our example, let’s say you signed an NDA after you created the blockchain entry. And let us assume the worst imaginable happens, that there is a breach of contract and you need to pursue legal action against the development company. All you have to do to demonstrate in court what both parties knew and when is to simply point to the immutable, time-stamped record, a process that is now recognized as credible evidence by most jurisdictions.

Easy, peasy, notarize-y

Being able to self-notarize your documents and contracts like this was never really possible, certainly not with the level of technological security we have today. Luckily, this process couldn’t be simpler, as there are now tools available to do the whole notarization process without any hassle and without having to know any of the details or mechanics of blockchain technology. Our partner Notardec developed a simple mobile app called NOTRZR that can be used for notarizing information, documents, photographs, etc. on the blockchain. You can try it out yourself over on the App Store and Google Play store. This simple, elegant, and incredibly important tool demonstrates the tremendous potential of the technology for use cases beyond speculation, and to make global business that much more secure and trustworthy.

At CoreLedger, we believe that blockchain is a practical technical solution to improve and solve a wide variety of issues across industries and sectors, which is why we try to cut through the hype and focus on real-world applications, not just what’s technically possible.

CoreLedger’s mission is to help businesses of all sizes quickly and affordably access the benefits of blockchain technology. From issuing a simple token to enterprise-grade token economy solutions, we have all the tools you need to quickly and affordably integrate blockchain into your business whether you’re a new startup or a big multinational enterprise.

Interested in our results-focused, real-world approach? Then visit our website for more information, or get in touch with us directly to discuss your project.