A client NDA arrives before the project brief, sometimes even before the first real conversation. Sign this, they say, so we can discuss the details. Most of the time it’s routine. Occasionally it’s not, and the difference isn’t visible until you’ve read it carefully enough to know which one you’re dealing with.

A systematic approach to reviewing a client NDA takes about 15 minutes. That’s enough time to know whether you’re signing something standard or something that deserves a conversation.

Start With the Definition of Confidential Information

This section tells you what you’re actually agreeing to keep secret. A tight, specific definition, categories of information like financial data, product plans, customer lists, technical specifications, is reasonable and workable. A broad, catch-all definition like “all information shared or observed in connection with this engagement, including oral communications” covers everything you see, hear, or discuss, regardless of sensitivity.

Broad scope definitions create problems in two directions. First, ordinary business conversations become subject to the NDA, you can’t discuss the nature of the work with your accountant without potentially breaching the agreement. Second, they’re difficult to comply with in practice because you can’t identify the boundary. Standard confidentiality has a boundary. “Everything” doesn’t.

What you want to see: a specific definition, or a mechanism like “information marked Confidential in writing, or if disclosed orally, confirmed in writing within 30 days.” What you should push back on: scope language that covers all information in any form without qualification.

Check the Duration

Two to three years is the standard duration for most commercial confidential information. Five years is long but not unusual for genuinely sensitive technical information or trade secrets. Perpetual, “this Agreement shall remain in effect indefinitely” or simply no end date, is an NDA that never expires. Duration is one of those terms most freelancers miss entirely — the basics of freelance NDAs explains what standard looks like so you can spot when something isn’t.

A perpetual NDA means that whatever you learn during a three-month project could theoretically be restricted forever. Courts in many jurisdictions imply a reasonableness standard even for perpetual NDAs, but “implied reasonableness” only gets established through litigation, which costs more than any freelance dispute is worth.

If the NDA has no end date, propose one: “I’d like to add a three-year term on the confidentiality obligations. Happy to discuss if certain categories of information warrant a longer period.” That’s a professional, specific request with a reasonable alternative. Most clients will accept it.

Look for Portfolio and Work-Use Restrictions

This is the clause that quietly affects your career for years if you miss it. Watch for language that classifies deliverables and work product as confidential information, “all work product, deliverables, and drafts shall be treated as Confidential Information.” This means you cannot show the work in your portfolio, reference it in a case study, or mention the client’s name publicly.

The restriction may be entirely reasonable for genuinely sensitive work, a financial services firm’s internal tools, an unreleased product for a public company. But for most freelance projects, the client’s interest is in protecting business information, not in preventing you from ever mentioning that you did the work.

Propose a portfolio carve-out if one isn’t already there: the right to reference the client’s name and describe the general nature of services rendered, without disclosing actual confidential business information. This is a standard clause in professional service agreements. Understanding what clauses protect you means knowing which ones to add, not just which ones to scrutinize.

Find Any Non-Compete or Non-Solicit Language

NDAs sometimes contain restrictions that have nothing to do with confidentiality, they’re embedded in the document in a way that makes them easy to sign without noticing. Look for: restrictions on working with the client’s competitors, restrictions on approaching the client’s clients or partners, and restrictions on disclosing the existence of the relationship itself.

Non-compete and non-solicitation clauses affect what work you can take, not just what you can say. They belong in a separate section of a contract with their own scrutiny, their own scope, duration, and negotiation. An NDA is not the right vehicle for them, and their presence inside an NDA signals that they were written or reviewed carelessly, or that someone is hoping you won’t notice them.

If you find these clauses, flag them explicitly: “The NDA appears to contain non-compete and non-solicitation provisions. I’d like to review these separately, they go beyond confidentiality and affect my ability to take other work.” That’s a professional observation, not an accusation. If you’re unsure what a freelance contract should and shouldn’t include, the freelance contract checklist gives you a term-by-term reference.

Assess the Remedy Language

What happens if you breach the NDA? In most commercial NDAs, the remedy is a civil damages claim, the client can sue you for actual losses caused by the disclosure. This is the standard and appropriate remedy. Some NDAs include language about injunctive relief (court orders stopping you from doing something) or liquidated damages (a predetermined penalty amount).

Injunctive relief is reasonable in some contexts, if you’re about to publish a client’s trade secret, the client should be able to get a court order quickly. A liquidated damages amount should be proportionate to the actual risk and loss, a fixed penalty of $50,000 for disclosing information that caused $2,000 in actual harm is a penalty clause and may not be enforceable, but it’s worth flagging.

What you’re looking for is proportionality. The remedy should reflect the real risk of disclosure, not a number designed to make the NDA feel threatening regardless of actual harm.

When to Push Back on a Client NDA

Push back when: the scope is undefined or covers everything; there’s no end date; deliverables and work product are classified as confidential without a portfolio carve-out; there are non-compete or non-solicitation provisions embedded in the confidentiality language; or the remedy language includes disproportionate penalties.

Push back professionally. Not as objections but as proposed alternatives: “I’d like to add a portfolio carve-out here, can we add language allowing me to reference the project for marketing purposes without disclosing confidential information?” One specific request with a specific alternative is a professional negotiation. A list of concerns without alternatives is harder to act on.

Most clients, especially larger organizations, are accustomed to counterparties marking up NDAs. Legal teams expect it. What signals a problem is a client who reacts to a professional, specific request as if you’ve accused them of something.

When to Refuse

Refuse, or at minimum consult a lawyer before signing, when: the NDA contains a non-compete that would prevent you from working in your field or with any of the client’s competitors; the remedy includes unlimited personal liability or criminal penalties for ordinary commercial breach; the scope covers information so broadly that you could not realistically know what you’re agreeing to keep secret; or the client refuses to negotiate any term at all, including ones that directly affect your ability to practice your profession.

The patterns that distinguish difficult clients from abusive contracts aren’t always in the behavior before signing, sometimes they’re in the document itself. A client who sends an NDA with a 5% per day liquidated damages clause and no portfolio carve-out, and won’t discuss either, has told you something important about how the project will go.

Most NDAs don’t warrant refusal. Most warrant 15 minutes and possibly one specific request. The ones that warrant refusal are recognizable once you know what you’re looking for, and now you do.