ARTICLE
5 February 2026

Reconsidering NDAs: Section 17 Of The Victims And Prisoners Act 2024

WL
Withers LLP

Contributor

Withers LLP logo
Trusted advisors to successful people and businesses across the globe with complex legal needs
Explore Firm Details
A Non-Disclosure Agreement ('NDA'), often colloquially described as a 'gagging order', seeks to prevent parties from sharing information with others.
United Kingdom Corporate/Commercial Law
Chris Priestley,Philip Reed,Alana Petraske
+1 Authors
 Your Author LinkedIn Connections

The End of the 'standard' NDA?

A Non-Disclosure Agreement ('NDA'), often colloquially described as a 'gagging order', seeks to prevent parties from sharing information with others.

NDAs have frequently been used by charities and others for legitimate purposes like protecting their intellectual property, confidential information and, where necessary, facilitating dispute resolution. Their misuse, however, in settlements with ex-employees to silence whistleblowers or to cover up misconduct has led to controversy, intense scrutiny and calls for regulatory and legal reform.

The introduction of section 17 of the Victims and Prisoners Act 2024 ('VPA 2024') has fundamentally altered the regulatory landscape. Charities must now approach NDAs with far greater care, tailoring each agreement to the specific context and ensuring compliance with new statutory requirements and guidance. Over-reliance on templates or boilerplate clauses is risk laden; what worked in the past may now be unlawful.

Section 17 VPA 2024: What's changed?

Section 17 of the VPA 2024, effective as of 1 October 2025, introduced restrictions on the use of NDAs in the context of victims of crime. The law now provides that any NDA or confidentiality clause is void to the extent that it seeks to prevent a victim — or someone who 'reasonably believes they are a victim' — from making disclosures:

  1. ' to any person who has law enforcement functions, for the purpose of those functions being exercised in relation to relevant conduct
  2. to a qualified lawyer, for the purpose of seeking legal advice about relevant conduct
  3. to any individual who is entitled to practise a regulated profession, for the purpose of obtaining professional support in relation to relevant conduct
  4. to any individual who provides a service to support victims, for the purpose of obtaining support from that service in relation to relevant conduct
  5. to a regulator of a regulated profession for the purpose of co-operating with the regulator in relation to relevant conduct
  6. to a person who is authorised to receive information on behalf of a person mentioned in paragraph (1), (2), (3), (4) or (5), for the purpose mentioned in that paragraph
  7. to a child, parent or partner of the person making the disclosure, for the purpose of obtaining support in relation to relevant conduct.'

There are some key points to note:

  • Broad definition of victim: The law covers anyone who has suffered harm as a result of criminal conduct, or who reasonably believes they are a victim. There is no requirement for a police report, charge, or conviction. The definition of victim is broad. The victim does not need to have told anyone about the crime.
  • Scope: The new rules apply to all NDAs signed on or after 1 October 2025. Older agreements are not automatically affected, but any renewal or material variation after this date will trigger the new requirements.
  • Unenforceable clauses: Any NDA provision that seeks to restrict these permitted disclosures is unenforceable. It is not possible to contract out of these statutory rights.

What should charities be doing?

Regularly review and update agreements

  • Charity trustees and executive management should review all current NDAs (which includes settlement agreements) and templates or precedents. While some standard clauses can be a helpful starting point, they may now be unlawful if they do not carve out the full range of permitted disclosures including those under section 17.

Tailor each NDA

  • Every NDA should be tailored to the specific context. Consider:
  • The nature of the confidential information
  • The parties involved
  • The risk of criminal conduct or regulatory breaches; and
  • The need for clear, unambiguous language.
  • Ask the question: does the situation require an NDA at all?

Training

  • Ensure that charity trustees, the executive team, and HR (where applicable) are aware of the new rules and understand when NDAs can and cannot be used.

Communicate transparently

  • Charities should be clear with their employees and departing staff about their rights and obligations. Any perceived attempts to 'gag' victims or discourage lawful disclosures could be unlawful and, at the very least, could have a serious reputational impact.

Avoid oppressive terms:

  • Unreasonable or artificial time limits should be avoided. Particular care is needed where employees or ex-employees are unrepresented.

Conclusion

NDAs should not be seen as routine 'sign as standard' paperwork. The introduction of section 17 VPA 2024 is one of many pieces of legislation (not to mention regulatory and non-regulatory guidance) to come out in the last few years. Charities must treat every NDA as a bespoke legal instrument, drafted with care and in compliance with the requirements. Failure to do so risks not only unenforceable agreements but also significant reputational and legal consequences.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

[View Source]
Authors
Photo of Chris Priestley
Chris Priestley
Photo of Philip Reed
Philip Reed
Photo of Roger Waite
Roger Waite
Photo of Alana Petraske
Alana Petraske
Your Author LinkedIn Connections
See More Popular Content From

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More