It's a Monday morning, you're sitting at your desk, and the first contract of the week lands in your inbox. The business team is eager to move forward, but as in-house counsel, you know your job is more than just a rubber stamp. Each contract is a minefield of potential risks and opportunities, and you are the shield that protects your company from unintended consequences. You begin to review the draft agreement that, on its face, seems straightforward—but you know better. The devil is in the details.
As you carefully review the contract, you ask, does it accurately reflect the contemplated relationship between the parties? Does the contract provide optimal protection for your company and its information? Does it address the use of novel technology like generative AI? Does it appropriately plan for dispute resolution? These are just a few questions that may be overlooked but should be scrutinized.
The hidden dangers of agency relationship
You start with the basics: What kind of relationship does this contract create? The business folks are focused on deliverables and deadlines, but you're scanning for something subtler—a hidden agency relationship. You recall that the courts don't care what the parties call their relationship. If the facts show one party is acting on behalf of and under the control of another, an agency relationship—and all the fiduciary duties that come with it—can spring into existence, even if no one intended it. These will include the duties of good faith and loyalty, disclosure, avoidance of conflicts of interest, care, and accounting. These duties can transform a typical contract dispute into something far more challenging.
You remember cautionary tales. How a stray phrase like "for the benefit of" or "in the best interests of" or "in confidence and trust" can transform a basic contract relationship into a fiduciary one. Suddenly, your company could be on the hook for the actions of a third party, facing not just contractual damages but tort claims and even punitive damages. You search the draft contract for these phrases and duties, making a note to strike or clarify them.
You also look for any language that might give the other party the right to bind your company or act as its representative. Even a well-meaning indemnity or disclosure clause can tip the scales toward agency if it suggests too much control or authority. You remind yourself to always include clear non-agency language and be wary of any provision that could be read as creating a relationship of trust or confidence beyond what is strictly necessary.
A non-disclosure provision is much more than boilerplate
Next, you turn to the non-disclosure provision. The business team sees this as a formality. But you know that non-disclosure language can be exceedingly consequential in a deal when you are trying to protect valuable business interests, including IP. You've heard how a poorly drafted non-disclosure provision can come back to haunt a company, long after the main transaction has closed.
You start by checking whether the non-disclosure requirement is mutual. In many business transactions, information flows both ways, and you want to make sure your company's confidential information is protected. You scrutinize the definition of "Confidential Information." Is it too broad, sweeping in trivial details, or too narrow, leaving key assets unprotected? You look for requirements that information be marked as confidential, and you make sure that notes, summaries, and derivative materials are covered.
Trade secrets get special attention. You know that under the Uniform Trade Secrets Act, these deserve perpetual protection, so you ensure that the non-disclosure provision distinguishes between general confidential information and trade secrets, with the latter surviving even after the agreement expires. Carve-outs are another trap. You've seen non-disclosures gutted by exceptions for information that is "publicly available" or "already known." You tighten the language: information is only excluded if it becomes public through no fault of the receiving party, and prior knowledge must be documented. The definition of "Representatives" is also critical. Who can receive confidential information? You push for a narrow definition—only those who truly need to know—and you insist that the receiving party be responsible for any breaches by their representatives. You consider whether to require that representatives sign a joinder and be personally subject to the non-disclosure requirements. You also think about the end of the relationship. When the deal concludes, what happens to the confidential information? You make sure the non-disclosure provision requires return or destruction (and sworn or at least written confirmation), but you consider allowing for one archival copy, subject to ongoing confidentiality obligations.
Increasingly, you see non-disclosure provisions that go beyond confidentiality—into non-solicitation, noncompete, exclusivity, even standstill provisions. You weigh the business need for these restrictions against the risk of overreach. Are they mutual? Are they practical to enforce? Do they apply to affiliates and representatives? You tailor each provision to the realities of the deal. Indemnification is another challenging battleground. You clarify whether the indemnity covers only breaches of confidentiality or extends to other obligations. You specify whether it applies to intentional, negligent, or even no-fault breaches, and whether there is a duty to defend. Finally, you consider remedies. You want the right to seek injunctive relief, not just damages, if the other side threatens to disclose your company's confidential information.
Managing the use and risks of generative AI
The next section of the contract deals with GenAI. This is new territory for many, but you've been following the trends. GenAI systems—like ChatGPT, DALL-E, and others—are now part of the business landscape, generating content, analyzing data, and automating tasks. But with innovation comes risk.
You start by insisting on clear definitions. What counts as GenAI under this contract? You include examples and functional descriptions to avoid ambiguity. You require that the counterparty or vendor obtain your company's written consent before using GenAI to perform services or generate deliverables. Before you will even consider giving consent, you want full disclosure: What technology will be used? For what purpose? What data will be input? Where and how will it be stored? For what purposes will it be maintained and for how long? Are there third-party terms or risks you need to know about? You spell out the scope of work. If GenAI is used, what are the deliverables? Who owns the outputs? You make it clear that any content generated for your company is a work-for-hire, owned by your company, and that the vendor will ensure it is original and compliant with copyright laws.
Performance standards are critical when GenAI is being used to provided services to your client. You set minimum uptime, response times, and accuracy thresholds. You require content moderation to prevent harmful or non-compliant outputs, and you reserve the right to audit the vendor's operations and receive regular compliance reports. Data security and privacy are non-negotiable. You require appropriate encryption, access controls, and compliance with all relevant privacy laws. You specify where data can be stored and processed, and you demand prompt notification of any data breaches or incidents.
Liability is another area concern. You allocate responsibility for data breaches, inaccurate or biased outputs, and third-party claims. You require the vendor to indemnify your company for IP infringement, unauthorized disclosures, and regulatory violations. You also address the "black box" problem: GenAI systems can be opaque, making it hard to verify compliance. You require documentation, recordkeeping, and the right to audit your counterparty's use of its GenAI.
Using ADR to manage worst case outcomes
No one likes to think about disputes, but as in-house counsel, you know that even the best business relationships can result in conflict. The final section of your initial review focuses on dispute resolution.
You weigh the pros and cons of arbitration versus litigation. Arbitration offers flexibility, expertise, more confidentiality, and speed—but only if the contract is drafted carefully. You specify the arbitral institution (AAA, JAMS, CPR), the number and qualifications of arbitrators, the governing law (including evidentiary rules), the scope of discovery, and the location of the proceedings. You define the scope of arbitration and who decides arbitrability. You address remedies, including limitations on damages and the availability of class arbitration. Most importantly, you include express confidentiality provisions because arbitration is not automatically private.
You also consider the downsides. Arbitration means no jury trial, limited discovery, and less opportunity for appeal. Arbitration awards are generally final, but parties can agree to appellate review within the arbitral tribunal. It is a best practice to do so in the contract. Arbitration provisions are interpreted like any other contract; there is no presumption of arbitrability. So if arbitration is best for your client, the contract must be clear. If litigation is better for your company, you should specify the forum, jurisdiction, governing law, whether to waive a jury trial (if waivable in the relevant jurisdiction), and recoverable damages (e.g., special, consequential, punitive), prevailing party attorneys' fees, among other things. In the event of a forum selection clause, you should also consider the availability of punitive damages as a remedy and whether it is in the best interest of your client to litigate in state or federal court. In reviewing this section, you should think about whether your client would more likely be a plaintiff or a defendant in any future claim.
If your company is likely to be a plaintiff with a compelling story, you might prefer litigation, where juries can award higher damages, and the threat of a public trial can be a powerful factor in settlement negotiations. On the other hand, if your client is likely to be a defendant and need to protect sensitive information (including the existence of the dispute itself), you may prefer arbitration.
The final review
As you finish your review, you reflect on the role of in-house counsel. Your job is not just to spot risks, but to balance them against business objectives, to tailor each contract to the realities of the deal, and to ensure that your company is protected—not just today, but for the long haul.
You send your comments back to the business team, along with a summary of the key issues and your recommendations. You know that much of your work will never be seen by anyone outside the company, but you take pride in knowing that you are the first and often the last line of defense.
In the world of contracts, there are no shortcuts. Every word, phrase, and provision matters. And as the landscape evolves—with new technologies, regulations, and business models—the need for careful, thoughtful, and strategic contract lawyering has never been greater.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
