Clauses Explained

Indefinite NDA Clauses: Why 'No Expiration Date' Is a Serious Red Flag

NDA Guard Team·Invalid Date·12 min read

Most NDA red flags involve what the document makes you do. An indefinite duration clause is different — it's about how long you have to do it.

An NDA with no expiration date means your confidentiality obligations follow you indefinitely. You can't discuss the project in a decade. You can't mention the client's name in a case study in five years. You can't reference the work in a portfolio even after the company has pivoted, been acquired, or shut down entirely. The confidentiality obligation outlasts the business relationship, the business itself, and any reasonable definition of what the company is actually trying to protect.

This clause appears often because it's the default in many NDA templates — not because it's legally defensible or because clients actually need perpetual protection. Here's what it means, when it's justified, and how to negotiate your way to something reasonable.

What Indefinite Duration Actually Means

An indefinite NDA clause doesn't always announce itself as "this agreement has no end date." It tends to appear in one of three forms.

The clearest version is an explicit statement: "The obligations of this Agreement shall continue in perpetuity" or "This Agreement has no expiration date." Uncommon, but it happens in startup-stage documents drafted without legal counsel.

More commonly, you'll see a structure where the agreement has a defined term — say, twelve months — but the confidentiality obligations are stated to survive termination indefinitely. The term section says the agreement lasts a year. The confidentiality section says it survives "for so long as the information remains confidential" or "indefinitely after termination." The practical effect is a perpetual confidentiality obligation regardless of the stated agreement term.

The third version uses subjective language that creates ambiguity rather than a hard end date: "so long as the information retains its confidential nature" or "until such time as the information enters the public domain through no fault of Recipient." These clauses seem reasonable on the surface — you're only bound while the information is actually confidential. The problem is that you have no control over or visibility into when that standard is met. A company can argue that its product roadmap from three years ago still hasn't fully entered the public domain. You can't prove otherwise.

All three versions create obligations that don't have a clear, enforceable end point — and that's the problem.

Why Most NDAs Shouldn't Last Forever

The theoretical justification for indefinite confidentiality is that sensitive information doesn't automatically become less sensitive just because time passes. A company's proprietary algorithm or core trade secret might still be competitively valuable ten years later.

That argument is real but narrow. It applies to a specific category of information — genuine trade secrets — and not to the broad "confidential information" definition that most NDAs actually use.

Consider what falls under a typical NDA's confidentiality scope: the client's internal processes, product strategy, financial projections, personnel decisions, vendor relationships, client lists. Almost all of this information loses its competitive sensitivity within a predictable window. The financial projections from a 2024 project are meaningless by 2026. The product strategy that was confidential when you signed has either shipped, been abandoned, or been superseded. The vendor your client was using exclusively in 2024 may have been replaced entirely.

Holding you to confidentiality obligations for information that no longer has any competitive value — and that may be publicly known anyway — serves no legitimate interest. It only serves as leverage: a way to threaten a breach of contract claim if you ever mention the engagement publicly, even in a context the client never actually cared about.

There's also a practical problem. Perpetual confidentiality obligations are difficult to comply with in good faith because you have no reliable way to know what's still sensitive. Years after an engagement, you can't call the client and ask whether a particular detail has been publicly disclosed. The obligation just sits there, creating ongoing compliance risk from a document you signed years ago and may not even still have.

Industry Standard Duration in 2025

Duration norms vary by industry and information type, but there are defensible standards that most lawyers will recognize as reasonable.

1–2 years: Standard for most consulting, freelance, and contractor NDAs. Appropriate when the confidential information is operational — internal processes, project details, client relationships, standard business strategy. Most of this information either becomes stale or enters the public domain within this window.

2–3 years: Common for technology projects involving a product not yet launched. Appropriate when you've been given access to a pre-release product, a feature roadmap, or a technical architecture that has genuine competitive value until launch.

3–5 years: Defensible for genuinely sensitive IP work — proprietary algorithms, novel research, unreleased formulations, or any work where the competitive advantage requires a sustained protection window. Still defined, still bounded.

Perpetual: A red flag in almost every freelance or contractor context. Legitimate for actual trade secrets — the formula for a proprietary compound, a specific patentable process — but trade secrets are already protected by law independently of the NDA. Using a perpetual NDA for general confidential information goes well beyond what the law requires and well beyond any reasonable commercial interest.

If a client insists that their standard business information requires perpetual protection, that's worth examining. Either they have genuine trade secrets (in which case a targeted perpetual clause for that specific information is reasonable, paired with a fixed term for everything else) — or they're using the clause as general leverage, which you should push back on.

What "Survives Termination" Means — And When It's OK

Almost every NDA contains a "survival" clause stating that certain provisions remain in effect after the agreement ends. This is not inherently problematic. A survival clause becomes a problem only when it survives indefinitely without a fixed endpoint.

Survival clauses typically cover: confidentiality obligations, IP assignment, indemnification, and dispute resolution. Applying survival to these provisions makes sense — you wouldn't want confidentiality to evaporate the moment the agreement's formal term ends.

The question is what the survival clause says about duration. These are meaningfully different:

"The confidentiality obligations set forth in Section 3 shall survive termination of this Agreement for a period of three (3) years."

vs.

"The confidentiality obligations set forth in Section 3 shall survive termination of this Agreement indefinitely."

The first is standard and reasonable. The second converts a fixed-term NDA into a perpetual obligation through the survival clause — a common mechanism that's easy to miss if you're scanning the agreement quickly.

When you review an NDA, check two things in sequence: (1) what the stated agreement term is, and (2) what the survival clause says about confidentiality duration. The survival clause governs, not the agreement term.

Example: Risky Clause vs Standard Clause

Here's what indefinite duration looks like in practice, compared to a defensible alternative.

Risky language:

"The obligations of confidentiality set forth herein shall survive the expiration or termination of this Agreement and shall continue in full force and effect for so long as the Confidential Information retains its proprietary nature, without limitation as to time."

This clause has no enforceable endpoint. "So long as the Confidential Information retains its proprietary nature" is determined by the disclosing party's assessment, not yours. You could be in breach of this clause a decade from now and have no practical way to know it.

Standard language:

"The obligations of confidentiality set forth in Section 2 shall survive the termination of this Agreement for a period of three (3) years from the date of termination, after which time Recipient's obligations with respect to such Confidential Information shall cease; provided, however, that obligations with respect to Trade Secrets (as defined by applicable law) shall continue for so long as such information qualifies as a trade secret under applicable law."

This version gives you a defined endpoint for general confidential information while maintaining appropriate protection for genuine trade secrets — a distinction the law already recognizes. Clients with legitimate interests can't reasonably object to this framing.

How to Negotiate a Sunset Clause

When you encounter indefinite duration, request a defined sunset provision. Use language like this as a starting point:

Proposed counter-language:

"The confidentiality obligations in this Agreement shall survive termination for a period of [two (2) / three (3)] years from the date of termination of the advisory/services relationship. Notwithstanding the foregoing, obligations with respect to information that constitutes a trade secret under applicable law shall remain in effect for so long as such information qualifies as a trade secret."

A few notes on deploying this in negotiation:

Lead with the trade secret carve-out. Clients who genuinely have trade secrets will feel heard when you acknowledge their legitimate interests. The carve-out shows you're not trying to gut the clause — you're trying to make it proportionate.

Propose a specific number. Don't ask the client to suggest a term — that anchors the negotiation on their preference. Propose two or three years, which is easy to defend as reasonable, and let them move you from there.

Tie it to the information type. If you're being asked for a longer term, ask what specific information requires it. This forces the client to think concretely about whether their general business information actually needs five or ten years of protection — and usually reveals that it doesn't.

For a full guide to NDA negotiation tactics, read How to Negotiate an NDA as a Freelancer.

What to Do If the Client Insists on Indefinite Duration

Some clients, especially larger enterprises, have standard NDA templates that legal teams will not modify. If you're facing an indefinite duration clause in a take-it-or-leave-it situation, here's how to assess whether to proceed.

Evaluate what information you'll actually receive. If the engagement is short-term and the information you'll be handling is operational rather than proprietary — project briefs, internal process documentation, client communication history — an indefinite confidentiality obligation is annoying but unlikely to meaningfully affect you in practice. The information will be stale long before anyone cares.

Consider what you'd be giving up. The real cost of indefinite duration is portfolio restriction and referenceability. If you can't mention this client in your portfolio or as a reference without risking a breach claim, factor that into the value of the engagement. High-profile clients sometimes come with perpetual NDAs precisely because the association itself is the asset they're protecting.

Ask for a carve-out for general references. Even if the client won't modify the duration, many will agree to a separate clause permitting you to identify the company as a former client without disclosing any substantive details. This preserves your ability to say you worked with them without triggering the confidentiality obligations.

Document your understanding of the scope. Before signing, confirm in writing (an email is fine) what specific categories of information the company considers confidential under the agreement. This doesn't modify the NDA, but it creates a contemporaneous record of what you understood the obligations to cover — which can matter if a dispute arises years later.

For a broader view of which NDA clauses are worth walking away from, read NDA Red Flags.

FAQ

Is an indefinite NDA clause legally enforceable?

In many jurisdictions, yes — courts have enforced perpetual confidentiality obligations when the underlying information is genuinely sensitive and the obligation is otherwise reasonable. The enforceability question is secondary to the practical one: even an unenforceable clause creates litigation risk and negotiating leverage for the other party. Whether or not a court would ultimately side with you, being sued is expensive. Push for defined duration before signing rather than relying on a court to fix it later.

What's the difference between an indefinite NDA and a permanent NDA?

They're the same thing in practical terms. "Indefinite" and "perpetual" both mean without a fixed end date. "Permanent" is less commonly used in contract drafting but carries the same meaning. Any NDA that doesn't specify when your confidentiality obligations terminate — or that terminates them only on a condition you can't verify — is effectively indefinite.

Can I ask a client to add an expiration date to their standard NDA?

Yes, and you should. Most clients expect some negotiation on NDA terms. Frame the request as aligning with industry standard rather than as a request for special treatment: "I typically use a three-year confidentiality term as standard — happy to discuss if your situation requires something different." This positions the current term as the outlier, not your request.

Does an indefinite NDA prevent me from using the project in my portfolio?

It depends on what "use in portfolio" means. If the NDA prohibits disclosure of confidential information and you include details about the project — the client's internal challenge, the solution you designed, outcomes or metrics — that could constitute a breach even years later. If you're only identifying the company by name with a general description of the work category ("mobile app development"), that may be defensible depending on what the NDA defines as confidential. When in doubt, ask for explicit written permission.

Is the duration different for NDAs covering trade secrets?

Trade secrets are a specific legal category — information that derives economic value from not being generally known and that a company takes reasonable steps to protect. NDAs can legitimately protect trade secrets for longer periods because trade secret law itself protects them indefinitely. A standard NDA that mixes trade secrets with general confidential information should ideally separate the two with different duration provisions: fixed term for general confidential information, indefinite (or trade-secret-law-tied) protection for actual trade secrets. If a client says all of their information is a trade secret, that's almost certainly not accurate, and worth pushing back on.


Reviewing an NDA and not sure whether the duration clause is standard or overreaching? Upload it to NDA Guard and get a clause-by-clause risk score in 60 seconds.

Share:Twitter / XLinkedIn

Ready to review your NDA?

Upload your NDA and get a full AI risk report in 60 seconds — free for your first review.

Review my NDA free