Contract Review

    How to Review an NDA with AI (Step-by-Step)

    JE
    Judicio Editorial TeamLegal Technology Experts
    Feb 10, 2026Updated Apr 23, 202612 min read
    A lawyer using AI to review a non-disclosure agreement with page-cited findings and a redline export

    TL;DR: An NDA looks short but hides real risk in how it defines confidential information, what it carves out, how long secrecy survives, and what remedies apply. This guide walks through reviewing an NDA with AI step by step - telling mutual from one-way, pressure-testing each clause, and running a Document Review checklist with priority levels and page-cited findings that you export as a tracked-changes redline. The AI does the first pass; you decide what is acceptable.

    The non-disclosure agreement is the most-signed contract in commercial life and the one most often signed without a real read. Because NDAs feel routine, they get rushed - yet a loose definition of confidential information, a missing carve-out, or a perpetual survival period can bind a client for years. This guide shows how to review an NDA properly and quickly, using AI to do the heavy reading at scale while you keep the judgment that decides whether a term is acceptable. For the broader method, our explainer on what AI contract review is is a useful companion.

    What is an NDA, and why does it deserve a careful review?

    A non-disclosure agreement - also called a confidentiality agreement - is a contract under which one or both parties agree to protect information the other shares and to use it only for an agreed purpose. NDAs precede almost every deal: a financing round, an acquisition, a vendor evaluation, an employment relationship, a joint venture. They often set the tone for the negotiation that follows, which is why getting them right matters more than their length suggests.

    The stakes are easy to underestimate. The agreement governs trade secrets and commercially sensitive material, and a poorly drafted one can leave a client unable to enforce secrecy or, the other way round, saddled with obligations it never intended. Because the underlying asset is often a trade secret, the way the NDA defines and protects information interacts with the law of confidentiality and trade secrets - the United States Legal Information Institute has a clear primer on what a trade secret is and how it is protected. The NDA is the contractual layer on top of that, and it is the layer you control through review.

    Mutual or one-way: which kind of NDA are you reviewing?

    The first question to settle is structural, because it changes how you read every clause that follows. In a one-way (unilateral) NDA, only one party discloses confidential information and only the receiving party takes on obligations - common when a company shares material with a prospective vendor or investor. In a mutual (bilateral) NDA, both sides disclose and both are bound, which is the norm when two businesses explore a partnership and each will reveal sensitive material.

    The distinction is not cosmetic. A narrow definition of confidential information, a short survival period, or a generous carve-out helps the receiving party and hurts the discloser. In a one-way deal you know which side of that line your client sits on; in a mutual deal, every term cuts both ways, so a clause that protects your client as discloser may expose it as recipient. The practical first step in any NDA review is to confirm the structure, identify which role your client plays, and read the rest of the document through that lens.

    Which clauses matter most in an NDA?

    NDAs are short, but a handful of clauses carry almost all of the risk. These are the ones to read closely - and the ones an AI checklist should be tuned to flag.

    Defining confidential information

    The definition is the foundation of the agreement, because it sets the scope of everything the recipient must protect. Watch for two failure modes. A definition that is too narrow - limited, say, to material expressly marked confidential - leaves the discloser unprotected when information is shared verbally or without a label. A definition that is too broad can be unworkable for the recipient, sweeping in information it already knew or could have developed independently. The best definitions cover written, oral, and visual disclosures, with a sensible mechanism for confirming orally disclosed information in writing within a set window.

    Exclusions and carve-outs

    Standard exclusions free the recipient from liability for information that is, or becomes, public through no fault of its own; was already known before disclosure; is received lawfully from a third party; or is independently developed without using the disclosed material. These carve-outs are normal and fair, but they should be precisely drafted. Loose exclusions - for example, an independent-development carve-out with no requirement that it be genuinely independent and documented - can swallow the protection the discloser thinks it has.

    Term and survival

    Two periods matter and are often confused: the term of the agreement (how long disclosures can be made under it) and the survival period (how long confidentiality obligations last after the term ends). A common negotiation point is whether obligations survive for a fixed number of years or, for genuine trade secrets, for as long as the information remains secret. Perpetual survival on ordinary commercial information is frequently resisted as impractical, so flag survival language and check it against what the information actually is.

    Permitted disclosures and legal compulsion

    A recipient usually needs to share confidential information with its own staff, advisers, and affiliates on a need-to-know basis, and the clause should require those recipients to be bound by equivalent obligations. Equally important is the compelled-disclosure provision: if a court, regulator, or law compels disclosure, the recipient should typically be permitted to comply, but only after giving prompt notice (where lawful) so the discloser can seek protection, and only to the extent legally required. Missing or one-sided compelled-disclosure language is a frequent review finding.

    Return or destruction of information

    On expiry or termination, the recipient should return or destroy the confidential material and, often, certify that it has done so. Modern clauses recognise practical limits: routine backups and copies required by law or internal compliance policy are usually allowed to remain, subject to continuing confidentiality. Check whether the obligation is triggered on request, on termination, or both, and whether the certification requirement is realistic for the recipient to meet.

    Non-solicit and non-circumvention

    Some NDAs reach beyond confidentiality to include non-solicitation (not poaching staff or customers) or non-circumvention (not bypassing a party to deal directly with its contacts). These are substantive obligations that do not belong in every NDA, and their enforceability varies by jurisdiction. When they appear, read them as you would any restrictive covenant - scope, duration, and reasonableness all matter - and flag them for a deliberate decision rather than treating them as boilerplate.

    Governing law, remedies, and injunctive relief

    Finally, check the governing law and forum, and the remedies clause. Because money damages are often inadequate for a breach of confidence, NDAs commonly state that the discloser may seek injunctive relief, sometimes without posting a bond. Confirm the governing law suits your client, that the remedies are mutual where the NDA is mutual, and that any liquidated-damages or indemnity language is proportionate. For a wider tour of the clauses that recur across commercial contracts, see our contract review checklist of essential clauses.

    How do you review an NDA with AI, step by step?

    With the clauses in mind, here is a workflow that uses AI for speed and coverage while keeping you in control of every decision. Upload once into the File Library and the same file feeds every tool, so you never re-upload.

    • Step 1 - Upload and orient. Drop the NDA into the File Library, or import it from Google Drive, OneDrive, SharePoint, or iManage. Automatic extraction surfaces the parties, dates, defined terms, and governing law, so you confirm the structure (mutual or one-way) and your client's role at a glance.
    • Step 2 - Run a checklist. In Document Review, start from an NDA template, let the tool suggest checks, or ask your own questions. Each check carries a priority - MUST, SHOULD, or NICE-TO-HAVE - and where useful an acceptable, fall-back, and unacceptable position, so the output is triaged rather than a flat list.
    • Step 3 - Read the findings. Every finding cites the exact page, section label, and quoted clause, with a risk level and a confidence signal. You read the clause behind each flag instead of re-reading the whole agreement.
    • Step 4 - Decide and redline. For each finding, use the per-finding AI Fix to generate a suggested edit, then Refine it to be softer, stronger, shorter, or more precise; or Edit it yourself; or Accept it; or Flag it with a note for a colleague to consider. You stay the decision-maker on every change.
    • Step 5 - Export. Produce a tracked-changes Word file, a redline or clean PDF, or a summary of the issues to send to the other side or your client.

    Because the review runs as a server-side job with an up-front time estimate, you can close the tab and come back to the result - useful when you are turning around a stack of NDAs under time pressure. For the wider discipline of speeding up review without cutting corners, see how to review contracts faster.

    What does an NDA review checklist look like?

    A good NDA checklist mixes presence checks (is the clause there?) with quality checks (is it acceptable?), and assigns a priority so the serious gaps stand out. The table below is an illustrative starting point; in Document Review each row becomes a check with a typed answer and a page-cited finding.

    CheckPriorityAnswer typeWhat good looks like
    Definition of confidential informationMUSTTextCovers written, oral, and visual disclosures with a confirmation mechanism
    Standard exclusions presentMUSTYes/NoPublic domain, prior knowledge, third-party, and independent development carve-outs
    Purpose limitationMUSTTextUse restricted to the defined purpose only
    Survival periodMUSTDateA defined period appropriate to the information, not open-ended for ordinary data
    Compelled-disclosure carve-outMUSTYes/NoPermits legally required disclosure with prompt notice where lawful
    Return or destruction obligationSHOULDYes/NoTriggered on termination or request, with realistic backup exceptions
    Remedies and injunctive reliefSHOULDTextEquitable relief available; mutual where the NDA is mutual
    Non-solicit or non-circumventionNICE-TO-HAVETagFlagged for a deliberate decision, not assumed

    You can save a checklist like this as a reusable template so every NDA is reviewed against the same standard, which is how teams keep their positions consistent across reviewers. Our AI contract review guide goes deeper on building checklists and playbooks.

    How do you export a redline and finish the review?

    Once you have worked through the findings, the redline almost writes itself. In the results view, the document panel shows the original, the issues, a redline, and a clean copy as tabs, so you can preview exactly how your accepted edits read in context before you send anything. Each suggested change can be previewed spliced into the document, and the AI Fix suggestions carry a match percentage so you can see how closely a proposed edit tracks your instruction.

    When you are satisfied, export a tracked-changes Word file for the other side to review in their own system, a redline PDF for a cleaner visual record, a clean copy for signature, or a summary of issues for your client or file. If you would rather keep working in an editor - adding a clause, benchmarking a provision, or finding supporting authority for a position - you can promote the document into Drafting and continue there. For the mechanics of AI-assisted redlining specifically, see our explainer on AI redlining.

    What must a lawyer still verify?

    AI makes NDA review faster and more consistent, but it does not decide what is acceptable. A checklist can tell you the survival period is perpetual or that the compelled-disclosure carve-out is missing; only you can judge whether that matters for this counterparty and this information. So the verification habits are short and non-negotiable: read the cited clause behind every finding, confirm the structure and your client's role, and check that any restrictive covenant or remedy is enforceable in the governing jurisdiction before you rely on it.

    Keep confidentiality front of mind too, because NDAs themselves are often shared under confidentiality. Judicio does not train its models on your uploads, hosts on Google Cloud Platform, and provides role-based access with a full audit trail, which is a sensible baseline for sensitive deal documents. Used this way, AI removes the drudgery of reading without removing the judgment that makes the review worth anything - and outputs are not legal advice.

    How do you get started with Judicio?

    Pick the next NDA on your desk and run it through Document Review alongside your usual read. Upload once, run an NDA checklist, work through the page-cited findings, and export a tracked-changes redline - then compare the time against reviewing it by hand. If you handle NDAs in volume, the Review Matrix lets you ask the same questions across multiple agreements at once. You can see the whole feature set from one workspace.

    You can try it on your own documents with a 7-day free trial - 500 credits, no credit card required. Professional access is $200 per month for 5,000 credits. For a walkthrough tailored to your team's NDA workflow, get in touch. The tool does the first pass at speed; you keep every decision that matters.

    Frequently Asked Questions

    AI is well suited to NDA review because the document is structured and the issues recur: the definition of confidential information, carve-outs, term, survival, permitted disclosures, and remedies. A good tool runs a checklist across the agreement and cites the exact page and clause behind every finding, so you verify quickly. It does the first pass; you decide whether each term is acceptable for the deal.

    In a one-way (unilateral) NDA, only one party discloses confidential information and only the receiving party takes on obligations. In a mutual NDA, both sides disclose and both are bound. The distinction changes how you read almost every clause, because a term that favours the disclosing party helps you in a one-way deal but cuts both ways in a mutual one. Always confirm which structure you are reviewing first.

    Start with the definition of confidential information and its exclusions, because they set the scope of everything else. Then check the purpose limitation, the term and survival period, the permitted disclosures (including compelled legal disclosure), the return-or-destruction obligation, and the remedies. A definition that is too narrow leaves the discloser unprotected; one that is too broad can be unworkable for the recipient.

    Yes. After Document Review flags issues, you can apply or edit suggested changes and export a tracked-changes Word file, a redline PDF, a clean copy, or a summary of the issues. You can also refine a suggested edit to be softer, stronger, shorter, or more precise before you accept it. The export reflects your decisions, not the AI's alone, because you accept, edit, or flag each finding.

    No. AI speeds up reading, checking, and first-draft redlining, but whether a survival period, a carve-out, or a liability position is acceptable depends on the relationship and the risk appetite behind the deal. Those are judgment calls that stay with the lawyer, and outputs are not legal advice. The reliable pattern is AI for speed and coverage, the lawyer for the decision.

    TopicsContract ReviewNDAsDocument ReviewDraftingLegal AI

    Ready to Transform Your Legal Workflow?

    Try Judicio free for 7 days — no credit card required.

    Start Free Trial

    Related Articles

    Get started

    Bring cited AI to your practice

    Run your first review free in minutes — or book a demo and see Judicio on your own matters.

    Free trial · No credit card required