I was rather surprised, when I went to have a quick scan for related postings, that the only time NDAs have been mentioned is when various people have been discussing exam questions (or posing very odd exam questions). (Actually, if you just search on NDA you get topics that mention "standards," which says something about the search function on the "community.")
But, regardless of political content, this article does make some really interesting points about NDAs and how to write them.
I recall one time that I was doing some recruiting (among other things) for one outfit. They were in a really specific space, and needed people with really focussed skills. I knew the people that they needed, but I couldn't get anyone to sign up with them because they had created this really draconian NDA, and people who had spent 20 years developing niche skill sets would have been prevented from ever working with anyone else under those terms. (I can tell you this story because the NDA they had me sign only said that I couldn't tell anyone what I learned from them. Since I had been researching their space for ten years I went in knowing what their "proprietary" tech had to be. The only thing I learned from them was that their senior management staff were a bunch of idiots.)
I have had several lawyers tell me that NDA's are as strong as the piece of paper they are printed on trying to support a glass of water with nothing under the paper. In the case of ISC2, it is a demarcation that you will abide by their ethics and they have recourse if you don't.
If you think back, when was the last time headlines were made because someone overstepped the NDA they signed and they were taken to court over it? I'm sure Mr. google could dig up some links but ... I'd rather guzzle my coffee.
Well mostly the power is In not having to enforce, suing someone for breach of an NDA(after you got them to sign) is kind of self defeating, but there are mechanisms such as super-injunctions in the UK(which means it gets reported in ...Australia I Guess), and an uptick in mandatory and binding arbitration on these things, as reported In the media(like pretty recently). “Less courts if you please, it’s an NDA!”
ISC2’s are fairly sensible, and aligned with members interests, if they are sensible, narrow in focus, expire after a given time(when no longer commercially sensitive) they are easier to enforce/do not need to be enforced.
if you look at tighter controls you could well take a look at China where breaching your NDA could/maybe affect your social credit score if you offended the wrong party.