Desktop version

Home arrow Computer Science

  • Increase font
  • Decrease font


<<   CONTENTS   >>

Source Code Escrow Agreements

Checklist

What Type of Escrow?

□ Two-party

□ Three-party

□ Self-escrow

Release Conditions

□ Insolvency of vendor

□ Filing of voluntary or involuntary bankruptcy proceedings that remain undismissed

□ General assignment for the benefit of creditors

□ Ceasing to provide support and maintenance services

□ Breach of the license agreement

Key Issues to Be Addressed in Software License

□ Requirement that source code be escrowed

□ Identify approved escrow agent

□ Definition of “source code”

Identify release conditions

□ Require vendor to update the source code to reflect current version of the software

□ Identify all relevant fees and the responsible party

□ Include right to request verification services from the escrow

- Include cost shifting to vendor if verification fails

□ On the occurrence of a release condition, include right for customer to use and modify the software to provide its own support

Techniques

□ In critical applications, include right for the customer to use a consultant to verify the source code is well written and documented.

  • - Nondisclosure agreement with consultant
  • - Termination right for customer in the event of adverse findings

□ Consider requiring the vendor to deposit names and contact information of key developers in the escrow

□ Ensure the escrow company is well established and financial viable

Overview

Whenever a customer enters into a license agreement for software, it takes the risk that the vendor may go out of business, file bankruptcy, or, simply, cease providing support. Depending on how critical the software is to the customer, these events could be catastrophic, stranding the customer with a piece of software for which it has no means of support. If the investment in licensing the software is substantial (e.g., hundreds of thousands or, even, millions of dollars in fees, protracted implementation), the customer must have some means of protecting itself. While conducting vendor due diligence—particularly with regard to financial wherewithal—is clearly one of the most important protections, careful customers also generally require the vendor to “escrow” the source code for its software. In this chapter, we discuss what “escrowing” means, the types of escrow arrangements, the real-world benefits of escrowing, and common issues.

While this chapter focuses on the use of source code escrows, we should point out that another option may be available in a limited number of instances. That option is a service some escrow companies are now offering that has nothing to do with traditional source code escrow. Rather, the escrow company enters into an agreement with the vendor to fully implement a copy of its software on servers hosted by the escrow company. In the event the vendor ceases to do business, files bankruptcy, etc., the customer can obtain instant access to the version already being hosted by the escrow company. This is not a perfect solution. It is only available in limited instances, and the customer must accept very limited contractual protections from the escrow company. It is, at best, a temporary solution to be used while transitioning to a replacement vendor.

What Does It Mean to Escrow Source Code?

Almost all commercial software is licensed so that the customer only receives the object code version of the application. Hie object code is the version of the software that can be read and understood by a computer, but not by humans. To modify the software, fix bugs, and otherwise maintain and support the application, one must have the source code (i.e., the version of the programming that can be understood and edited by humans). The source code is generally considered a very valuable trade secret of the vendor and carefully protected. In most instances, no customer is ever granted access to the source code.

As mentioned in the introduction, there may be circumstances in which the customer must have access to the source code or face significant harm (e.g., if the vendor declares bankruptcy or ceases to support the software). To protect against those circumstances, the concept of a “source code escrow” was created. A source code escrow is, basically, an arrangement where the vendor entrusts its source code to a third-party escrow agent who holds the source code in trust until a “release condition” occurs (e.g., the vendor files for bankruptcy protection, or the vendor ceases to do business). In the event of a release condition, the escrow agent is contractually bound to furnish a copy of the source code to the customer. If the vendor disputes the existence of a release condition, the escrow agent will hold the source code until a dispute resolution process is completed. That process can take many weeks or, even, months.

Professional escrow companies have their own form agreements for their engagements. They require their customers to use those agreements and, except for release conditions, those contracts are generally nonnegotiable. It is very rare for an escrow company to agree to use contracts drafted by third parties.

 
<<   CONTENTS   >>

Related topics