 |
What
is a "Source-Code Escrow Agreement"?
By
Jay Hollander
Jay Hollander, Esq. is the principal of Hollander and Company LLC, www.hollanderco.com, a New York City law firm concentrating its efforts in the protection and development of property interests relating to real property, intellectual property and commercial interests, as well as related litigation.
The content of this article is intended to provide general information relating to its subject matter. Providing it does not establish any attorney-client relationship and does not constitute legal advice. Personal advice in the context of a mutually agreed attorney-client relationship should be sought about your specific circumstances. Summary: A
source-code escrow agreement is an important part of any
custom software licensing deal. The agreement allows the
licensee to obtain access to the software's all-important
source code under certain circumstances, such as if the
licensor goes out of business or fails to make required
modifications to the software. This article explains how
a source-code escrow agreement works.
Introduction
For generations, whenever people have had problems with complicated
matters, a reliable adage advised them to go back to the source,
that is, to the beginning. In the custom software field, when
there are problems, licensees are also advised to go to the
source, but the advice here has a slightly different meaning.
Computer
software is a generic name for a long string of code containing
instructions for everything from how to start a program,
to how to run it, to how to interface with data and other
programs.Code for different software programs is not only
written in different computer programming languages, such
as C++ or Visual Basic or others, but is often written
in a style reflecting the programming preferences of the
programmer(s) who designed and wrote it.The use of the
word "code" to describe these computer instructions is
an apt one since, in at least one form, the instructions
are unintelligible to people, understandable only by computers.
This form of computer code is commonly known as the "object
code" or "executable code," so named because the computer
understands and executes the coded instructions that have
been "compiled" or made ready for computer operation.Now,
imagine making a huge investment in such software, which
may have even been created or substantially customized
especially for your business. Imagine further that your
entire business depends upon this software and that any
sustained failure in the software could be critically damaging
to your business.Finally, imagine that the software fails
-- after the programmer goes out of business or refuses
to service your account.Now what?As the adage says, you
try to go to the source to fix the problem. In this case,
the source we're referring to is the "source code," the
other version of computer code that's important to any
licensee. Source code refers to the version of computer
code that is in readable text form, understandable by properly
trained people, rather than computers.It is this form of
code that is essential for licensees to have access to
in order to have any chance of assuring themselves that
they will be able to remedy software problems that may
come up when their original programmers are no longer able
or willing to do so. The only problem is that the source
code is jealously guarded by licensors, since it is essentially
a step-by-step roadmap to their trade-secret intellectual
property
.The Need for a Source-Code Escrow Agreement
Enter
the source-code escrow agreement, a vital component of
any software licensing deal. Unlike the main software license
agreement, the escrow nature of the source code escrow
agreement requires there to be a third party, an escrow
agent, who will hold the source code in trust for the parties,
to be released in accordance with the terms of the agreement.Once
the province of banks, there are now several commercial
source-code escrow companies out there, each of which has
sample escrow agreements that can be used "as is" or tweaked
or junked completely in favor of more deal-specific agreements
drafted between the licensor and licensee. Examples of
such companies and their posted sample agreements are:
Sourcefile Escrow Services, Lincoln-Parry, and Fort Knox
Escrow Services. There are, however, many others to pick
from.Once this third party enters the picture, the nomenclature
changes a little and the parties are often referred to
by different names, in recognition of the role they play
in the escrow arrangement.Since the escrow agreement is
essentially a trust agreement, where the source code is
placed in trust with the third party, the licensor in these
agreements is the party who settles or deposits the source
code in trust and is often called the "Settlor."The escrow
agent is variously called the "Escrowee," "Escrow Agent," "Trust
Agent" or some variation of these, to reinforce the notion
that it is acting as a neutral in the transaction, holding
the source code and supporting materials, which, themselves,
are often referred to as the "Deposit."Lastly, the licensee
is often called the "beneficiary" of the agreement, since
it is the party that will be given the access to the source
code under certain defined conditions.While the exact terms
of source-code escrow agreements vary, there are certain
aspects of these agreements that both licensors and licensees
will need to consider carefully before entering into a
source-code escrow agreement. Conceptually, the main issues
concern: the extent and frequency of the deposit put in
escrow, together with degree of validation applied to it;
who bears the cost of the escrow agent's services and of
any administrative or litigation costs; the conditions
under which the deposit may be released; and, finally,
title, confidentiality and warranty considerations.
The
Elements of a Source-Code Escrow Agreement
Simply, the "deposit" clauses
of the agreement detail exactly what will be given to the
escrow agent, how it will be validated, and how often it
will be updated.One of the important things to take note
of in this context is that the likely scenario in which
escrowed materials will be released will be when the original
programmer is no longer around to help. That means bringing
in new programmers, often unfamiliar with the program or
its history, who will need to ramp up to speed as quickly
as possible.For this reason, it is common for the licensor
or "Settlor" to be required to deposit not only the source
code, but also all materials sufficient for a trained computer
programmer of general proficiency to maintain and support
the software without further assistance from the settlor.
This would include things such as design notes, documentation,
written flow charts and instructions, etc.Apart from this,
it is good practice to require that the source code component
of the deposit be accompanied by a running object code
version submitted on virus-free magnetic media, compiled
and ready to be read by a computer, so that the escrow
agent can verify the contents of the deposit in good working
order and certify good condition to the beneficiary.Moreover,
such agreements usually call for the settlor to deposit
any maintenance modifications, updates, new releases or
documentation related to the deposit materials that the
licensee/beneficiary is entitled to receive under the license
agreement within a reasonable time of its delivery to the
licensee.Of course, since the verification process requires
the escrow agent to make copies of the software, the settlor
will have to give the escrow agent a limited license to
make such copies for the purposes set forth in the agreement,
although the agreement always states that title to the
deposit and all associated intellectual property rights
remains with the settlor.A related deposit clause requirement
concerns the level of verification the Escrow Agent will
be called upon to apply to the deposit to certify it. The
range here is significant, going all the way from no obligation
to verify (not recommended) to stringent procedures allowing
validation of the integrity and completeness of the deposit,
compared to the version of the software and documentation
given to the licensee.From a licensee's viewpoint, the
more stringent the procedures used, the safer it will feel,
but this is usually balanced with the cost of performing
such tests, since the cost is most often borne by the licensee.In
fact, since the licensee is rightly considered the beneficiary
of the trust, being the party for whose benefit the deposit
is made in the first place, the overwhelming majority of
source-code escrow agreements impose the overall cost of
the storage and maintenance of the deposit, as reflected
in the escrow agent's fees, on the licensee/beneficiary.Assuming
the deposit is made, verified and updated in good order,
the sixty-four-thousand dollar question relates to the
conditions under which the escrow agent is required to
release it to the licensee/beneficiary or return it to
the settlor.While "canned" sample escrow agreements contain
certain boilerplate conditions for release, such as bankruptcy
or insolvency of the programmer, most often the conditions
for release key off certain major default provisions in
the underlying software license agreement, which place
the licensee at risk of irreparable injury.The most common
examples, other than the programmer's going out of business
or other unjustified disappearance, are failures to repair
or make required modifications to the software within a
certain period of time after notice; the programmer's ceasing
to further develop or support the software in general;
failing to enter into a maintenance agreement concerning
the software, and similar contingencies.Even here, licensors
insist on certain protections -- and rightly so.First and
foremost, licensors typically require the licensee to make
written demand to the escrow agent for release of the deposit,
citing the "release event" contained in the escrow agreement.
In turn, the escrow agent is required to give notice of
the demand to the licensor, who will typically have a certain
amount of time in which to either agree to the release
or dispute it, it being agreed that failure to respond
at all within a fixed period of time will be tantamount
to agreement.But what if the demand is disputed by the
licensor? How does it get resolved? This is a major area
of contention since the circumstances under which the demand
is made are often time-sensitive. If mission-critical software
is failing, most licensees don't want to get into lengthy
and expensive litigation over whether they had a right
to get the code released.For this reason, source-code escrow
agreements frequently contain a provision for expedited
arbitration and, sometimes, injunctive relief. In these
instances, a related provision must cover whether the licensor
or licensee will cover the litigation or arbitration costs
and expenses of the escrow agent, with the common compromise
being either a 50-50 split between the licensor and licensee,
or a scenario where the costs are completely reimbursed
by the losing party.Then, there is the issue of title and
confidentiality. As noted above, even though the settlor
gives a limited license to the escrow agent, title remains
in the settlor. In fact, unless specifically negotiated,
even if the beneficiary is given access to the code and
materials, title will still remain in the settlor, with only
a right of use given to the beneficiary, subject to strict
limitations.One of the most commonly negotiated limitations
concerns which independent contractors the beneficiary
may use in the event it gains access to the source code.
Since customized software is a competitive field, and since
the particular software involved is likely the settlor's
trade secret material, software vendors will be wise to
include a list of competitors whom the beneficiary is precluded
from using as a replacement for the programming vendor.More
generally, a careful software vendor will likely require
the beneficiary to acknowledge the continuing trade-secret
nature of the software, obtain confidentiality agreements
from all those who handle the code, and to assign back
to the settlor all intellectual property rights to any
derivative works that may be created in the process of
repairs or modifications.In the ultimate indignity, many
source-code escrow agreements provide that, upon release
of the source code, any warranties that originally applied
to the software were void, on the theory that the settlor
should not be responsible for software once it's been tampered
with by the beneficiary or its agents. While this actually
does make logical sense, it is a bitter pill to swallow
for a licensee who is forced to obtain the source code
due to inaction by the original vendor.
Conclusion
As
you can see from the issues that arise in source code
escrow agreements, their negotiation can -- and often is
-- as issue-filled as the underlying license agreement. As
with the license, the exact give-and-take in the source code
escrow agreement is a function of negotiating leverage
and the amount of time the software vendor could otherwise
resell the core software.The more that the software is
one which, in whole or in part, is of a type that the
vendor could modify and resell to another customer with different
customizations, the more likely it is that the vendor
will insist on strong confidentiality protections.Conversely,
the bigger the customer, the bigger the software system,
and the more at stake in the event of a system crash
or malfunction, the more the licensee will resist the settlor-oriented
provisions.
Like
with all other contract negotiation issues, bargaining
power is key component determining how quickly and how
extensively licensees will be able to unlock the code at
the source of their software problems. Copyright © Jay Hollander, 2007. All Rights Reserved.
![]()
![]()
|
