What’s At Stake
Like artistic works and inventions, software is a product of the mind. In other words, it’s intellectual property.
That makes it uniquely subject to a number of risks. For example, it’s easy to steal. In fact, the theft of U.S. intellectual property has been called “the greatest transfer of wealth in human history.”
It’s subject to other dangers, too, and those dangers do not just affect the software vendor.
Software must be reliable, not only when considering bugs and downtime, but good software requires a stable and reliable software vendor. Prospective customers – especially business customers – heavily rely on software to do their daily business and if the software vendor fails to support their software or simply disappears the customer can find themselves in a world of problems.
Protection from the Worst
Software escrow can’t eliminate all the risks of licensing source code, but it can dilute those risks and help facilitate a speed recovery when the worst happens.
Software escrow is a way to reduce risk to both the software developer (the vendor) and the customer (the licensee) when they’re negotiating an agreement to license the software.
It’s a little like purchasing home owner’s insurance. You don’t want your house to burn down, but if it does you have the resources needed to survive.
You’re secure in knowing that if the software vendor fails to support the software or unexpectedly disappears you’ll have access to the critical resources to keep your mission-critical software running.
These release conditions are agreed upon by both the software developer and the licensee so that the intellectual property is only released under the right circumstances.
Who Benefits From Software Escrow and How
Software escrow is usually requested by the licensee in order to protect the value of their investment.
Specifically, licensees may want protection if the software:
- Is critical to the company or some part of its operation.
- Has a direct effect on revenue.
- Is extensively customized.
- Is particularly expensive or hard to replace.
- Affects many employees or company operations.
- Affects the firm’s customers.
- Is (or should be) part of the company’s risk management strategy.
All those considerations come on top of more commonly considered risks, for example:
- Data loss resulting from natural disasters like hurricanes or earthquakes.
- Data breaches and other kinds of malicious hacking.
- Loss of continuity of use as might occur if the vendor goes out of business.
And risk aside, licensees want to be assured that they’ll be able to use their investment.
They want to know that maintenance and reinstallation are available should they need it.
And they want to know that the software will be updated and kept able to function properly.
Vendors also benefit from software escrow. Software License negotiations are about trust and showing your prospective licensee that you have or will address their business continuity concerns (sometimes unspoken) goes a long way.
What Gets Covered
Like any contract, it’s up to the parties to specify the details of the agreement.
But as a rule, coverage should include everything necessary for the licensee to recover from a complete loss of the software.
That might include:
- The overall code.
- All documentation (including documentation of updates as they occur).
- Specific elements or libraries which the software requires to function.
- Any other material necessary to reinstall a fully functioning duplicate of the application.
The escrow agreement should also include periodic validation of all the covered elements.
That will help ensure that as the application evolves through upgrades and maintenance, the escrow account continues to hold everything necessary to get things back up and running.
For SaaS (software as a service) applications which live in the cloud, you may want some additional protection.
For example, you might want the traditional escrow account supplemented with a separate account for storing executable code, plus data backup and recovery, so the software is always available.
Beyond the basics, you may have specific needs or wants that need to be addressed.
The most common options tend to fall in one (or more) of three categories:
Single-user options, which apply mainly to custom applications.
Multi-user options, which may apply to multiple organizations or multiple locations.
Custom options as specified by the parties.
How It Works
In the typical software escrow agreement, the licensee delivers the source code and all related material, plus an inventory of that material, to the escrow agent.
The escrow agent confirms receipt of the material and the contents of the inventory with both the vendor and the licensee.
The material is stored securely in their escrow vaults.
If necessary, the vendor periodically updates the deposited material, including code and documentation. The agent confirms the update and notifies both parties.
If release conditions are met, the escrow agent releases material to the licensee under the terms of the agreement.
The licensee then has what it needs to continue to effectively use their mission-critical software.
What to Remember
No matter how expert your escrow agent is, it’s important for you to think through the details of your coverage and what happens if the escrowed materials have to be released.
In particular, consider:
- Reliability of the escrow agent – How long have they been in business and how can you make sure they will be around in the event of a release?
- Facilities – Storage and facility security, including physical, electronic and process security.
- Release conditions – What are the rules for release of the escrow materials.
Finally, remember that a software escrow account is a legally binding relationship between the vendor, the licensee and the agent.
Remember, too, that intellectual property law is complex and it pays to have a trusted advisor to help ensure that your interests are protected.
If you have questions, or just want to explore the possibilities, contact us. We’re here to help