Your quick guide to software escrow

In a time of budget cuts and significant finger pointing if anything goes wrong, it is baffling to see software purchasers continuing to buy software in such a way that leaves them at the full mercy of their suppliers. Options such as escrow should be a key consideration as part of any basic risk management strategy, and yet the majority of software users don’t care about, or simply don’t understand the full benefits.

What is software escrow?
If you use software that is important to your organisation and it crashes, you could find yourself completely reliant on the supplier to fix it – and if the supplier goes out of business or fails to maintain and update the software as promised, your organisation could very quickly be paralysed by software failure.

For the supplier however, the source code in their software is their trade secret. It reveals precisely how the software was built and if it was widely available there would be a danger that all, or part of it, could be copied, and identifying and prosecuting all the copyright infringers would undoubtedly prove to be an unnecessary and costly ordeal.
    
Escrow presents both users and suppliers alike with a middle ground. The supplier agrees to deposit the source code with an independent third party – an ‘escrow agent’ – and under the agreement, the escrow agent will release the source code to the user in the event that a ‘release event’ occurs. A release event is typically the insolvency of the supplier, or the default of the supplier under its support and maintenance agreement.

Do I need source code escrow?
Escrow comes with many benefits, however, it should not be bought blindly. If you own the intellectual property rights in the software, then escrow is not for you. The source code belongs to you, so the supplier should keep delivering copies to you. However, if the software is owned by the supplier and is licensed to you with the provision of maintenance and support, it is something that is worth serious consideration.
    
The biggest escrow cost of all is the cost of taking source code maintenance in-house. It really is no mean feat. Unless you have a big team of developers with not much to do then you need to consider this cost very carefully.
    
Software that is provided “as a service” (e.g. software that you access through a web browser) can be quite cheap (generalisation), often has many competitors (generalisation), and is geared-up for rapid data migration. So, escrow benefit might be quite low. In addition, such software is going to be a bit more difficult to re-build into a locally run application in the event that you take source code maintenance in-house. So escrow cost might be quite high.

Common pitfalls
Use an escrow agent that allows you to tailor the escrow contract to your particular requirements. For example, you might need more than just one or two release events.
    
Make sure the escrow contract addresses the licence that you will be given to use the source code. Usually, this licence is not adequately dealt with in your software licence and maintenance agreement so the escrow contract gives you another opportunity to get it right. You will want the right to change the source code and to engage an IT consultant to maintain the source code on your behalf.
    
Don’t sign an escrow contract with cumbersome procedures that apply if you want to trigger release of the source code. If the supplier is not performing, the last thing you want is a couple of months of arguing about whether or not you are allowed to trigger release of the code. The escrow contract needs to give you a rapid remedy.
    
Make sure you ask the escrow agent to check that the deposited code is indeed the code for the application that you are licensing and can be recompiled into a workable application. This will cost more, but you could feel foolish if you trigger release and there is nothing on the CD, or it’s the wrong source code.
    
Finally, do your research. Meet with a number of different ‘agents’ in order to explore all the options, and seek legal advice on your contract. Escrow has the potential to help you make significant cost savings, have greater independence and flexibility with your software, and give you an immediate solution if something goes wrong – but it will be an entirely pointless purchase if it is made as part of a rushed risk management ‘tick box’ exercise.Some basic concepts

  • Software is created from its source code.
  • Source code is a series of instructions in a language understood by both humans and computers.

When followed by the computer, the instructions can be compiled into a software application. As the courts note, software is like a cake; source code is like the recipe.

  • We software users use the compiled software application, not the source code.
  • It is very hard, if not impossible, to maintain and support a software application without access to the source code.
  • Suppliers do not usually give a copy of the source code to the users; instead they keep it to themselves. It is a trade secret.

For more information
There is plenty more to software escrow. If you wish to discuss, call Tim Sewart on 020 7894 6040 or e-mail tsewart@beachcroft.com

Please register to comment on this article