10 Tips to Bolster a Licensee’s Source Code Escrow Protections

10 Tips to Bolster a Licensee’s Source Code Escrow Protections

When licensed software lies at the heart of a product or service, the licensee must consider how its business could be impacted in the event access to the software is suddenly disrupted (i.e., the licensor goes out of business). In some cases, the licensee’s contingency plan may include exercising a negotiated option to purchase a license to the software’s source code directly from the licensor; or if the software is easily replaced, finding an alternate vendor. When a source code license is not available and/or the software is not easily replaced, however, the licensee often considers a source code escrow arrangement.

In this situation, the licensor’s source code is placed in secure storage – usually with a third-party escrow agent – and is released to the licensee upon certain “trigger events.” Typically, release is predicated on events that may prevent the licensor or its authorized agent from providing, maintaining or supporting the licensee’s version of the software, such as insolvency, breach of support obligations, or an acquisition by a company with different priorities. Although escrow arrangements can offer a sense of protection, they are not a panacea, especially if the licensee lacks the expertise and resources, such as know-how, time, and money, to efficiently utilize the source code upon release. The following practice tips are intended to bolster the usefulness of escrowed source code and help ensure business continuity:

1. Plan ahead
Before negotiating the terms of an escrow agreement with the licensor, the licensee should meet with its own internal stakeholders to decide what they will need in order to make effective use of the source code if released. They might consider such issues as (a) what event(s) should trigger a release of the source code; (b) what must the licensor do to update the source code while in escrow; (c) whether the licensee will have in-house expertise to use the source code or will they need to hire someone; and (d) whether the licensee could tap the expertise of the licensor for training. Ideally, the licensee and licensor will agree on the main terms of the escrow agreement (primarily, which escrow agent will be used and who will pay for what) before engaging an escrow agent, keeping in mind that many escrow agents have their own template agreements, and may charge “administrative” fees to make changes to them.

2. Choose escrow agent with care
Not all escrow agents are created equal so the licensee should do its homework. It is better to select a well-known escrow agent that has been in business for many years rather than a (perhaps cheaper) newcomer to the industry to help ensure the escrow agent will still be around when the licensee needs to access the escrow materials. In addition, an escrow agent should have appropriate security and safeguards with respect to its facilities (restricted access, climate-control, fire proofing) and the escrow materials. It is also important to understand who bears the risk for lost or damaged escrow materials while in storage. In most cases, the escrow agent will accept liability in return for charging a higher fee for its services.

3. Add authentication services
Although this service will cost extra, the licensee benefits from having the escrow agent verify each deposit by the licensor so the licensee can be sure the licensor is complying with the escrow agreement requirements.

4. Require regular deposits and testing
The licensor should be required under the terms of the escrow agreement to keep the escrow materials current throughout the term of the agreement. For example, there should be at least quarterly escrow updates including all new releases, updates, and patches to the software released during the prior quarter (together with corresponding documentation). The licensee could also request regular testing and examination of the escrow materials to help minimize the possibility that the escrow materials will be outdated, defective, or incomplete upon release. Such testing can be cost-prohibitive, and issues to consider include who will pay for the testing, who will conduct the testing, and what will happen if testing identifies a problem. If the escrow agent is tasked with any testing responsibilities, completion should be accompanied by written certification.

5. Require proper labelling and inclusion of ancillary documentation
All escrow materials (name of software, date of release, version number, etc.) should be clearly labelled so the licensee can immediately find what is needed in the event of a trigger event. Similarly, the escrow agreement should list all ancillary documents which must be deposited along with the source code, including any manuals, instructions, tools, and documentation needed to understand the source code and run the software. The licensee could also request a list of names and business contact information for the licensor’s engineers who are most familiar with the software. Without such ancillary documents, even a reasonably skilled software engineer might find it difficult or impossible to use the source code.

6. Secure support for source code utilization
Ideally, the licensee will have in-house expertise on the software and its source code, well before a release event occurs, to ensure timely utilization of the code and to minimize any disruptions in business. If this is not feasible (the licensee may not have access to the source code and related materials prior to the release event), the escrow agreement should include a provision which obligates the licensor to provide consulting services, free of charge, upon release of the escrow materials (if the licensor is still around).

7. Ensure ability to seek third party help
Similarly, the licensee should avoid any restrictions in the agreement that would limit or prevent the licensee from allowing a third party (such as a contractor) to access and use the escrow materials on the licensee’s behalf, which may be necessary in the event the licensee lacks the technical resources and/or expertise to use the escrow materials upon release. The licensee should also ensure there are no provisions in the underlying licensing agreement or escrow agreement (i.e., a no-solicit/no-hire provision) that would prevent the licensee from directly hiring the licensor’s personnel (including consultants) in the event the licensor is unable to provide technical support.

8. Avoid restrictions on post-escrow release license
Typically, when source code is released from escrow, it is subject to a new license agreement that specifies how the source code can be used post-release. The licensee will want to ensure that the post-release escrow license is broad enough to allow the code to be used as needed, which will likely be different from the licensee’s needs prior to the escrow release. For example, post-release, the licensee should be able to modify the source code and use it for its own internal support and maintenance purposes.

9. Limit how disputes are handled
Some escrow agreements will allow the licensor a certain amount of time to dispute the licensee’s request to release the escrow materials, and may mandate participation in alternative dispute resolution proceedings in the event of a dispute before the escrow materials are released. These provisions can lead to significant delays for the licensee; accordingly, they should be limited wherever possible, including providing specific instructions for the escrow agent to follow in the event there is a dispute.

10. Document all third party components
Occasionally, a licensor may hire a third party to write its manuals or a part of the code, or the licensor’s software product may include components from third parties. For this reason, it is critical that the escrow agreement include a provision specifying any third party components that are not subject to source code escrow. In this case, the licensee may need to separately seek consent to the escrow arrangement from the providers of such third party components, if they are critical to the licensee’s use of the escrow materials and the licensed software.

By carefully considering and addressing the above issues, a software licensee can better ensure the timely and productive use of escrow materials following a trigger event. If you have questions about source code escrow arrangements or other software license concerns, please contact Virginia Fournier at [email protected] or (408) 891-8607.

A member of our California team, Virginia Fournier is a seasoned technology attorney with over 25 years of legal and business experience in the industry. She regularly handles a wide range of technology-related matters, including negotiating and drafting complex licensing agreements, compliance, data security and privacy, and intellectual property issues.  

This publication should not be construed as legal advice or a legal opinion on any specific facts or circumstances not an offer to represent you. It is not intended to create, and receipt does not constitute, an attorney-client relationship. The contents are intended for general informational purposes only, and you are urged to consult your attorney concerning any particular situation and any specific legal questions you may have. Pursuant to applicable rules of professional conduct, portions of this publication may constitute Attorney Advertising.

Subscribe to Our Blog