Source code escrow
|This article relies largely or entirely upon a single source. (September 2010)|
Source code escrow is the deposit of the source code of software with a third party escrow agent. Escrow is typically requested by a party licensing software (the licensee), to ensure maintenance of the software. The software source code is released to the licensee if the licensor files for bankruptcy or otherwise fails to maintain and update the software as promised in the software license agreement.
Necessity of escrow
As the continued operation and maintenance of custom software is critical to many companies, they usually desire to make sure that it continues even if the licensor becomes unable to do so, such as because of bankruptcy. This is most easily achieved by obtaining a copy of the up-to-date source code. The licensor, however, will often be unwilling to agree to this, as the source code will generally represent one of their most closely guarded trade secrets.
As a solution to this conflict of interest, source code escrow ensures that the licensee obtains access to the source code only when the maintenance of the software cannot otherwise be assured, as defined in contractually agreed-upon conditions.
Source code escrow takes place in a contractual relationship, formalized in a source code escrow agreement, between at least three parties:
- one or several licensors,
- one or several licensees,
- the escrow agent.
The service provided by the escrow agent – generally a business dedicated to that purpose and independent from either party – consists principally in taking custody of the source code from the licensor and releasing it to the licensee only if the conditions specified in the escrow agreement are met.
Source code escrow agreements provide for the following:
- They specify the subject and scope of the escrow. This is generally the source code of a specific software, accompanied by everything that the licensee requires to independently maintain the software, such as documentation, software tools or specialized hardware.
- They oblige the licensor to put updated versions of the software in escrow in specific intervals.
- They specify the conditions that must be met for the agent to release the source code to the licensee. Typical conditions include the bankruptcy of the licensor, the cancellation of a software development project or the express unwillingness of the licensor to fulfil his contractual maintenance obligations. Because it is often important to the licensee that the code be released as soon as possible once the conditions are met, the conditions tend to be worded as plainly and unambiguously as possible.
- They circumscribe the rights obtained by the licensee with respect to the source code after the release of the software. These rights are generally limited and may include the right to modify the source code for the purpose of fixing errors, or the right to continue independent development of the software.
- They specify the services provided by the escrow agent beyond a simple custody of the source code. Specialised agents may, for instance, verify that the source code storage media is readable, or even build the software based on the source code, verifying that its features match the binary version used by the licensee.
- They may provide that non-compete clauses in the licence agreement, such as any that prohibit the licensee from employing the licensor's employees, are void in the event of the release conditions being met, enabling the licensee to acquire the know-how required for the maintenance of the software.
- They also provide for the fees due to the escrow agent for his services.
Whether a source code escrow agreement is entered into at all, and who bears its costs, is subject to agreement between the licensor and the licensee. Software license agreements often provide for a right of the licensee to demand that the source code be put into escrow, or to join an existing escrow agreement.
Bankruptcy laws may interfere with the execution of a source code escrow agreement, if the bankrupt licensor's creditors are legally entitled to seize the licensor's assets – including the code in escrow – upon bankruptcy, preventing the release of the code to the licensee.
The escrow agreements described above are most applicable to custom-developed software which is not available to the general public. In some cases, source code for commercial off-the-shelf software may be deposited into escrow to be released under a free software or open source license when the original developer ceases development and/or when certain fundraising conditions are met. This model is also called ransomware. The Blender graphics suite was released in this way following the bankruptcy of Not a Number Technologies; the widely used Qt toolkit is covered by a source code escrow agreement secured by the "KDE Free Qt Foundation".
In 1982, mathematician Dwight Olson founded Data Securities International, the first software escrow company. The company pioneered methods of storing source code, assessing software value, and encryption and authentication.