Escrow involves the holding of an article by a trusted third party (“an escrow agent”) on behalf of two or more parties on the understanding that should a specific event occur (or fail to occur) the article will be released to one or more of the parties.
Originally used in property transactions in the USA, its application has spread to source code escrow and purchases over the Internet, where a third party trusted by both parties to the transaction, takes receipt of the goods and consideration, from the seller and buyer respectively and then releases goods to the buyer and payment to the seller respectively. In this way the parties ensure that they will receive performance, because it is put in the hands of the trusted third party.
When you licence software, you are generally only provided with the compiled “black box” version, which you are not entitled to tamper with. You are also generally prohibited from reverse engineering or de-compiling the program.
When software is developed for you, the Developer may include certain proprietary middle-ware and other applications in the “bespoke” application developed for you, in which it will retain ownership and you will not be given access to the code.
Due to the strategic nature of many applications, and the possibility that the relationship with the Vendor (Licencsor)/Developer may sour or they may go out of business, many users require that the source code of the relevant programs are placed in escrow.
It is important that the right to access and the obligation to deposit the source code is provided for in your software licence/maintenance/development agreement.
You and the Vendor/Developer will then enter into a software escrow agreement with an Escrow Agent, such as Chattan Escrow.
This is a much-debated question. In some cases, the Client (i.e. the user of the bespoke development) will not have the expertise to modify the source code for its requirements. Thus, in a worst case scenario, the source code is useless to you; but you are in no worse a situation than you would have been if you didn’t have it, whilst there is always the possibility that you will be able to use the code. In addition, the mere threat of calling for the release of the source code, may spur the Vendor/Developer into compliance.
Whilst Chattan Escrow provide a basic service that meets the requirements of the majority of our Clients, we do have access to facilities in terms of which verification of the source code can be undertaken. please refer to the Validation and Verification Levels page for more details.
It is essential that sufficient permissions and rights to modify the source code are incorporated in the base documents to ensure that you can use the code for the purposes you require it for. This includes, among others, the right to appoint third party Developers and even a waiver of any “anti-poaching” provisions relating to staff of the Vendor/Developer.
The base agreement and the agreement with the Escrow Agent will provide for certain “trigger events” that will entitle the Client to call for the release of the Escrow Package (i.e. the source code and all related artifacts that are held in Escrow by the Escrow Agent).
In terms of our approach, we require a written agreement from both parties, or failing which, a court order authorizing us to release the Escrow Package to one or other of the parties. This ensures that we remain completely objective and prevents us from being called upon to resolve a dispute. It also prevents one party from removing the Escrow Package from Escrow without the knowledge/consent of the other.