Digital, Commerce & Creative 101: Software escrow: why bother, and what about SaaS and escrow?
28 October 2024
Imagine this: your business licenses in a custom-built software platform to manage its critical day-to-day operations. One day, you receive the shocking news that your software provider has gone out of business. Panic sets in as you realise that, without access to this critical software, your entire system could come to a grinding halt. You breathe a sigh of relief as you remember that, in the course of negotiating the software licence, you engaged a software escrow agent.
Think of software escrow as a safety net for your software. The basic set-up involves three parties: (1) the software developer (licensor), (2) the business using the software (licensee), and (3) a neutral third party called an escrow agent. If a licensor and licensee have agreed to use an escrow arrangement, all three parties will enter into a separate escrow agreement and the licensor will deposit the relevant source code with the escrow agent. Later down the line, if the developer trips over one of an agreed set of ‘triggers’ (common examples include insolvency events or breach of support obligations), the escrow agent will be instructed to release the code to the licensee, allowing the licensee the opportunity to continue operating the software. This is part of business continuity.
Some things to think about, especially now that so many of us use and access software via a SaaS model
1. Can I use escrow with SaaS? Yes, escrow arrangements can be put in place with SaaS, but a) some providers won’t allow this (something to think about when choosing your solution) and b) unlike traditional software, SaaS applications often rely on a combination of source code, object code, third-party integrations, and specific hardware configurations. This can make it tricky to ensure all necessary components are included in escrow.
2. Data Dependency and back-ups: SaaS applications typically store data in the cloud. If the SaaS provider fails, accessing and migrating this data can be problematic. Traditional source code escrow does not usually cover, so you might wish to negotiate this addition.
3. Verification: Ensuring that the deposited source code is complete, up-to-date, and functional can be challenging. Escrow agents offer a verification service.
4. Release Triggers and Disputes: The conditions under which the escrowed code is released can be a point of contention. Ensuring the triggers are appropriately drafted is key. Sometimes, the standard triggers offered by the source code agent templates need amending.
5. Technical Expertise: Even if the source code is released, customers need access to the right technical expertise to use it. Do your developers code in the same language?
6. Updates: The nature of software development means code will often be continually modified and improved over the lifetime of a licence/SaaS solution. A licensee/user should ensure that the licensor is obliged, on an ongoing basis, to deposit with the escrow agent the source code for software improvements.
7. Right to use on release: One omission that we see is that the underlying SaaS or licence does not explain the basis on which the licensee or user can continue to use the released code and for what purpose. The escrow agreement typically deals with release triggers but not ongoing use. This needs addressing in the underlying agreement or escrow agreement.
We can help you to implement robust and reliable escrow agreements that provide security and peace of mind.