SOURCE CODE ESCROW - A PRAGMATIC BALANCING ACT AND A “WIN WIN” SOLUTION
By David Carrick, Esq.
Aikins, MacAulay & Thorvaldson
Most users of software (either “custom developed” or “off the shelf”) only receive the “object code” version of that software from the software developer and not the underlying “source code”.
“Source Code” versus “Object Code”
A software’s “source code” is the high level computer language in which the software is written. The source code describes in great detail the logic flow of a software program, and often includes the programmer’s narrative explanation of the various steps in the program. On the other hand, “object code” represents a translation of the source code into a machine readable language that is executable by a computer.
The Importance of Source Code to the Software Developer
Software developers are generally very reluctant to provide a user with the source code version of any software product. The main reason for this reluctance is that developers wish to strictly limit access to the source code so as to reduce the risk of someone copying the source code and using the copy to create a competitive software product, thereby depriving the developer of licensing revenues.
The Importance of Source Code to a User
Access to a software product’s source code is required for purposes of error correction, modifications and enhancements of that software. As a result, prudent users of software products will want the assurance that if the software developer goes out of business or is otherwise unable to fulfill certain of its obligations the user will be able to access the source code to correct errors or to modify or enhance the software independently of the developer.
Source Code Escrow – the “Win Win” Solution
“Escrow” refers to the deposit of the source code by the developer with a neutral third party, the escrow agent, who holds the source code according to the terms and conditions set out in a Source Code Escrow Agreement. This Agreement is a contact between the developer, the escrow agent and the user which details the limited circumstances in which the source code can be released by the escrow agent to the user. The concept of escrow offers a fair, confidential and secure solution to both developers and users of software products. The challenge from a user’s perspective is to convert the promising concept into a meaningful reality. In order for this to happen, users must ensure that any escrow arrangement which is offered to them includes the following:
- a comprehensive description of what constitutes “source code”. Otherwise, the whole exercise could become meaningless if the materials actually deposited in escrow do not correspond to the software application being used or are not comprehensive enough to be usable by the user;
- an obligation on the part of the developer to deposit an updated source code each time the developer makes a new release or updated version of the software available to the user;
- a verification mechanism whereby the user can periodically satisfy itself that the materials on deposit with the escrow agent are complete, accurately reflect the version of the software then being used by the user and are capable of being compiled into the object code version of that software. It is strongly recommended that users take advantage of the verification process at least once every six months and more often if the software is being frequently corrected, modified or enhanced;
- adequate “triggering events” for release of the source code to the user. While these triggering events must be restrictive enough to protect the developer against a premature release of the source code, confining the triggering events to bankruptcy or other financial difficulty on the part of the developer (which is the approach used in most Source Code Escrow Agreements) in most cases will not be adequate from the user’s perspective. In particular, given the importance to most users of timely correction of errors and timely making of modifications and enhancements to a software product, users are well advised to incorporate into a Source Code Escrow Agreement a triggering event that allows the release of the source code in the event the developer fails to provide support, modification or enhancement services as required of the developer pursuant to the Software License and Support Agreement;
- a provision whereby the user or any third party retained by the user is granted a license to use the source code for purposes of error correction, modifications, enhancements and the like. Otherwise, the user might obtain access to the source code but not be legally entitled to use it in any meaningful way.
While a Source Code Escrow Agreement is typically requested by a user, software developers who are confident in their ability to provide support, modification and enhancement services as required from time to time by a user should consider offering a fairly worded escrow arrangement to users so as to differentiate their software from that of competitors and thereby to gain a competitive advantage in the market place.
8 September 1996, Aikins, MacAulay & Thorvaldson. All rights reserved. This article was written for general information purposes only and should not be construed as legal advice or opinion. This article may be reproduced in whole or in part with credit given to Aikins, MacAulay & Thorvaldson and David M. Carrick.
Originally published in the Fall 1996 edition of the Aikins, MacAulay & Thorvaldson Quarterly Report.