Technology Escrow 201

The Keys to Reducing Risk for Software Licensees
Simply signing on the dotted line of a technology escrow contract does not guarantee adequate protection of a company's assets. Several key factors must be considered to produce an arrangement that effectively meets each party's unique requirements. Since licensees are typically the beneficiaries of an escrow arrangement, they need to pay close attention to those sections of the contract that deal with the release process, use rights of released materials, and deposit verification and updates. If not, licensees may find that although they have taken the precaution of establishing an escrow account, they won't have the leverage to request actions by either the escrow agent or the vendor that would protect their investment.

Release Conditions
A working three-party escrow relationship must include conditions for release of the source code in escrow. These conditions identify the circumstances that will allow for access to the source code should support for the technology be interrupted.

How do you decide what release conditions should be included in the escrow contract? First, consider the business environment in which the arrangement is produced. Are you concerned about any of the following issues while the license agreement is in effect: vendor bankruptcy, product bankruptcy, a merger and/or acquisition of the vendor company, the vendor's loss of personnel critical to providing support for the technology? If so, these and any other conditions should be considered for inclusion in the escrow contract.

Release Process
Defining the release conditions is only the first step to ensuring ample protection. Beneficiaries must also consider how the materials will be released in the event that a release condition is met. Will the materials be released on demand? Or will a dispute resolution by a third party be required?

A standard release process requires that the escrow agent, after being notified by the beneficiary that a release condition has occurred, directly notify the vendor (depositor) of the release request. The depositor has a predetermined period (usually 10 days) to oppose the release. If the agent does not receive an objection from the depositor during the predetermined time period, the release occurs. If the depositor does object to the release, the two parties resolve the issue on their own or through the resolution process defined in the escrow contract.

In another instance, the beneficiary may have enough negotiating leverage to persuade the depositor to agree to an "expedited release," which allows for access to the source code immediately after the beneficiary has notified the escrow agent that a release condition has occurred.

Should the depositor object to an expedited release option, the beneficiary may negotiate for a solution that provides a short time period (often within a week) for both parties to select a member of their companies to agree on a third party to resolve the issue. In some cases, the beneficiary may negotiate in advance for terms that permit it to pay a fee to continue to use the technology during the resolution period.

Use Rights for Released Materials
The rights to use the released materials must also be addressed in the escrow contract. These rights are often defined in the original license agreement, but often address rights to object code and not source code. The escrow arrangement presents the opportunity for licensees to confirm or further clarify these rights.

Technology Verification
In the event that escrowed materials are released, what assurances does the beneficiary have that the materials are current and functional? How can the beneficiary be certain that all of the components necessary to maintain the escrowed technology are available? An experienced escrow agent with a thorough process in place to perform technical verification of the deposited materials can help ensure that the beneficiary is able to maintain the technology in-house if necessary. Iron Mountain offers three levels of technical verification.

• Level I — Content Confirmation: This basic verification process requires that the escrow agent perform a physical inspection of the materials in the deposit. The purpose of this level of examination is to ensure that the necessary information has been properly stored in escrow. This test includes verifying media functionality, scanning for viruses, confirming program content, classifying and inspecting files, and identifying third-party libraries.
• Level II — Compilation: This level of verification involves using the content identified in the Level I verification to compile the source code. This process includes compiling source files and modules, identifying a comprehensive list of the hardware and configurations needed to compile the materials, and itemizing the necessary software and operating environments to run the program.
• Level III — Joint Iron Mountain & Client Validation: The third and most comprehensive level of verification takes place on the client's premises and ensures that the deposited materials are actually the software the beneficiary uses. Both Iron Mountain and the client observe and record the actions of the test and the results, and establish a plan for a systematic exercise of functionality for the materials in escrow.

Deposit Updates
To ensure that the most current version of the technology is deposited, the escrow contract should require that the depositor regularly update the account. A full-service escrow agent will notify the parties of all updates and can notify the beneficiary if an update has not been deposited at the agreed upon intervals.

Ongoing Risk Analysis
Once the escrow contract has been approved, it is important to regularly perform risk analyses. As the escrowed technology evolves, consider whether the risk factors initially attached to the license agreement still apply. Periodically performing risk analyses will help to ensure that the signed escrow agreement remains a working agreement that sufficiently protects the technology assets of all involved parties.