More and more federal government entities are discovering technology escrow as a viable solution to mitigate risk when negotiating a license for software, technology, or relevant intellectual property (IP). Technology escrow is also known as software escrow, source code escrow, hardware escrow, or data escrow, and it has proven itself as a solution that benefits both the developer and the contracting party.
With an escrow contract, IP from the developer is placed in a secure escrow account held by an escrow agent, such as Iron Mountain. This keeps it safe if, in the future, the developer is no longer able to support the product for reasons specified in the escrow agreement. It enables the technology buyer to access the source code, IP, and other “know how” to keep their mission-critical applications and systems up and running.
To implement technology escrow effectively, involve all of the parties from the beginning. This includes the federal agency (technology buyer), the prime contractor (technology developer/integrator), and subcontractors (additional technology developers). In addition to the departments directly involved, someone from the Procurement and Legal departments are usually part of the process. It is also common for IT and Risk Management to be represented.
For example, when the federal government contracts to employ a defense system or license software or other technology, these parties are involved, along with various forms of intellectual property. A technology escrow agreement can be used for both software or hardware and ties everyone together to streamline the workflow, especially when the technical data package contains multiple forms of intellectual property — both classified and unclassified.
To secure technical data and intellectual property, the government agency can set up technology escrow accounts at the time contracts are signed — this simplifies the process and ensures that it gets done. By escrowing the software source code or other IP with Iron Mountain and verifying the deposit, these assets are securely stored in a “virtual lockbox.”
Similar to an insurance policy, the government agency would get control of these assets when reasons specified in the escrow release conditions occur, such the developers’ bankruptcy, system failure, obsolescence, or other unplanned events. If a release happens, the government agency would have access to the source technology needed to keep critical systems and software up and running.
A technology escrow plan should be a part of your overall risk management strategy. Therefore, it is important to establish a core team with people who provide input into these policies and processes. A senior-level sponsor is a good idea to help move things forward and add visibility.
Once your core team is established, reach out to contacts at your prime contractor and subcontractors to get them involved. The beauty of a technology escrow agreement is that it is flexible, and you can work with your escrow agent to customize the terms to each agreement. Once you have a cross-functional team, define your escrow policy and create a repeatable process so that escrow becomes an automatic part of the technology licensing process. With a core team involved from the outset, you’ll have shared expectations and can implement and maintain your escrow agreements more easily.
Technology escrow provides benefits for all parties involved. Of course, the technology buyer — in this case the federal government agency — has the benefit of accessing the developers’ intellectual property if there is ever a problem with the developer. But the developers benefit too. Escrow is a way to protect and safeguard their intellectual property with a date and time-stamped audit trail of each technology deposit.
With an escrow agreement in place, a flow-down approach ties all the parties together and offers benefits to each:
In summary, technology escrow has been used by private enterprises and their technology developers for over three decades. Technology escrow for the federal government is based on the same principles, with modifications for the prime/subcontractor relationship and special storage and protection of classified information.
NCC Group Software Resilience has acquired Iron Mountain’s Intellectual Property Management (IPM) business. For more information on the acquisition, please visit our dedicated information hub, or contact Iron Mountain IPM.