As previously discussed on this blog, the Federal Circuit issued a major decision in June 2024 addressing bid protest jurisdiction and standing at the Court of Federal Claims (“COFC”): Percipient.ai, Inc. v. United States.

On September 5, 2024, the United States filed a petition for rehearing of that case — requesting that the Federal Circuit reconsider its decision, either through a rehearing by the same panel or by the full court in an en banc proceeding.  Subsequently, on September 26, 2024, the protester (Percipient) filed an opposition to the petition.  It will be worth watching whether the Federal Circuit grants the government’s petition and, if so, whether any rehearing will result in a change to Percipient.ai’s holdings.Continue Reading Percipient.ai, Inc. v. U.S.:  Government Requests Reconsideration of Federal Circuit’s Decision on Bid Protest Jurisdiction and Standing

A key component of President Biden’s October 2023 Executive Order on Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence is a directive to develop a mandatory industrial base survey for the development of advanced artificial intelligence (“AI”) models and computing clusters.  Leveraging authority under the Defense Production Act, President Biden charged the Department of Commerce, Bureau of Industry and Security (“BIS”) to implement this industrial base assessment.  On September 9, 2024, BIS proposed to amend its Industrial Base survey regulations by establishing reporting requirements for the development of advanced AI models and possession of large-scale computing clusters.

Section 4.2(a)(ii) of the October 2023 Executive Order directed BIS to “require companies, individuals, and other organizations or entities that acquire, develop, or possess a potential large-scale computing cluster to report any such acquisition, development, or possession,” as its authority for the proposed rule.  BIS had previously released a mandatory survey for companies it had identified as “developing or planning to develop potential dual-use foundation models.”  This proposed rule now sets forth further reporting requirements, as well additional details on the rationale for the survey – rationale that could have serious implications for government contractors.Continue Reading Every Quarter, On the Quarter:  BIS Proposes New Reporting Requirements for the Development of Advanced Artificial Intelligence Models and Possession of Large-Scale Computing Clusters

GAO’s recent protest decision in HPI Federal, LLC, B-422583, Aug. 9, 2024, 2024 WL 3823852, highlights the importance of making clear and precise Trade Agreements Act (TAA) compliance certifications when offering products for sale to the U.S. Government.   

  • On the one hand, GAO found that it was unreasonable for an agency to accept an offeror’s certification that certain of its products were “assembled in” a TAA-compliant country as evidence of the product’s TAA compliance.  GAO reasoned that the referenced assembly — which was not described in the proposal — may not satisfy the TAA’s requirement for “substantial transformation” in that country. 
  • In contrast, GAO found that it was reasonable for the agency to accept the same offeror’s certification that other products had a TAA-compliant “country of origin”. 

As these contrasting examples show, offerors should take care to ensure that their certifications are adequate to establish TAA compliance.  A certification falling short of that standard could place an award at risk, and could even render an offeror ineligible for award. Continue Reading Trade Agreements Act Certifications Undergo New Scrutiny

This is part of an ongoing series of Covington blogs on the implementation of Executive Order No. 14110 on the “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence” (the “AI EO”), issued by President Biden on October 30, 2023.  The first blog summarized the AI EO’s key provisions and related OMB guidance, and subsequent blogs described the actions taken by various government agencies to implement the AI EO from November 2023 through July 2024.  This blog describes key actions taken to implement the AI EO during August 2024.  It also describes key actions taken by NIST and the California legislature related to the goals and concepts set out by the AI EO.  We will discuss developments during August 2024 to implement President Biden’s 2021 Executive Order on Cybersecurity in a separate post. Continue Reading August 2024 Developments Under President Biden’s AI Executive Order

On September 4, DoD published a proposed rule updating the other transaction (OT) regulations set forth in 32 CFR part 3.  These updates are intended to implement various changes to the prototype OT statute (42 U.S.C § 4022) previously enacted by Congress.  Among other things, those changes included:

  • An expansion of the “appropriate circumstances” under which a prototype OT may be issued, to include situations involving participation by nonprofit research institutions, participation by small businesses, or opportunities “to expand the defense supply base”; and
  • Authority for DoD to issue follow-on “production” OTs on a sole source basis, provided that competitive procedures were used for award of the initial prototype OT.

Although these changes were already applicable to DoD as a matter of statute, the proposed rule would ensure that the CFR is aligned with the statute and that the regulations provide accurate guidance. More details are below.Continue Reading DoD Rolls Out Proposed Changes to Prototype OTA Regulations

This is part of a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021through July 2024.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during August 2024.  We discuss developments during August 2024 to implement President Biden’s Executive Order on Artificial Intelligence in a separate post. Continue Reading August 2024 Developments Under President Biden’s Cybersecurity Executive Order and National Cybersecurity Strategy

The Cybersecurity and Infrastructure Security Agency (“CISA”) released a new guide on August 2, 2024 titled, “Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management (C-SCRM) Lifecycle” (the “Software Acquisition Guide”).  This guide addresses the cybersecurity risks associated with the acquisition and use of third-party developed software and certain related physical products in an agency enterprise environment, and provides recommendations to agency personnel for understanding, addressing, and mitigating those risks.  This guide was followed on August 6, 2024, by a separate guide issued jointly by CISA and the FBI titled, “Secure By Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem” (the “Secure By Demand Guide”).  Together, these two guides provide agency and industry personnel a series of questions that can be used to obtain information from suppliers, set technical requirements, and develop contract terms for the acquisition of secure software as contemplated by the Biden Administration’s May 2021 Cybersecurity Executive Order (“EO”) and the Office of Management and Budget (“OMB”) memoranda implementing that Order. 

The specific impact that the guides will have on federal procurements and software developers in the federal supply chain is not yet clear.  With this said, all software producers in the federal supply chain are currently required to fully comply with new secure software development minimum requirements promulgated by the Office of Management and Budget by September 8 of this year, as detailed in our prior post here.  The Software Acquisition Guide in particular builds on those requirements and thus could be adopted by agencies that opt to impose additional obligations on contractors beyond those minimum requirements.Continue Reading New Guides Released Relating to Secure Software Development Requirements

This is part of an ongoing series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021 through June 2024.  This blog describes key actions taken to implement the Cyber EO during July 2024.  It also describes key actions taken during July 2024 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, national security, and software supply chain security.Continue Reading July 2024 Developments Under President Biden’s Cybersecurity Executive Order and AI Executive Order

Earlier this month, the FAR Council took action to extend its existing authority to collect information from government contractors for novation requests with a notice in the Federal Register.  While this was a routine action, it is a reminder that the novation process is in need of serious attention.  The

Continue Reading It’s Time to Re-Imagine FAR Subpart 42.12:  Ways to Improve the Novation Process

This is part of an ongoing series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and subsequent blogs described the actions taken by various government agencies to implement the Cyber EO from June 2021 through May 2024.  This blog describes key actions taken to implement the Cyber EO, as well as the U.S. National Cybersecurity Strategy, during June 2024.  It also describes key actions taken during May 2024 to implement President Biden’s Executive Order on Artificial Intelligence (the “AI EO”), particularly its provisions that impact cybersecurity, national security, and software supply chain security.Continue Reading June 2024 Developments Under President Biden’s Cybersecurity Executive Order, National Cybersecurity Strategy, and AI Executive Order