DoD has issued a Final Rule that gives added protections to the technical data of privately developed commercial items incorporated into major systems, including major weapon systems.  This rule implements Section 813(a) of the National Defense Authorization Act (NDAA) for Fiscal Year 2016 and modifies 10 U.S.C.§ 2321(f).

In general, a defense contractor’s assertion that a commercial item was developed exclusively at private expense is presumed to be valid, even if the contractor does not respond to a challenge notice from the Contracting Officer. Prior to the Final Rule, however, this presumption (known as the “Commercial Rule”) did not apply to DoD’s procurement of “major systems” or “subsystems or components of major systems,” unless the technical data related to commercially available off-the-shelf (COTS) items. Thus, without the benefit of the presumption in connection with the procurement of a “major system,” contractors were required to justify their assertion that an item was developed exclusively at private expense if they wanted to restrict the Government’s rights in the underlying technical data. This exception to the Commercial Rule is known as the “Major Systems Exception.”

The Final Rule modifies this practice in two ways: (1) the Major Systems Exception is narrowed to apply only to major weapons systems; and (2) the Commercial Rule is applied more broadly to include additional exceptions for COTS items.  In particular, the Final Rule provides that the Commercial Rule would apply not only to COTS items, but also to: (1) COTS items with minor modifications of a type customarily available in the commercial marketplace or minor modifications made to meet Federal Government requirements; (2) commercial subsystems or components of a major weapons system, if the major weapons system was acquired as a commercial item; and (3) components of a subsystem, if the subsystem was acquired as a commercial item.

This Final Rule promulgates the proposed rule that DoD first issued on May 10, 2016, without any substantive changes. Our analysis of the Proposed Rule can be found here.

Print:
Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Susan B. Cassidy Susan B. Cassidy

Susan is co-chair of the firm’s Aerospace and Defense Industry Group and is a partner in the firm’s Government Contracts and Cybersecurity Practice Groups. She previously served as in-house counsel for two major defense contractors and advises a broad range of government contractors…

Susan is co-chair of the firm’s Aerospace and Defense Industry Group and is a partner in the firm’s Government Contracts and Cybersecurity Practice Groups. She previously served as in-house counsel for two major defense contractors and advises a broad range of government contractors on compliance with FAR and DFARS requirements, with a special expertise in supply chain, cybersecurity and FedRAMP requirements. She has an active investigations practice and advises contractors when faced with cyber incidents involving government information, as well as representing contractors facing allegations of cyber fraud under the False Claims Act. Susan relies on her expertise and experience with the Defense Department and the Intelligence Community to help her clients navigate the complex regulatory intersection of cybersecurity, national security, and government contracts. She is Chambers rated in both Government Contracts and Government Contracts Cybersecurity. In 2023, Chambers USA quoted sources stating that “Susan’s in-house experience coupled with her deep understanding of the regulatory requirements is the perfect balance to navigate legal and commercial matters.”

Her clients range from new entrants into the federal procurement market to well established defense contractors and she provides compliance advices across a broad spectrum of procurement issues. Susan consistently remains at the forefront of legislative and regulatory changes in the procurement area, and in 2018, the National Law Review selected her as a “Go-to Thought Leader” on the topic of Cybersecurity for Government Contractors.

In her work with global, national, and start-up contractors, Susan advises companies on all aspects of government supply chain issues including:

Government cybersecurity requirements, including the Cybersecurity Maturity Model Certification (CMMC), DFARS 7012, and NIST SP 800-171 requirements,
Evolving sourcing issues such as Section 889, counterfeit part requirements, Section 5949 and limitations on sourcing from China
Federal Acquisition Security Council (FASC) regulations and product exclusions,
Controlled unclassified information (CUI) obligations, and
M&A government cybersecurity due diligence.

Susan has an active internal investigations practice that assists clients when allegations of non-compliance arise with procurement requirements, such as in the following areas:

Procurement fraud and FAR mandatory disclosure requirements,
Cyber incidents and data spills involving sensitive government information,
Allegations of violations of national security requirements, and
Compliance with MIL-SPEC requirements, the Qualified Products List, and other sourcing obligations.

In addition to her counseling and investigatory practice, Susan has considerable litigation experience and has represented clients in bid protests, prime-subcontractor disputes, Administrative Procedure Act cases, and product liability litigation before federal courts, state courts, and administrative agencies.

Susan is a former Public Contract Law Procurement Division Co-Chair, former Co-Chair and current Vice-Chair of the ABA PCL Cybersecurity, Privacy and Emerging Technology Committee.

Prior to joining Covington, Susan served as in-house senior counsel at Northrop Grumman Corporation and Motorola Incorporated.

Read more about Susan B. CassidyEmail
Show more Show less