Under a new FAR rule, standard language in confidentiality agreements could lead to disqualification from contracting or False Claims Act liability.

In January, the FAR Council issued a final rule regulating confidentiality agreements between prime contractors and their employees and subcontractors. The rule implements Section 743 of the Consolidated and Further Continuing Appropriations Act of 2015, Pub. L. 113-235 (Dec. 6, 2014).  As we previously reported, a proposed rule was issued in January of 2016 and a class deviation was issued by the Department of Defense late last year.  The final rule largely adopts the proposed rule’s language and applies to all solicitations and resultant contracts that are funded with fiscal year (FY) 2015 funds.  Contractor Employee Internal Confidentiality Agreements or Statements, 82 Fed. Reg. 4717 (Jan. 13, 2017).

In summary, the new FAR 52.203-19 bars contractors from requiring their employees or subcontractors to sign or comply with “internal confidentiality agreements or statements” that would prohibit them from reporting “waste, fraud, or abuse” on a federal contract.  FAR 52.203-19(b).  Contractors who disregard this rule are prohibited from receiving federal funds.  FAR 3.909-1(a).

Because of the broad reach and significant consequences of non-compliance, the contracting community should take notice of this new rule’s requirements.

How Contractors Can Comply

To comply, contractors must not only cease using such agreements, but they must also “notify current employees and subcontractors” that any covered “preexisting internal confidentiality agreements” are “no longer in effect.”  FAR 52.203-19(c).

Although the notice is limited to current employees and subcontractors, the FAR Council’s comments note that contractors must notify all of their current employees, “whether or not they are directly employed on the Government contract.”  82 Fed. Reg. 4718-19.  The rationale is that employees not billing directly to a government contract may, nonetheless, have information to report relating to fraud, waste and abuse on a contract.  Id. at 4719.

Additionally, offerors will be required to represent in their proposals that they are in compliance with this requirement.  Contractors that fail to do this are “ineligible for award of a contract.”  FAR 3.909-2(a).  This representation will be included as FAR 52.203-18 and requires contractors to certify as follows:

By submission of its offer, the Offeror represents that it will not require its employees or subcontractors to sign or comply with internal confidentiality agreements or statements prohibiting or otherwise restricting such employees or subcontractors from lawfully reporting waste, fraud, or abuse related to the performance of a Government contract to a designated investigative or law enforcement representative of a Federal department or agency authorized to receive such information (e.g., agency Office of the Inspector General).

FAR 52.203-18(d).

Although the FAR Council declined to provide specific “safe harbor” language for contractors to include in their confidentiality agreements, the Council expressed approval for a public commenter’s proposed safe harbor language.  See 82 Fed. Reg. 4719.  This comment could prove instructive for contractors seeking guidance on potential language to include in company confidentiality agreements.[1]

The Rule Has Broad Application and Few Exceptions

The rule applies to all federal contractors, including small businesses, contractors for commercial items, and contractors whose contracts are below the simplified acquisition threshold.  See FAR 52.212-3(u); FAR 52.213-4(a)(1)(i).

However, some confidentiality agreements are excluded.  First, the rule does not include confidentiality agreements arising out of settlements in civil litigation.  FAR 52.203-19(a).  Second, it does not apply to confidentiality agreements that employees or subcontractors sign “at the behest of a Federal agency.”  Id.

The Rule Still Permits Contractors to Protect Company Proprietary Information

The purpose of the final rule is to protect employees’ ability to report actions that reflect fraud, waste, and abuse in connection with a government contract.  The rule’s limitations on overly broad confidentiality agreements do not, however, mean that contractors cannot protect themselves against employee theft of proprietary information.  Nor does the rule mean that contractors need to stand silently by if an employee steals company proprietary information.  As noted above, contractors can meet the requirements of the rule with appropriately drafted agreements while still retaining control over their most sensitive proprietary information.

Potential Pitfalls

Because contractors will now be subject to a new certification, they must be mindful of compliance to avoid contract breaches and possible liability under the False Claims Act.  As with any contract requirement, failure to comply could lead to adverse performance reviews, reductions in award fees, and even termination of the contract.  These adverse reactions can be managed by proactively confirming that internal confidentiality agreements comply with the final rule.

Contractors also must take care to identify which of their vendors or suppliers are “subcontractors” within the meaning of the regulation for purposes of flow down requirements.  The definition of subcontract in the rule is broad, encompassing “any contract … to furnish supplies or services for performance of a prime contract or a subcontract.”  FAR 52.203-19(a).

Finally, the rule could limit the ability of contractors to bring suit against employees who breach confidentiality and document retention agreements.  Some courts have already held that such agreements may be void to the extent they conflict with the False Claims Act. See, e.g,  Shmushkovich v. Home Bound Healthcare, Inc., 12-cv-2924, 2015 WL 3896947, at *1 (N.D. Ill. June 23, 2015) (collecting cases).  This new provision may encourage these types of arguments.


FAR 52.203-19 appears to be part of a larger government effort to encourage whistleblowers by paring back confidentiality agreements. In addition to DoD’s class deviation last November, the Department of Labor and the Securities and Exchange Commission recently published similar rules.

In light of the new FAR rule, contractors should carefully review their confidentiality agreements to confirm compliance, paying special attention to the definitions of “subcontractor” and “employee,” and being mindful of providing notice to “current” employees and subcontractors.

[1]The suggested language is: “Neither the confidentiality provision contained in the _____ [insert title of agreement, statement, policy], nor confidentiality provisions contained in any existing employment or contract with _____ [insert name of contractor] shall be construed to prohibit or otherwise restrict you, as an employee or [sub]contractor of _____ [insert name of contractor] from lawfully reporting waste, fraud, or abuse to a designated investigative or law enforcement representative of a federal department or agency authorized to receive such information under the procurement.”  82 Fed. Reg. 4719.

Email this postTweet this postLike this postShare this post on LinkedIn
Photo of Susan B. Cassidy Susan B. Cassidy

Ms. Cassidy represents clients in the defense, intelligence, and information technologies sectors.  She works with clients to navigate the complex rules and regulations that govern federal procurement and her practice includes both counseling and litigation components.  Ms. Cassidy conducts internal investigations for government…

Ms. Cassidy represents clients in the defense, intelligence, and information technologies sectors.  She works with clients to navigate the complex rules and regulations that govern federal procurement and her practice includes both counseling and litigation components.  Ms. Cassidy conducts internal investigations for government contractors and represents her clients before the Defense Contract Audit Agency (DCAA), Inspectors General (IG), and the Department of Justice with regard to those investigations.  From 2008 to 2012, Ms. Cassidy served as in-house counsel at Northrop Grumman Corporation, one of the world’s largest defense contractors, supporting both defense and intelligence programs. Previously, Ms. Cassidy held an in-house position with Motorola Inc., leading a team of lawyers supporting sales of commercial communications products and services to US government defense and civilian agencies. Prior to going in-house, Ms. Cassidy was a litigation and government contracts partner in an international law firm headquartered in Washington, DC.

Photo of Evan R. Sherwood Evan R. Sherwood

Evan Sherwood advises government contractors on a wide range of matters, including claims and disputes, government investigations, suspension and debarment, bid protests, and regulatory counseling. In addition, Evan counsels clients on risk mitigation strategies, including the process of obtaining SAFETY Act protection.