October 2021

Federal government contractors face many uncertainties as they implement President Biden’s COVID-19 vaccine mandate. This includes the distinct possibility of civil lawsuits arising out of their implementation of the mandate, including potential allegations of invasion of privacy, wrongful termination, lost wages, discrimination, personal injury or other common law claims or statutory violations. At least one such lawsuit already has been filed. In that suit, dozens of aggrieved employees allege that the contractor’s vaccine mandate violates state law, and they seek an injunction and other relief. Other lawsuits are sure to follow.

But there is good news for contractors: Established legal doctrines should provide contractors some degree of protection—and perhaps complete immunity—against such lawsuits. In addition to the statutory protections afforded to contractors under the PREP Act, contractors may be protected from civil liability based on federal-law-based defenses that have been recognized and applied in analogous government contracting settings. In the coming weeks, as contractors navigate the many challenges associated with the vaccine mandate, they should carefully consider the risk of civil litigation, and, in order to minimize potential exposure in such lawsuits, proactively implement practices that maximize the likelihood that these doctrines and defenses will be applicable, as discussed below.Continue Reading Are Federal Contractors Immunized From Vaccination Litigation? Mitigating The Risk Of Civil Liabilities Arising Out Of The COVID-19 Vaccine Mandate

In a December 2020 speech, Deputy Assistant Attorney General Michael Granston warned that cybersecurity fraud could see enhanced enforcement under the False Claims Act (“FCA”).  On October 6, 2021, Deputy Attorney General Lisa Monaco announced that the Department of Justice (“DOJ”) would be following through on that warning with the launch of the DOJ’s Civil Cyber-Fraud Initiative.  The key component of the initiative is the use of the FCA against Government contractors and subcontractors that fail to comply with cybersecurity requirements, including information security standards and cyber incident reporting obligations, imposed by contract, statute, or regulation.

Under the FCA, the Government can recover treble damages and penalties from federal contractors and subcontractors that knowingly submit false claims for payment.  Notably, the FCA incentivizes private citizens (relators), including contractor employees, to file qui tam suits on behalf of the Government by guaranteeing them between 15 and 30 percent of the recovery.  DOJ stated that it intended to work with federal agencies, subject matter experts, and law enforcement partners on the Civil Cyber-Fraud Initiative.  Recently, Assistant Attorney General Brian Boynton confirmed that this initiative was also intended to incentivize relators and the aggressive relators’ bar to focus their attention on potential cybersecurity noncompliance as the basis for qui tam actions.Continue Reading DOJ Announces New Civil Cyber-Fraud Initiative

Under the January 2021 “Made in America” Executive Order 14005, President Biden established a new Made in America Office to oversee and administer domestic preference requirements in federal procurements.  Housed within the Office of Management and Budget (“OMB”), the Made in America Office was tasked with, among other things, reviewing and approving agency waivers of any Made in America Laws—including, for example, waivers of the Buy American Act (“BAA”) and Trade Agreements Act (“TAA”), as well as developing a publicly available website to post the descriptions of the proposed waivers and justifications for each.  Last week, the Made in America Office launched its new website, establishing for the first time a centralized, government-wide database of all proposed waivers of Made in America Laws.
Continue Reading The Made in America Office Website Is Live

This is the fifth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity”, issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the second, third, and fourth blogs described the actions taken by various federal government agencies to implement the EO during June, July, and August 2021, respectively.  This blog summarizes  key actions taken to implement the Cyber EO during September 2021.

I.   Actions Taken During September 2021 to Modernize Federal Government Cybersecurity

The Office of Management and Budget (OMB) publically released a draft zero trust architecture strategy for federal agencies on September 9, 2021.  On that same day, the Cybersecurity and Infrastructure Agency (CISA) issued two draft documents designed to further OMB’s zero trust strategy: the Zero Trust Maturity Model and the Cloud Security Technical Reference Architecture.  Each of these documents was required by Section 3 of the Cyber EO to modernize and standardize federal government agency approaches to cybersecurity.Continue Reading September 2021 Developments Under President Biden’s Cybersecurity Executive Order

Many of our clients have been calling to ask whether failure to comply with the Administration’s Executive Order imposing vaccine mandates on federal contractors could lead to False Claims Act liability, and what steps they can take to minimize the risk of liability.  Much remains unknown, especially what specific obligations will be included in the FAR clause to be released on October 8.  However, we have highlighted a few key considerations that should be front of mind for all contractors and subcontractors.
Continue Reading COVID-19 Vaccine Mandate for Federal Contractors Could Pose False Claims Act Risk