Uncategorized

Subscribe to Uncategorized

The United States National Cybersecurity Strategy, released on March 2, 2023, is poised to place significant responsibility for cybersecurity on federal contractors, technology companies, and critical infrastructure owners and operators.  The Strategy articulates a series of objectives and recommended executive and legislative actions that, if implemented, would increase the cybersecurity responsibilities and requirements of

On December 23, 2022, President Biden signed the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 into law.  The Act contains two significant prohibitions regarding the procurement and use of semiconductor products and services from specific Chinese companies and other foreign countries of concern that will come into effect in December 2027. 

Continue Reading NDAA Prohibits Government Purchase and Use of Certain Semiconductors

This is the eleventh in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the second through tenth blogs described the actions taken by various Government agencies to implement the EO from June 2021 through February 2022, respectively.  This blog summarizes key actions taken to implement the Cyber EO during March 2022.  As with steps taken during prior months, the actions described below reflect the implementation of the EO within the Government.  However, these activities portend further actions, potentially in or before June 2022, that are likely to impact government contractors, particularly those who provide software products or services to the Government.
Continue Reading March 2022 Developments Under President Biden’s Cybersecurity Executive Order

This is the tenth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the secondthirdfourthfifthsixthseventheighth, and ninth blogs described the actions taken by various Government agencies to implement the EO from June 2021 through January 2022, respectively.

This blog summarizes key actions taken to implement the Cyber EO during February 2022.  As with steps taken during prior months, the actions described below reflect the implementation of the EO within the Government.  However, these activities portend further actions in March 2022 that are likely to impact government contractors, particularly those who provide software products or services to government agencies.

Continue Reading February 2022 Developments Under President Biden’s Cybersecurity Executive Order

As discussed in our previous post, multiple federal courts have issued preliminary injunctions blocking the Biden Administration’s COVID-19 vaccine mandate for employees of federal contractors.  On January 27, 2022, the United States District Court of Arizona issued a new and additional injunction barring enforcement of the mandate within the State of Arizona.  In so doing, the Arizona court added to the injunctions previously issued by the U.S. District Courts for the Eastern District of Kentucky, Western District of Louisiana, Eastern District of Missouri, Middle District of Florida, and Southern District of Georgia.

The Georgia injunction is the only one of the rulings that applies nationwide.  Like the Arizona injunction, the Missouri, Florida, and Kentucky injunctions are limited to specific states (collectively, Kentucky, Ohio, Tennessee, Missouri, Nebraska, Alaska, Arkansas, Iowa, Montana, North Dakota, South Dakota, Wyoming, and Florida).  The Louisiana injunction is also limited, but its limitations are based on entities rather than geography; it applies to contracts and other agreements between the federal government and the governments of Louisiana, Mississippi, and Indiana.  The Biden Administration has appealed these earlier decisions; we expect that an appeal of the Arizona decision to the Ninth Circuit will likewise be forthcoming.

At the same time, the Biden Administration’s other primary COVID-19 initiative for large employers — the vaccination and testing emergency temporary standard issued by the Occupational Safety and Health Administration (the so-called “OSHA Mandate”) — was stayed by the United States Supreme Court on January 13, 2022.  In the wake of that decision, OSHA announced on January 25, 2022 that it is withdrawing the enforceable emergency temporary standard.

While the Supreme Court’s decision halted immediate application of the OSHA Mandate, the emergency temporary standard qualifies as a proposed rule for purposes of OSHA’s notice-and-comment rulemaking process under 29 U.S.C. § 655, and OSHA has announced that it will continue to consider the emergency temporary standard pursuant to that process.  Accordingly, OSHA could attempt to promulgate a final rule (as opposed to an emergency temporary standard) that addresses vaccines or testing requirements.

The rest of this post consists of (1) an overview of the Arizona decision regarding the federal contractor vaccine mandate; and (2) an update on the status of the other challenges to the federal contractor vaccine mandate, including the Kentucky, Louisiana, Missouri, Florida, and Georgia litigations.

Continue Reading COVID-19 Vaccine Mandate Update: Arizona District Court Issues Additional Injunction; Mandate Remains Enjoined Nationwide; OSHA Mandate Withdrawn

This is the eighth in a series of Covington blogs on implementation of Executive Order 14028, “Improving the Nation’s Cybersecurity,” issued by President Biden on May 12, 2021 (the “Cyber EO”).  The first blog summarized the Cyber EO’s key provisions and timelines, and the second, third, fourth, fifth, sixth, and seventh blogs described the actions taken by various government agencies to implement the EO from June through November 2021. This blog summarizes the key actions taken to implement the Cyber EO during December 2021.  Although the actions described below implement different sections of the Cyber EO, each of them portends further actions in February 2022 that are likely to impact government contractors, particularly those who provide software products or services to federal government agencies.

Continue Reading December 2021 Developments Under President Biden’s Cybersecurity Executive Order

The Department of Defense (DoD) released key documentation relating to Cybersecurity Maturity Model Certification (CMMC) 2.0 over the past several weeks, including (1) a CMMC 2.0 Model Overview document, (2) CMMC Self-Assessment Scopes for Level 1 and 2 assessments/certifications, (3) CMMC Assessment Guides for Level 1 and 2 attestations/certifications, and (4) the CMMC Artifact Hashing

Addressing climate change has been a priority for President Biden since his first day in office.  On December 8, 2021, President Biden continued that focus by issuing Executive Order (EO) 14057, Catalyzing Clean Energy Industries and Jobs Through Federal Sustainability, which includes a number of requirements directed at introducing sustainability to federal acquisitions.

This most recent EO announces an administration policy to achieve net-zero emissions from federal procurement by 2050 and comes on the heels of the public comment period extension to January 13, 2022 in response to EO 14030, Climate-Related Financial Risk.  Although the administration will likely be rolling out additional sustainability requirements in the coming months, contractors currently have an opportunity to help shape an initial requirement that may end up effectively establishing an environmental, social, and governance or “ESG” reporting requirement.
Continue Reading Contractors Have an Opportunity to Help Shape ESG Requirements

On December 27, 2020, the Economic Aid to Hard-Hit Small Businesses, Nonprofits, and Venues Act opened up the Paycheck Protection Program (“PPP”) to additional organizations and authorized a second draw of PPP loans.  The U.S. Small Business Administration (“SBA”) has issued guidance on changes to the original Program and new second draw loans, and the Program has been partially reopened for both first and second draw loans as of January 13, 2021.  Loans will initially only be available through community financial institutions, but SBA has indicated that additional lenders will once again be able to participate in the Program on January 15, 2021, with a full reopening scheduled for January 19, 2021.

Similar to the Program’s original rollout, a number of questions remain with respect to SBA’s implementation of the Act.  SBA is also delaying guidance on changes to loan forgiveness, which may once again place borrowers in the position of taking out loans without knowing whether they will be fully forgiven.  However, SBA has now been managing the Program for almost ten months, and borrowers will hopefully not be subject to the same level of policy shifts and reversals that was experienced during the Program’s original rollout.

The Act makes first and second draw loans available until March 31, 2021, but there is a good chance that all available funds will be allocated before that date.

Continue Reading Paycheck Protection Program Expands and Offers Opportunity for Second Draw Loans

Late last year, a spokesman for the Department of Defense announced without fanfare that the agency would increase audits of certified cost or pricing data under the Truth in Negotiations Act (“TINA”).  While the full effect of that enhanced focus on TINA compliance remains to be seen, a recent decision by the Armed Services Board of Contract Appeals (“ASBCA”) provides helpful guidance for navigating upcoming TINA audits and defending against defective pricing claims, particularly in situations involving an on-going program where documents contain both facts and judgmental estimates.

Continue Reading With Potential New TINA Audits on the Horizon, the ASBCA Provides a Helpful Primer on Defending Against Defective Pricing Claims