The Department of Defense is seeking early input on implementation of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 (the “FY2023 NDAA”) in the Federal Acquisition Regulation and Defense Federal Acquisition Regulation.  Although this early engagement process will not replace the formal rulemaking process, it presents a significant opportunity for government contractors, technology providers, industry associations, and other interested parties to provide their perspectives on acquisition-related provisions of this year’s NDAA.  Providing early input can ensure that industry’s perspective is heard.  Indeed, providing input at this stage may impact the future rulemaking process by guiding areas of focus and influencing ways the rule makers ask for input during the rulemaking process.
Continue Reading DoD Seeks Early Input Regarding FY2023 NDAA Implementation in Acquisition Regulations

On February 4, 2022, the National Institute for Standards and Technology (“NIST”) published its Recommended Criteria for Cybersecurity Labeling of Consumer Software (“Software Labeling Criteria”).  NIST also published guidance to federal agencies regarding practices for enhancing software supply chain security when they acquire software (“Supply Chain Security Guidance”).  Both the Software Labeling Criteria and the Supply Chain Security Guidance were issued by NIST pursuant to Section 4 of Executive Order 14028, “Improving the Nation’s Cybersecurity” (the “Cyber EO”), which was issued by President Biden on May 12, 2021.  The Cyber EO and its implementation are the subject of several previous Covington blogs that are available here.

These documents have relevancy to U.S. government contractors and technology companies alike.  The Software Labeling Criteria may serve as a model for labeling requirements on software products purchased by consumers, and therefore should be reviewed closely by all software developers and resellers.  The Supply Chain Security Guidance will likely have more immediate impacts, as the Cyber EO requires (1) that the Office of Management and Budget (“OMB”) take “appropriate steps” to require that agencies comply with the Guidance with respect to software purchased after the date of the EO, and (2) that the FAR to be amended to require all agencies to procure software (defined to include firmware, operating systems, applications, and cloud-based services) in accordance with the Guidance.

Continue Reading NIST Publishes Recommended Criteria for Cybersecurity Labeling for Consumer Software and Guidance to Federal Agencies on Practices to Enhance Supply Chain Security When Procuring Software

On July 25, the GSA’s Office of Inspector General (“OIG”) published a report summarizing its audit of the GSA Transactional Data Reporting (“TDR”) pilot program.  That ongoing pilot program, which we have covered previously and have been tracking since the beginning, allows participating Federal Supply Schedule (“FSS”) contract-holders to report government-sales data each month, in exchange for relief from regulations that would require them to disclose their commercial sales practices.  According to the OIG report, however, GSA cannot objectively measure whether the TDR program is working as intended, because the pilot lacks specific objectives and performance targets.  Moreover, the data that GSA has collected from TDR participants is “not available for . . .  evaluation of the pilot.”  Although the Federal Acquisition Service (“FAS”) disagreed with some of the report’s findings, the report suggests that the TDR program remains a work-in-progress.

Continue Reading OIG Report Criticizes GSA’s TDR Pilot Program

Among the many subjects to receive President-elect Trump’s attention in advance of his swearing in on January 20 are venerable defense contractors and their performance of major systems contracts.  The Boeing Company (Boeing) and Lockheed Martin (Lockheed) have both felt the “heat of the tweet” – Boeing for the projected cost of the next generation of presidential aircraft and Lockheed for its F35 Joint Strike Fighter.  The pointed attention has led some to question the authority of a president to alter existing contractual relations or to impact the award of future contracts.  Can a president require contractors to lower prices on existing contracts or direct that future awards not be made to companies that fail to adopt practices the president favors, e.g., retaining jobs in the United States?  A president always has the bully pulpit to pressure high-profile government contractors to “voluntarily” take actions to their detriment and in favor of the government, but what legal tools or contractual remedies are available if a president forces a particular outcome?
Continue Reading Contracting by Tweet: What Impact Can the New Administration Have on Existing Contracts and Future Awards?

On November 29, 2016, the Department of Defense, General Services Administration, and the National Aeronautics and Space Administration proposed an amendment to the Federal Acquisition Regulation (“FAR”) aiming to encourage pre-acquisition communications between industry professionals and federal agencies.  This amendment is part of a five-year long effort by the Obama Administration to clarify that communications between potential government contractors and federal agencies are not only allowed, but encouraged. 
Continue Reading New FAR Rule Encourages “Constructive Exchanges” between Federal Agencies and Contractors