Helping individuals, companies, and organizations understand key legal and practical considerations for promoting compliance and making better business decisions in these types of federal, state, and local government contracting matters MORE

The New Year is fast approaching, and this week the Consolidated Appropriations Act, 2021, was signed into law. The Act includes appropriations provisions for the Executive branch agencies, including the Departments of Defense, Agriculture, Commerce, Justice, Energy, Interior, Labor, Health and Human Services, State, Treasury, the General Services Administration, and more, as well as the Judiciary and Legislative branches, and DC Government. It also includes provisions on Coronavirus Response and Relief Supplemental Appropriations, including changes and new rounds of relief. But the National Defense Authorization Act for FY 2021 has been vetoed, and we are waiting to see if Congress passes an override.   So stay tuned for the New Year! It looks like we will have lots to report on and opine about in the future.

From all of us at Stinson to all of you, please accept our best wishes to you and yours for a very happy, healthy, and safe New Year and a better 2021!

Susan Warshaw Ebner, Eric Whytsell, Judith Araujo, Christina Arnone, Alexander Barrett, Jack Bowling, Elizabeth Chatham, Darrell Clark, Amy Conway, Steve Cosentino, Benjamin Eastburn, Logan Fancher, Audrey Fenske, Zane Gilmer, Roy Goldberg, Michael Grigsby, Habib Ilahi, David Jenson, Steve Lindemann, Lariss Maldonado, Elsa Manzanares, Sharon Markowitz, Christy Milliken, Erin Naeger, Hailey Perkins, Jill Radloff, Patrick Respeliers, David Rifkind, Thomas Salerno, Stephanie Scheck, Stephen Schemenauer, Peter Schwingler, Zack Sheahan, Christopher Simpson, Brian Sobczyk, Roddy Stieger, Matthew Tews, Johnny Wang, Gerald Weidner and Jessica Wheeler

 

The Government has many rules regarding the protection of data. Government contractors must understand these rules and the importance of timely and properly marking data that they own or develop in performance of a government contract in order to protect it from unauthorized use, release or disclosure by both the Government and third parties.. The provisions that govern this area may differ depending on the agency and contracting vehicle used. The regulations in the Federal Acquisition Regulation (“FAR”) and the Department of Defense (“DoD”) FAR Supplement (“DFARS”) do not spell out all of the various kinds of legends that might be used to mark data. DFARS 252.227-7013, the noncommercial technical data rights clause applicable to DoD contracts, identifies four types of rights – Unlimited Rights, Government Purpose License Rights (“GPLR”), Limited Rights (“LR”), and Specifically Negotiated License Rights (“SNLR”) – and provides markings to be used for GPLR, LR, SNLR. The Government may, but is not required to, reject markings that do not conform with the markings in that clause. DFARS 227.7103-12; 252.227-7013(h). However, where a contractor includes a protective legend on its data, even if it is not the precise one listed in the agency’s data rights clause, it should be deemed to have put the Government and others on notice that the contractor considers there to be limits on how the data can be used and to whom it can be released.

In a recent case, The Boeing Co. v. Secretary of the Air Force, (“Boeing”), the U.S. Court of Appeals for the Federal Circuit (“Federal Circuit”) considered whether Boeing’s application of a marking on its delivered data was nonconforming and justified the agency’s rejection of Boeing’s deliverable.

In this case, Boeing held two contracts with the U.S. Air Force (“USAF”) for work on the F-15 Eagle Passive/Active Warning Survivability System. The contracts included the requirement for delivery of technical data to the USAF with Unlimited Rights and the DFARS 252.227-7013, non-commercial technical data rights clause (“Subsection 7013”). The parties did not dispute that Boeing retained ownership of technical data delivered to the USAF under the contracts. Boeing contended that its markings on the technical data were intended to protect its rights as they pertained to third parties – putting them on notice of the proprietary nature of the data, its unpublished copyright reservation, and the direction that “Non-US Government Entities May Use and Disclose Only As Permitted In Writing By Boeing Or By The US Government.” The USAF rejected the data deliverables marked in this manner, contending that they were nonconforming. Boeing requested a final Contracting Officer’s decision on the matter.

Pending the issuance of that final decision, Boeing proposed marking the data with an alternate legend. The USAF also rejected this alternative marking, which read in pertinent part: “Contains Technical Data/Computer Software Delivered to the U.S. Government With Unlimited Rights … Copyright [Year of Creation] Boeing and/or its Supplier, as applicable. Non-U.S. Government recipients may use and disclose only as authorized by Boeing or the U.S. Government.”

The Contracting Officer issued a final decision, confirming the rejection of the legends and directing Boeing to correct them at Boeing’s expense. Boeing appealed this final decision to the Armed Services Board of Contract Appeals (“ASBCA”) on the ground that Boeing’s legend was “not nonconforming” under Subsection 7013(f) since its legend did not address restrictions on Government rights, only third party rights. The ASBCA, ruling on motion for summary judgment, disagreed, siding with the USAF’s position that only the legends listed in Subsection 7013(f) are authorized and Boeing’s legend was not one of those.

Since the interpretation of this clause was a matter of law, the Federal Circuit reviewed the question de novo. It determined that the plain meaning of the clause, when read as a whole, was that it governed only the restrictions being asserted with regard to the Government’s rights to the data, and not the rights of third parties. Thus, in rejecting the Government’s argument that the legends were not authorized under Subsection 7013(f), the Federal Circuit held that they could not be “nonconforming” so as to justify rejection. Because the Court found that the clause’s limitations on markings only related to the markings that were intended to restrict the Government’s rights, it found that the clause did not address Boeing’s right to place markings on the technical data to restrict the rights of third parties except to the extent that Boeing or the Government granted them specific rights.

The Federal Circuit refrained from addressing the important question of whether the application of the markings actually restricted the Government’s rights. If the markings are ultimately found to restrict the Government’s rights under the facts of the case, then in accordance with the Federal Circuit interpretation of the clause, the markings would be considered “nonconforming.” The Federal Circuit held that this fact question needs to be decided by the ASBCA as the trier of fact and remanded the case to the ASBCA. In remanding, the Federal Circuit decision held that this was not a question to be resolved on summary judgment.

Review of the underlying ASBCA decision shows that facts may well rule the day. In that decision, the ASBCA identifies markings which were also provided and proposed by BAE, Boeing’s subcontractor. That “current” BAE legend states:

DATA RIGHTS – This data is submitted to all parties, excluding the US Government, with limited rights under the contract submitted hereunder. In the event this document/drawing, or portions thereof, are subsequently required to be delivered to the US Government in accordance with the contract submitted hereunder, except as otherwise noted, BAE Systems hereby grants the US Government full unlimited rights for all data and computer software contained herein for use on this contract for this program. Otherwise, use or third party disclosure requires written approval from BAE Systems. IESI.

Copyright © 2016 BAE Systems Unpublished WORK – All Rights Reserved

The BAE legend differs from the Boeing legends and may in fact muddy the waters on remand. That clause states that use or disclosure by third parties requires BAE’s written approval; it does not address rights that the Government may provide third parties.

Whether and to what extent the ASBCA will find that the markings placed on the data by Boeing actually restrict the Government’s rights will be determined on remand.

This case is a lesson to all that contract with the Government — if rights in data are important to you, then be sure to address them early and clearly—and incorporate the terms agreed to by the parties into your contract. Indeed, this kerfuffle might have been avoided if the parties had properly identified their respective rights in data up front and agreed in writing to a set of markings to be used.

Even when agencies use simplified acquisition procedures, they generally must maximize competition to the extent practicable. There is, however, an exception to this default rule if only one source is reasonably available based on the urgency of requirements or other grounds. Unfortunately, as the recent Government Accountability Office (GAO) decision in Summit Technologies, Inc., B-419126; B-419126.2 (November 19, 2020), reminds us, offerors face a high bar when seeking to challenge a contracting officer’s determination that only one source is reasonably available.

The case involved a procurement for experimentation support services for the U.S. Army’s Cyber Battle Lab (CBL). The Army issued its initial request for proposals (RFP) for the requirement in February 2020 and in July awarded a contract based on that RFP to Ad Hoc Research Associates, LLC (Ad Hoc). The period of performance for the awarded contract began on July 30, 2020. Summit Technologies, Inc. (Summit) protested that award on August 10 and, as a result, work on the contract was suspended. Four days later, the Army issued a new RFP directly to Ad Hoc seeking substantially the same services but only for a maximum of four months. Ad Hoc submitted a responsive proposal that same day and the Army instructed Ad Hoc to proceed with performance on August 17. Final execution of the awarded “bridge” contract did not occur until August 28.

By themselves, these facts certainly make it sound like the Army is running roughshod over the competition requirement in this case. After all, when faced with a protest of its original award decision, it almost immediately found another way to award the work to Ad Hoc! Of course, that’s not the entire story. And depending on the actual facts and circumstances, together with the discretion afforded contracting officers, it can be very difficult to make such an argument even if it seems strong on its face.

It turns out that, at about the same time it was putting Ad Hoc to work and finalizing the contract award, the Army was also preparing and approving a sole-source justification and approval (J&A) document, citing unusual and compelling urgency. The Army cited the negative impact on mission readiness that would result from a “break” or loss of functionality and argued that Ad Hoc is the only vendor that can continue to provide uninterrupted support during the stay. For example, the subject services provide vital support to an environment that provides critical collaboration capabilities to 23 separate Department of Defense (DoD) sites. The J&A also explains that the bridge contract will provide critical support for its annual Cyber Quest prototyping experimentation event, which requires a year of planning and testing and culminates in a month–long event attended by key stakeholders, industry, and academia.

The Army posted its J&A to FedBizOps on September 3. Summit protested shortly thereafter, arguing that the Army cannot demonstrate unusual and compelling urgency that would result in serious injury to the agency to justify the award of a sole-source contract. It also contended that the agency failed to reasonably consider the conduct of a limited competition for the sole-source requirements in violation of the Federal Acquisition Regulation (FAR). Applying its standard approach, the GAO reviewed the Army’s decision to limit competition for reasonableness.

The GAO’s discussion of the issues opens by noting that the CBL requested contract coverage to “ensure there is no break in CBL’s ability to conduct critical mission requirements…,” including supporting Cyber Quest 2020 and similar events, as well as network operations support and information security controls across the 23 DoD sites. Significantly, the Cyber Quest 2020 event was scheduled to begin within one week of the start of performance of the sole-source award and prior to the agency’s posting of the J&A. Thus, the GAO found that Summit’s claims that there were no urgent circumstances and the agency should have conducted a limited competition rather than issue a sole-source contract were clearly contradicted by the record. According to the GAO, even limited competition was not a viable option because of the short time frames involved. Further, the agency’s decision to limit competition was reasonable where the record shows the agency needed services to begin by at least August 18.

In response, Summit argued that “Cyber Quest 2020 was not that important of an Exercise,” and that the balance of the services provided under the sole-source contract are not necessary for operational readiness. That argument did not succeed, largely because a protester’s disagreement with the agency’s judgments regarding its needs and how best to accommodate them, without more, is insufficient to show that the agency’s judgment is unreasonable. In other words, despite what looked like a good set of facts at the outset, Summit ran into a buzz saw consisting of cogent agency explanations, backed up by facts, and the deference routinely give to contracting officers. The nature of the Army’s requirements surely also came into play. The fact that the action was being taken to support the DoD’s immediate needs in the cybersecurity arena certainly made it even harder for Summit to prevail over the contracting officer’s determination of compelling urgency.

In the end, the GAO found that the agency demonstrated a reasonable basis for awarding a short term sole-source contract to Ad Hoc to avoid a break in services after Summit filed its initial protest on August 10, and also found reasonable the agency’s conclusion that it could not conduct a limited competition in time to satisfy its immediate requirements.

This does not mean that all challenges to agency determinations of unusual and compelling urgency are automatically doomed. But unhappy offerors confronting such findings and the corresponding sole-source awards must carefully consider all available facts and circumstances before deciding whether and how to mount such an attack. Such protests can be much harder than they look.

As a preface to this blog, I recently gave a presentation with Nate Picarsic and Emily de la Bruyere at the American Bar Association Public Contract Law Section Fall Procurement Symposium on “China’s Military-Civil Fusion Strategy Supply Chain Implications.” China’s Military-Civil Fusion strategy poses increasing threats to our defense supply chain. Countries and entities around the globe that engage in infrastructure and other investment relationships with China are exposed to the risk of having a coercive economic dependence on China. For example, China has strategically acted to obtain significant control over rare earths which are integral to production of those IoT devices that civilians and the military rely on. Similarly, China’s steps to engage in the Belt and Road initiative to finance various countries’ and entities’ infrastructure projects have resulted in an ability to leverage those countries and entities for their own purposes. China’s recently announced Asia-Pacific Trade Pact, which has been touted as creating the world’s biggest free trade bloc, also poses similar risks and future challenges to the defense supply chain.

With this as background, President Trump’s Executive Order on “Addressing the Threat from Securities Investments that Finance Communist Chinese Military Companies,” (EO) issued on November 12, 2020, is a development to which contractors should pay attention. The EO notes the threats of China’s Military-Civil Fusion strategy as presented through the development of technology and products by civilian Chinese companies that are then used to support China’s military, intelligence, and other security apparatuses. These Chinese companies have been traded on public exchanges in the U.S. and abroad. U.S. investment in these companies, according to the EO, has been used to support the development and modernization of China’s military.

The EO targets this asymmetric threat. Specifically, starting on January 1, 2021, except to the extent permitted by statute, regulation, order, directive, or license, the EO prohibits U.S. persons or entities from engaging in transactions in publicly traded securities, or their derivatives, of any Communist Chinese military company. The EO also prohibits any U.S. persons or entities from engaging in activities to “provide investment exposure to” securities of such Communist Chinese military companies. The EO allows U.S. persons or entities to sell such securities for divestiture purposes up to November 11, 2021. As additional Chinese military companies are identified, U.S. persons or entities will have up to 60 days from the date of that determination to divest. Transactions or conspiracies to evade or avoid this EO are prohibited. The EO directs all agencies, including specifically the Secretary of Treasury, Secretary of Defense, and the Director of National Intelligence, to take appropriate actions within their authority to implement regulations and orders to carry out this EO.

Under the EO, “Communist Chinese military company” means

(i)    any person that the Secretary of Defense has listed as a Communist Chinese military company operating directly or indirectly in the United States or in any of its territories or possessions pursuant to section 1237 of Public Law 105-261, as amended by section 1233 of Public Law 106-398 and section 1222 of Public Law 108-375, as of the date of this order, and as set forth in the Annex to this order, until such time as the Secretary of Defense removes such person from such list;

(ii)   any person that the Secretary of Defense, in consultation with the Secretary of the Treasury, determines is a Communist Chinese military company operating directly or indirectly in the United States or in any of its territories or possessions and therefore lists as such pursuant to section 1237 of Public Law 105-261, as amended by section 1233 of Public Law 106-398 and section 1222 of Public Law 108‑375, until such time as the Secretary of Defense removes such person from such list; or

(iii)  any person that the Secretary of the Treasury publicly lists as meeting the criteria in section 1237(b)(4)(B) of Public Law 105-261, or publicly lists as a subsidiary of a person already determined to be a Communist Chinese military company, until the Secretary of the Treasury determines that such person no longer meets that criteria and removes such person from such list.

The EO also provides that Executive Branch agencies are required to report to Congress on these matters.

As a government contractor, this may affect your investments and your supply chain. If you own securities or interests in covered Chinese companies, you need to determine whether and to what extent you will be required to divest under rules issued to carry out this EO. If your supply chain includes covered Chinese companies, you will need to carefully consider what impact the rules promulgated will have on your ability to continue to use these companies. Given the precedent of rules promulgated under Section 889 of the NDAA FY 2019 and the Supply Chain Risk rule, it is not difficult to imagine a scenario where there could be a challenge to a contractor’s or subcontractor’s present responsibility, its ability to receive a contract award, or its being used in the performance of a government contract where it is found to have investments or interests in covered Chinese companies.

What do you do now? Questions remain. This EO is coming towards the end of the current administration. How fast will rules be implemented? Will this EO be rolled back or implemented further by the next administration? Time will tell. However, the threats posed by Chinese Military-Civil Fusion Strategy have been documented and rules requiring rip out and replacement of covered Chinese products are already being implemented as a result of the laws passed with bipartisan support. Be on the lookout for future blogs on the topic.

If you have questions about supply chain risk matters contact the author or your Stinson counsel.

On November 18, 2020, the Department of Justice (DOJ) announced that a Chinese national and naturalized citizen of the United States was sentenced to 38 months in prison for travelling to China with unclassified military-related technical information. Wei Sun was employed as an electrical engineer with Raytheon Missiles and Defense for ten years. During this time, he had access to defense technical information related to the development and production of missiles, which information was export controlled pursuant to the Arms Export Control Act (AECA) and International Traffic in Arms Regulations (ITAR).

As relevant to this prosecution, Mr. Sun, knowing that he was not legally allowed to do so, travelled from the United States to China on a personal trip with his Raytheon-issued computer, which contained data related to an advanced missile guidance system that was controlled by the AECA and ITAR. This was illegal in that Mr. Sun did not obtain an export license for this travel, essentially delivering controlled technology to China without permission, in violation of the AECA and ITAR. Mr. Sun ultimately pleaded guilty to a felony violation of the AECA and was subsequently sentenced to over three years in prison.

The DOJ’s press release emphasized that this “sentence should stand as a warning to others who might be tempted to similarly put the nation’s security at risk.” Indeed, contractors should take care to know which export controls and information safeguards are applicable to their business and to train their employees on the same in order to avoid a bad outcome such as this one.