This article focuses on contractor licenses that grant “Restricted Rights” in “Noncommercial Software” to the federal Government under Defense Federal Acquisition Regulation Supplement (“DFARS”) 252.227-7014. DFARS 252.227-7014 only applies to “Noncommercial Computer Software,” meaning software that is licensed to or developed for the Government, but that is not also licensed to the public. In contrast to the commercial world, where software licensors generally set the terms under which they wish to license their products, DFARS 252.227-7014 dictates such terms, and codifies required license grants for software developed for the U.S. Department of Defense (“DoD”). Under DFARS 252.227-7014, even if a licensor develops Noncommercial Software at private expense, the licensor must at least grant Restricted Rights to the Government — although title and ownership of the software always remain with the contractor licensor.
Continue Reading Restricted Rights Under DFARS 252.227-7014: Practitioner Advice for Avoiding DoD Licensing Pitfalls
Switches and Sweets: Belsnickel Brings Defense Contractors and Subcontractors New Cybersecurity Controls in Preholiday Revisions of NIST Cybersecurity Publication
If you are aware of German Christmas folklore (and really, who isn’t?), you know that Belsnickel is a legendary companion of St. Nick who carries a switch with which to punish naughty children and a pocketful of sweets to reward good ones. This holiday season, many are feeling the sting of a switch of another kind, this one involving the December 20, 2016, issuing by the National Institute of Standards and Technology (NIST) of a preholiday revision of Special Publication 800-171 (SP 800-171), Protecting Controlled Unclassified Information (CUI) in Nonfederal Information Systems and Organizations. If SP 800-171 sounds familiar, it is because the publication is the source of the cybersecurity controls that defense contractors must follow and flow down to subcontractors pursuant to DFARS Subpart 204.73 and its operative clauses (e.g., DFARS 252.204-7008 and DFARS 252.204-7012). Essentially accompanying St. Nick (perhaps Santa Clause may be more appropriate) this season, the NIST’s revised publication may resemble Belsnickel’s switch (pun intended) to contractors who already have existing SP 800-171 controls in place (as the controls have been required, in various forms, since November 2013) or who have started down the road toward SP 800-171 adherence in advance of the DFARS-directed December 2017 deadline. With that in mind, let’s take a quick look at the implications that switch (pun still intended) brings to the security requirements for protecting the confidentiality of CUI in nonfederal systems and organizations:
Continue Reading Switches and Sweets: Belsnickel Brings Defense Contractors and Subcontractors New Cybersecurity Controls in Preholiday Revisions of NIST Cybersecurity Publication
Apocalypse Soon? Permanent Disqualification From Department of Defense Contracts May Result From Voluntary Disclosures of Export Violations
Etymology, particularly the Greek or Latin roots of words, aids our understanding in much the same way as root cause analysis does. The Greek word for disclosure is αποκάλυψη, transliterated to apokálypsi, or “apocalypse.” Nomen est omen. This came to mind while reading the pronouncements proffered by various agencies this year – each of which influences voluntary disclosures of export control violations.
Continue Reading Apocalypse Soon? Permanent Disqualification From Department of Defense Contracts May Result From Voluntary Disclosures of Export Violations
Developments in DoD’s Treatment of Commercial Item Assertions
The comment period for DoD’s proposed rule amending DFARS 212 has been extended to November 10. Click here.
The passage of the Federal Acquisition Streamlining Act of 1994 and the Clinger-Cohen Act of 1996 saw the dawning of a new era in procurement policy, pursuant to which sweeping changes to the procurement laws and regulations governing the acquisition of goods and services offered and sold in the commercial marketplace took hold. These goods and services are referred to, and defined, in the Federal Acquisition Regulation (“FAR”) as “commercial items.” Two major effects of these legislative landmarks were: (1) the streamlining and modification of certifications and clauses required in solicitations and contracts for commercial items; and (2) the exemption of commercial item suppliers from the requirement to submit certified cost or pricing data under the Truth in Negotiations Act (“TINA”).Continue Reading Developments in DoD’s Treatment of Commercial Item Assertions