Regulatory & Statutory Developments

On December 12, 2017, President Trump signed the $700 billion 2018 National Defense Authorization Act (“NDAA”) into law. Following negotiations between the House and Senate Armed Services Committees, the NDAA includes new provisions relating to software acquisition within Title VIII — Acquisition Policy, Acquisition Management, and Related Matters, Subtitle H, and the following five sections:

SEC. 871. Noncommercial Computer Software Acquisition Considerations.

SEC. 872. Defense Innovation Board Analysis of Software Acquisition Regulations.

SEC. 873. Pilot Program to Use Agile or Iterative Development Methods to Tailor Major
Software-Intensive Warfighting Systems and Defense Business Systems.

SEC. 874. Software Development Pilot Program Using Agile Best Practices.

SEC. 875. Pilot Program for Open Source Software.

Continue Reading National Defense Authorization Act FY 2018: Directions in Federal Software Acquisitions

If your company sells products or services to the U.S. Government, there’s a substantial likelihood that you’ve read or heard the acronym “NIST” in connection with various cybersecurity related obligations that the Government is imposing on contractors with a seemingly unceasing vengeance. NIST refers to the National Institute of Standards and Technology, which is a

On August 2, President Trump signed into law the Countering America’s Adversaries Through Sanctions Act (CAATS). What is the significance of the law?

Zlatko Hadzismajlovic: Many things stand out, but here are three that are foremost. First is the sheer number of members of Congress, on both sides of the aisle, who supported the legislation.

During the past few years, discussions in Washington, D.C. have intensified over the battle to modernize the Federal Government’s information technology (IT) systems. In May 2016, Representative Jason Chaffetz—Chairman of the Committee on Oversight and Government Reform in the U.S. House of Representatives—boldly stated that American “[t]axpayers deserve a government that leverages technology to serve

This article focuses on contractor licenses that grant “Restricted Rights” in “Noncommercial Software” to the federal Government under Defense Federal Acquisition Regulation Supplement (“DFARS”) 252.227-7014.  DFARS 252.227-7014 only applies to “Noncommercial Computer Software,” meaning software that is licensed to or developed for the Government, but that is not also licensed to the public.  In contrast to the commercial world, where software licensors generally set the terms under which they wish to license their products, DFARS 252.227-7014 dictates such terms, and codifies required license grants for software developed for the U.S. Department of Defense (“DoD”).  Under DFARS 252.227-7014, even if a licensor develops Noncommercial Software at private expense, the licensor must at least grant Restricted Rights to the Government — although title and ownership of the software always remain with the contractor licensor.
Continue Reading Restricted Rights Under DFARS 252.227-7014: Practitioner Advice for Avoiding DoD Licensing Pitfalls

On April 18, 2017, at the headquarters of Snap-On Incorporated, a Wisconsin-based manufacturer, Donald J. Trump signed an Executive Order titled “Buy American, Hire American”. The Hire American portion, explained in all of two paragraphs in Section 5, requires the Attorney General and Secretaries of State, Labor, and Homeland Security to “consistent with applicable law, propose new rules and issue new guidance, to supersede or revise previous rules and guidance if appropriate, to protect the interests of United States workers in the administration of our immigration system”. The second paragraph is a bit more specific inasmuch as it states that these folks ought to “suggest reforms to help ensure that H-1B visas are awarded to the most-skilled or highest-paid petition beneficiaries.” Among those in attendance were likely Snap-On’s H-1B employees, since the company is a perennial petitioner for H-1B workers at its Kenosha, Wisconsin location.[1]
Continue Reading Buy and Hire American, to the Extent Possible – Federal Publications Seminars

One common complaint we hear from our subcontractor clients is “HOW CAN WE GET PAID????” Our experience has shown that whether through inadvertence, lack of subcontract management resources – or even as a predatory business strategy – some prime contractors will dance, dither and delay upon receipt of requests for payment by their subs for work performed, services rendered and/or products delivered. This can be particularly onerous for small business subcontractors whose payroll and other obligations depend upon prompt payment by their customers. Subs are put in an untenable position. Should they stop work and risk breach of contract? Should they threaten to sue and risk breaching the relationship? New changes to the FAR now impose mandatory reporting obligations on primes should they fail to make timely and full payments to their small business subs. Chronic and unjustified payments now must go into an agency’s evaluation of the prime’s past performance in bidding contests. Primes are well advised to make sure their supply chain management is in order to minimize the additional obligations and risks confronting them should they fail to meet their obligations to their small business subs.
Continue Reading New FAR Changes Incentivize Prime Contractors Not to Be Deadbeats in Meeting Their Payment Obligations to Their Small Business Subcontractors

If you are aware of German Christmas folklore (and really, who isn’t?), you know that Belsnickel is a legendary companion of St. Nick who carries a switch with which to punish naughty children and a pocketful of sweets to reward good ones. This holiday season, many are feeling the sting of a switch of another kind, this one involving the December 20, 2016, issuing by the National Institute of Standards and Technology (NIST) of a preholiday revision of Special Publication 800-171 (SP 800-171), Protecting Controlled Unclassified Information (CUI) in Nonfederal Information Systems and Organizations. If SP 800-171 sounds familiar, it is because the publication is the source of the cybersecurity controls that defense contractors must follow and flow down to subcontractors pursuant to DFARS Subpart 204.73 and its operative clauses (e.g., DFARS 252.204-7008 and DFARS 252.204-7012). Essentially accompanying St. Nick (perhaps Santa Clause may be more appropriate) this season, the NIST’s revised publication may resemble Belsnickel’s switch (pun intended) to contractors who already have existing SP 800-171 controls in place (as the controls have been required, in various forms, since November 2013) or who have started down the road toward SP 800-171 adherence in advance of the DFARS-directed December 2017 deadline. With that in mind, let’s take a quick look at the implications that switch (pun still intended) brings to the security requirements for protecting the confidentiality of CUI in nonfederal systems and organizations:
Continue Reading Switches and Sweets: Belsnickel Brings Defense Contractors and Subcontractors New Cybersecurity Controls in Preholiday Revisions of NIST Cybersecurity Publication

Etymology, particularly the Greek or Latin roots of words, aids our understanding in much the same way as root cause analysis does. The Greek word for disclosure is αποκάλυψη, transliterated to apokálypsi, or “apocalypse.” Nomen est omen. This came to mind while reading the pronouncements proffered by various agencies this year – each of which influences voluntary disclosures of export control violations.
Continue Reading Apocalypse Soon? Permanent Disqualification From Department of Defense Contracts May Result From Voluntary Disclosures of Export Violations

Carrier. UTC. Boeing. Swamp-draining rhetoric. While many ponder what America can expect from the next administration, one thing is clear – it appears to have its eyes on government contractors. However, it is important for those eyes to study the volumes of acquisition regulations under which the government is required to operate when contracting with commercial companies. Accordingly, we thought it would be helpful to describe – through a series of explanations of 140 or fewer characters – why recent tweets about Boeing’s Air Force One contract do not reflect the current state of government contracts law and, in particular, the provisions governing termination of contracts.
Continue Reading Government Contractors Should Not Fear Contract Termination Over Twitter #ComplicatedRegulations #CostlyTerminationProvisions