Photo of Steve McBradyPhoto of Rob SneckenbergPhoto of Michelle ColemanPhoto of Tyler A. O'ConnorPhoto of Eric HerendeenPhoto of Tyler Piper

In the Crowell & Moring case Parsons Government Services, Inc. v. Department of Energy, CBCA 7822, the Civilian Board of Contract Appeals (Board) denied the government’s motion to dismiss concerning Parsons’ claim for additional incentive fee in connection with its performance operating a salt waste processing facility at DOE’s Savannah River Site.  The underlying contract relates to a first-of-its-kind facility to treat and reduce liquid radioactivity in nuclear waste.  In its decision, the Board rejected the government’s motion to dismiss, holding that Parsons had pled sufficient facts to support its claims regarding superior knowledge, impracticability of performance, and breach of the duty of good faith and fair dealing.

Photo of Paul FreemanPhoto of Ellie DawsonPhoto of Issac Schabes

During the month of April, the Biden administration has continued to leverage federal procurement in pursuit of ambitious environmental sustainability policy goals.  The most recent round of new regulations and initiatives finds the administration seeking to strengthen purchasing mandates of sustainable goods and services, as well as laying the groundwork for significant restrictions on the federal procurement of products containing per- and polyfluoroalkyl substances (PFAS). 

Continue Reading Sustainable Procurement Update: Spring 2024
Photo of Evan D. WolffPhoto of Michael G. Gruden, CIPP/GPhoto of Maida Oringher LernerPhoto of Jacob Harrison

On May 14, 2024, the National Institute of Standard and Technology (NIST) published the final versions of Special Publication (SP) 800-171 Revision 3, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations and its companion assessment guide, NIST SP 800-171A, Revision 3 (collectively, “Rev. 3 Final Version”).  While the Department of Defense (DoD) is not requiring contractors who handle Controlled Unclassified Information (CUI) to implement Rev. 3 for now, it is expected that DoD will eventually incorporate Rev. 3 into both DFARS 252.204-7012,  Safeguarding Covered Defense Information and Cyber Incident Reporting (DFARS 7012) as well as the forthcoming Cyber Maturity Model Certification (CMMC) program. 

Continue Reading NIST Releases Final Version of NIST SP 800-171, Revision 3
Photo of Trina Fairley BarlowPhoto of Michelle ColemanPhoto of Eric RansomPhoto of Kris D. MeadePhoto of Rebecca SpringerPhoto of Anuj VohraPhoto of Katie AberPhoto of Laura J. Mitchell Baker

Now more than ever, federal contractors find themselves at the intersection of innovation and regulation, particularly in the realm of Artificial Intelligence (AI).  AI is now incorporated into a broad range of business systems, including those with the potential to inform contractor employment decisions.  For that reason, the Office of Federal Contract Compliance Programs (OFCCP) has issued new guidance entitled “Artificial Intelligence and Equal Employment Opportunity for Federal Contractors” (the “AI Guide”).  OFCCP issued the AI Guide in accordance with President Biden’s Executive Order 14110 (regarding the “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence”), which we reported on here.  The AI Guide provides answers to commonly asked questions about the use of AI in the Equal Employment Opportunity (EEO) context.  The AI Guide also offers “Promising Practices,” which highlight a number of important considerations for federal contractors.  Focusing on federal contractors’ obligations and attendant risks when utilizing AI to assist in employment-related decisions, the AI Guide also provides recommendations for ensuring compliance with EEO requirements while harnessing the efficiencies of AI.

Continue Reading Harmonizing AI with EEO Requirements: OFCCP’s Blueprint for Federal Contractors
Photo of Monty Cooper

On April 19, 2024, EPA signed the highly anticipated final rule designating two types of PFAS as hazardous substances under section 102(a) of the Comprehensive Environmental Response, Compensation, and Liability Act (“CERCLA”).  At the same time, David M. Uhlmann, Assistant Administrator for Enforcement and Compliance Assurance of the EPA, released an enforcement policy memorandum that provides “direction to all EPA enforcement and compliance staff about how EPA will exercise its enforcement discretion under CERCLA in matters involving PFAS, just as EPA exercises enforcement discretion regarding other hazardous substances.”  This alert summarizes key points from the enforcement policy and flags various uncertainties that lie ahead. 

Continue Reading EPA’s Busy April for CERCLA and PFAS:New CERCLA Authority, an Enforcement Escape Hatch, and the Continued Search for Viable Cleanup Technologies
Photo of Adelicia R. CliffePhoto of Stephanie CrawfordPhoto of Alexandra Barbee-GarrettPhoto of M.Yuan Zhou

On May 3, 2024, the Federal Acquisition Regulation (FAR) Council issued an Advanced Notice of Proposed Rulemaking (ANPR) regarding the prohibition on semiconductors produced by certain Chinese manufacturers, enacted in Section 5949(a)(1) of the James M. Inhofe National Defense Authorization Act (NDAA) for Fiscal Year 2023 (Section 5949) expanding on the prohibition on covered telecommunications equipment and services produced by Huawei, ZTE, and others from Section 889 of the FY 2019 NDAA (Section 889).    

Continue Reading “(Don’t) Let the Chips Fall Where They May”:  FAR Council Previews Proposed Rule Implementing the Covered Semiconductor Prohibition  
Photo of Nkechi KanuPhoto of Brian Tully McLaughlinPhoto of Jacob HarrisonPhoto of Jennie Wang VonCannon

On May 1, 2024, the Department of Justice (DOJ) announced that Insight Global LLC (Insight), an international staffing and services company, will pay $2.7 million to resolve allegations that it violated the False Claims Act (FCA) by failing to implement adequate cybersecurity measures to protect personal health information (PHI) and personally identifiable information (PII) under its contracts with the Pennsylvania Department of Health (PADOH) to provide staffing for COVID-19 contact tracing services.  Although contracts with state agencies generally fall outside the FCA’s ambit, PADOH paid Insight using funds received from the federal Centers for Disease Control and Prevention (CDC)—bringing the contract within the FCA’s scope. 

Continue Reading No End “Insight” for DOJ’s Civil Cyber-Fraud Initiative
Photo of Nicole Owren-WiestPhoto of Erin Rankin
Cards Face Up

Nicole Owren-Wiest and Erin Rankin talk TINA. What is the Truthful Cost or Pricing Data Act, formerly known as the Truth in Negotiations Act? When are contractors and subcontractors required to provide certified cost or pricing data? And what does Nicole’s Cookie Monster coffee mug have to do with it? | PodBean | SoundCloud | Apple Podcasts 

Photo of Michael G. Gruden, CIPP/GPhoto of Evan D. WolffPhoto of Maida Oringher LernerPhoto of Nkechi KanuPhoto of Jacob Harrison

On May 2, 2024, the Department of Defense (DoD) issued a class deviation to DFARS 252.204-7012,  Safeguarding Covered Defense Information and Cyber Incident Reporting (DFARS 7012), specifying that contractors subject to the clause must comply with NIST SP 800-171, Revision 2.  The deviation (labeled Deviation 2024-O0013) will delay the incorporation of NIST SP 800-171, Revision 3—which is set to be finalized in the next few weeks—into DFARS 7012.

The standard version of DFARS 7012 does not identify a specific NIST SP 800-171 Revision number, and has been interpreted by DoD as requiring compliance with NIST SP 800-171’s most current Revision.  But with Revision 3’s final release looming, DoD has directed contracting officers to use Deviation 2024-O0013 in place of the standard clause moving forward, linking DFARS 7012 to Revision 2 for the time being.

In a press release announcing the deviation, DoD stated that the “intent of this class deviation is to provide industry time for a more deliberate transition upon the forthcoming release of [NIST SP 800-171, Revision 3].” 

It is unclear when DoD plans to adopt Revision 3.  However, contractors should take advantage of DoD’s reprieve to get familiar with Revision 3, as the DoD has previously indicated that it intends to incorporate NIST SP 800-171’s newest revision into both DFARS 7012 and its forthcoming Cyber Maturity Model Certification (CMMC) program.

Photo of Jana del-CerroPhoto of Chandler Leonard

On May 1, 2024, the Department of State’s Directorate of Defense Trade Controls (DDTC) published a proposed rule that, if implemented, would streamline defense trade between and among Australia, the United Kingdom (UK), and the United States in furtherance of the trilateral security partnership (the “AUKUS” partnership). DDTC issued the proposed rule pursuant to new authorities and requirements contained in Section 1343 of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2024 which, in part, directs the Department of State to immediately implement an International Traffic in Arms Regulations (ITAR) exemption, subject to certain statutory limitations, for the UK and Australia if State determines and certifies that each has implemented (1) a system of export controls comparable to those of the United States and (2) a comparable exemption from its export controls for the United States. According to DDTC, the proposed rule “prepare[s] for a future exemption” and solicits public feedback “to shape a final rule following any positive certification.”

Continue Reading DDTC Publishes Proposed ITAR Amendments to Enhance AUKUS Defense Trade