On March 6, 2026, the General Services Administration (GSA) issued a significant proposed contract clause, GSAR 552.239-7001, Basic Safeguarding of Artificial Intelligence Systems (“Clause”), for inclusion in GSA Schedule solicitations and contracts for AI capabilities.  The proposed clause would impose substantial new requirements related to AI sources, intellectual property rights, data use, change management, and performance standards.  The Clause would also take precedence over any other contract terms (including commercial licensing terms) related to AI, including a Seller’s terms of sale and service to which the Government had previously agreed.  GSA requests comments by March 20, 2026.

An analysis of the proposed clause follows below.

Key Takeaway #1: Significant Compliance Obligations, Applicable to Commercial AI Vendors. The proposed Clause would apply to, and make contractors responsible for the compliance of, commercial AI service providers whose offerings are used in contract performance.  The Clause would limit contractors (and their Service Providers) to using “American AI Systems,” prohibiting the use of “AI components manufactured, developed, or controlled by non-U.S. entities.”  The Clause would also require Contractors to report incidents within 72 hours and document compliance with various risk, transparency, and privacy controls.

Key Takeaway #2: Broad Government Data Rights and Data Access for AI Systems. The proposed Clause would grant the Government sweeping rights to “Government Data” (including “Data Inputs,” like source data, and “Data Outputs,” including content generated by an AI system “in performance” of the contract), as well as to designs or modifications to AI Systems made for the Government.  The Clause would prohibit contractors from using this data to train AI models or inform business decisions, and further prohibit them from refusing to produce Data Outputs or perform certain analysis based on company discretionary policies.  

Key Takeaway #3: “Unbiased” Requirements. The Clause would require contractors to adhere to “Unbiased AI Principles” that, for example, prohibit “partisan or ideological judgments,” and it would grant the Government rights to conduct automated assessments and suspend the use of AI systems for noncompliance.  Failure to comply could lead to termination and “reasonable decommissioning costs” borne by the contractor.

---

Table of Contents 

• Applicable to Those Providing AI Capabilities – You’re Also Responsible for Subcontractors and Commercial Vendors’ Compliance
• Intellectual Property and Data Rights Expand Government Data Rights for AI Systems
• Contractor Obligations for Compliance, Incident Reporting, and Documentation May Create Substantial Burdens
  • “American AI Systems” Only
  • Traceability and Government Oversight
  • Feedback Mechanism
  • Affirmative Documentation and Disclosures Proving Compliance with Government Limitations on AI Development and Security
  • Aggressive Incident Reporting
• Confidentiality, Data Portability, and Interoperability Requirements for Broad Usability and Limitations on Barriers to Alternative Vendors
  • Control Mechanisms for the Government
  • Standardized Formatting
  • Export and Ingestion Without Barriers to Alternative Vendors
• Change Management Including Notice and Access Requirements
  • Concurrent Old and New AI Model Access
  • Disclosure of Certain Contractor Findings
  • Notice of Privacy Protection Changes
  • Notice of New Service Providers
• Ambiguity in Performance, Evaluation, and Remediation Requirements for “Unbiased AI Principles”
• Key Questions for Consideration

Applicable to Those Providing AI Capabilities – You’re Also Responsible for Subcontractors and Commercial Vendors’ Compliance

The Clause would apply to all solicitations and contracts “for [AI] capabilities[,]” although the clause does not further explain what that term means.  The Clause (though not a mandatory flowdown) would make the contractor responsible for the downstream compliance with Clause requirements by “Service Providers,” defined as an entity that “directly or indirectly provides, operates, or licenses an AI system,” including subcontractors or the contractor’s commercial vendors.  This prime contractor responsibility will likely result in contractors applying various Clause requirements (if not the entire Clause) to their Service Providers, even commercial vendors.  Recognizing that many contractors use commercial AI models, contractors may need to renegotiate their agreements with vendors that meet the definition of Service Providers.

Intellectual Property and Data Rights Expand Government Data Rights for AI Systems

The proposed Clause would grant broad rights to the Government.  It also would impose restrictions and security requirements on contractors and Services Providers and prohibit them from refusing to produce certain data outputs and perform certain analyses.

Specifically, under the proposed Clause, the Government would own the following:

• “Government Data,” which is defined to include both “Data Inputs” and “Data Outputs.”  Data Inputs covers “all data,” including personally identifiable information (PII), that is “submitted to the AI System by, or created for, the Government.”  Examples of data inputs are prompts, queries, instructions, system prompts, source data, and knowledge bases.  Data Outputs refers to “all” data, information, PII, content, and any improvements, enhancements, corrections, annotations, or other modifications made to Data Inputs, generated by the AI System in the performance of the contract, including, for example, system responses, results, metadata, logs, and anonymized and synthetic data.  It excludes “technical system-level data that contains no government data or government usage context,” such as performance metrics and token counts.    
• Any “Custom Developments,” which include any designs of or modifications, customizations, configurations, or enhancements to AI Systems or associated implementations or workflows, and any related work product and deliverables developed under the contract.  This includes modifications to AI Systems or models as a result of model training or fine-tuning.  Custom Development excludes background IP developed before contract performance or independently without use of, or reference to, the Government’s confidential information or design specifications.
• Any feedback provided to the contractor or Service Provider to the AI System or Custom Developments.

For Government Data and Custom Developments, the contractor or Service Provider would obtain a license to use such data solely to perform the contract and provide any contractually required technical support and maintenance, unless other uses are expressly authorized by the contracting officer (CO).  Consistent with the Office of Management and Budget’s (OMB) April 2025 memo M-25-22 on Driving Efficient Acquisition of Artificial Intelligence in Government, the Clause would also expressly prohibit contractors and Service Providers from using Government Data to train a large language model (LLM).  It would also prohibit them from using Government Data to inform advertising, marketing, sales, or other business decisions, and from retaining, accessing, or using Government Data beyond the scope and duration permitted by the contract.  The proposed Clause would also prohibit contractors and Service Providers from using Custom Developments for anay non-Government use unless authorized by the CO. 

The proposed Clause would allow contractors and Service Providers to retain ownership of their underlying AI System and base models.  The Government, however, would receive a license to use the AI System for lawful Government purposes for the duration of the contract.  This license would permit the Government to operate and access the AI System, allow Government personnel and contractors to use the AI System, integrate the AI System with Government systems for any lawful Government purpose, and input data into the AI System and receive Data Outputs.  The proposed Clause would expressly prohibit contractors and Service Providers from refusing to produce Data Outputs or to perform certain analysis based on the contractor’s or Service Provider’s discretionary policies.  

Finally, the proposed Clause would establish a number of data handling and processing requirements that would require contractors and Service Providers to implement systems and tools to prevent unauthorized access to Government Data and track all processing activities involving Government Data.  They must also ensure Government Data is logically segregated from other data and delete Government Data upon completion of the contract unless otherwise directed.

Contractor Obligations for Compliance, Incident Reporting, and Documentation May Create Substantial Burdens

• “American AI Systems” Only: The Clause would require contractors to “only use American AI systems,”  defined as those “produced” in the United States, citing OMB memo M-25-22, which established that it is “the policy of the United States to buy American and to maximize the use of AI products and services that are developed and produced in the Unted States.”  The clause further specifies that the “use of foreign AI systems in the performance of this contract, including any AI components manufactured, developed, or controlled by non-U.S. entities, is prohibited.”  It is unclear what constitutes manufacture, development, or control by non-U.S. entities.  It is also unclear what test the Government would use to define “produced,” i.e., compilation of code under the Trade Agreements Act (TAA) “substantial transformation” test, or a more stringent test, and how such a definition would comport with obligations under the TAA to provide reciprocal treatment for products and services from trade-partner countries.
• Traceability and Government Oversight: The Clause would require contractors to permit a means for the Government to implement human oversight, intervention, and traceability.  Minimum requirements would include requiring: “(i) Summarized intermediate processing actions and decision points; (ii) Model routing decisions with accompanying rationale; and (iii) Data retrieval methods employed (e.g., Retrieval-Augmented Generation (RAG), web search), including complete source attribution including direct links and relevant excerpts from materials used in response generation.”
• Feedback Mechanism: The Clause would require the contractor to provide a feedback mechanism to allow the Government to provide feedback and requests for improvement, modifications, or enhancements, and to report operational concerns without requiring incident classification.  

• Affirmative Documentation and Disclosures Proving Compliance with Government Limitations on AI Development and Security: Contractors would have to make available, under appropriate confidentiality protections, commercial documentation of or disclosures that demonstrate compliance with:
  • The Clause,
  • NIST AI Risk Management Framework guidelines,
  • AI System decision-making processes,
  • Unbiased AI principles,
  • LLM Transparency requirements,
  • Testing methodologies,
  • Privacy controls,
  • Known biases, and
  • Any other information that the Government needs to monitor and evaluate the AI System’s performance, risks, and effectiveness.
• Aggressive Incident Reporting Requirements: The Clause imposes incident-reporting requirements that appear to borrow themes from the DFARS 252.204-7012 and FedRAMP cyber incident reporting regimes.  The Clause would require, upon discovery of any “confirmed or suspected incidents,” the contractor or Service Provider to:
  • Report within 72 Hours: Notify the Cybersecurity and Infrastructure Security Agency and contract points of contact within 72 hours of incident discovery;
  • Provide Daily Updates: Submit until the incident is resolved; and
  • Preserve Data for 90 Days: Preserve logs, forensic images, and incident artifacts for a minimum of 90 calendar days following the incident.

The Clause caveats that, where FedRAMP incident reporting procedures “conflict with contractual requirements” (presumably including the Clause itself), FedRAMP procedures would control.  Determining when FedRAMP incident reporting procedures apply and supersede the Clause’s incident reporting requirements control will be critical, as there are significant differences.  For example, FedRAMP requires cloud service providers to report suspected or confirmed incidents within 1-hour versus the Clause’s 72-hour reporting deadline.

Confidentiality, Data Portability, and Interoperability Requirements for Broad Usability and Limitations on Barriers to Alternative Vendors

• Control Mechanisms for the Government: Under the Clause, the contractor would be required to “provide tools to enable the Government to implement appropriate Government-configurable controls, including but not limited to automated detection mechanisms and clear user notifications to manage, prevent, and reject the entry or persistence of PII within the AI System.” 
• Standardized Formatting: The Clause would also require contractors to use standard data formats and application programming interfaces (APIs) for all output from the AI System, any custom developments, and AI Systems broadly as well as prohibit the use of formats or technology that “require additional licensing or create vendor dependencies.”
• Export and Ingestion Without Barriers to Alternative Vendors: Contractors would be required under the Clause to provide tools enabling the Government to export all “Government Data” and content in common formats that “allow accurate and complete ingestion and reconstruction of the data and relationships within a separate system and must not otherwise create vendor lock-in situations.”

Change Management Including Notice and Access Requirements

The Clause appears to require contractors to provide the Government with notice and access to AI Systems in the event of certain specified changes:

• Concurrent Old and New AI Model Access:  The contractor would be required to provide “comprehensive concurrent access” to successor AI models before replacing or discontinuing the model used under the current contract.  The comprehensive access period would be 30 days for “major versions” or 15 days for “minor versions.” 
• Disclosure of Certain Contractor Findings:  The contractor would be required to disclose, within seven (7) calendar days of identification, any change that “materially increases output bias or decreases safety guardrails or behavioral constraints impacting lawful usage or the performance or truthfulness of outputs” with a description of “the change, its purpose, the evaluation approach used and any new limitations, trade-offs, or potential negative impacts identified.”
• Notice of Privacy Protection Changes: The Clause would require the contractor to provide 30-days notice of any “planned material change[s]” to the privacy protections.
• Notice of New Service Providers: The contractor would also be required to provide 30-days notice to the Government before “adding a new Service Provider or materially changing an existing Service Provider” used to perform the contract, identifying the Service Provider and the services it will provide. 

Ambiguity in Performance, Evaluation, and Remediation Requirements for “Unbiased AI Principles”

In July 2025, President Trump signed an EO to preclude the federal government from procuring AI models that incorporate “ideological biases or social agendas.”  In December, OMB published guidance that impose transparency, documentation, and disclosure obligations on AI contractors and directed agencies to revise procurement policies consistent with the guidance.

The Clause meets that guidance by establishing requirements for contractors to take “commercial efforts to ensure the AI system” is developed and monitored in accordance with “Unbiased AI Principles.”  The AI System must:

• Be “truthful in responding to user prompts seeking factual information or analysis”;
• “[P]rioritize historical accuracy, scientific inquiry, and objectivity” and “acknowledge uncertainty where reliable information is incomplete or contradictory”;
• Be “a neutral, nonpartisan tool that does not manipulate responses in favor of ideological dogmas such as Diversity, Equity, Inclusion,” and the contractor may not “intentionally encode partisan or ideological judgments into the AI Systems Data Outputs”;
• “Implement continuous improvement processes to enhance detection and mitigation of performance, trustworthiness, bias, and/or systems generating illegal or prohibited content, including regular evaluation of system outputs (excluding Data Outputs) against verified factual sources”; and
• Implement, “when requested by the Government, to the maximum extent possible, OMB directives related to AI Systems that are issued during the contract performance period.”

The Clause would also provide the government a right “conduct automated assessments of the AI system, as deployed and configured for government users, at any time using its own benchmarks” including assessments of “bias, truthfulness, safety, unsolicited ideological content, and other factors determined by the Government.”  In the event that any noncompliance is identified, the Clause would permit GSA to “suspend use of the AI System until performance issues are satisfactorily addressed.”  In the event of a termination for “failure to comply with the Unbiased AI Principles”, the Clause would make the contractor responsible for “reasonable decommissioning costs.”  The terms “performance issues” and “decommissioning costs” are not defined.

Key Questions for Consideration

Contractors should consider submitting comments to GSA addressing significant compliance concerns, ambiguities, and related challenges with the draft clause as drafted in consideration of contractors’ current systems and impact analyses in advance of the deadline of March 20, 2026.

GSA has proposed inclusion of the Clause in the coming MAS Solicitation 47QSMD20R0001 – Refresh # 31, which GSA expects to issue in March/April 2026.  Per GSA, the mass modification applying the changes associated with Refresh 31 is to be accepted by contract holders no later than 60 days after issuance of the modification.

Below we suggest questions for contractors to consider in assessing the draft Clause and in determining whether to provide potential feedback or comments:

• Contractors selling the Government AI Systems (or incorporating them into products sold to the Government) should consider, among other questions, whether:
  • Contractors’ current AI Systems comply with the requirements in the Clause;
  • Contractors will need to modify their current terms of use to comply with the Clause;
  • Their training methodology or AI System outputs violate the “unbiased AI principles”;
  • The way existing AI models have been trained violates the performance requirements in the Clause and, if so, whether that is remediable or requires new AI/LLM construction;
  • The costs of compliance with the Clause will be prohibitive;
  • There exists a basis to request indemnification under Public Law 85-804 to cover unusually hazardous risks.
• Contractors should also consider additional questions and comments for GSA as relevant to the contractor, including among others, whether:
  • The Clause’s proposal on ownership and licensing restrictions comport with FAR requirements related to commercial technical data and commercial computer software;
  • The broad ownership rights granted to the Government and the extensive restrictions on contractors’ and Service Providers’ ability to use Government Data and Custom Developments, and on their ability to restrict the Data Outputs and analyses provided to the Government, will be manageable for contractors;
  • GSA could clarify the Clause’s ambiguous terms.