In this episode, hosts Evan Wolff and Kate Growley talk about what government contractors need to know about NIST and its various publications. Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and break it down into byte-sized pieces.
Generally, government procurements for construction and architect-engineering do not follow the typical Federal Acquisition Regulations (FAR) rules applied to the purchase of other goods and services. Instead, these services are procured under the authority of the Brooks Act, according to special procedures designed to identify the most qualified firms; specifically, the Two-Phase Design-Build Selection Procedures set forth in FAR subpart 36.3, and Architect-Engineer Services Contract Procedures set forth in FAR subpart 36.6.
Under either of these procedures, the government conducts an initial evaluation of offerors’ qualifications, experience, and past performance—not of detailed technical approaches or price—in order to identify the most highly qualified offerors with which to negotiate. An agency’s judgment about which firms are most highly qualified is a matter of significant discretion. However, a recent decision of the Government Accountability Office (“GAO”) reminds us that the agency’s exercise of discretion must be reasonable and consistent with its synopsis, and that the evaluation of offerors’ Statements of Qualifications can be successfully protested.
In the protest of Evergreen JV, B-418475.4, Sept. 23, 2020, the protester submitted a Statement of Qualifications in response to a FAR subpart 36.6 synopsis issued by the Air Force for the award of multiple 10-year IDIQ contracts for military construction and other services, with a total program value of up to $2 billion. The synopsis provided that offerors’ Statements of Qualifications would be evaluated considering the extent and breadth of the firms’ relevant experience references, extent and breadth of the relevant experience of Key Personnel, and extent of proposed personnel’s professional licenses and certifications, education/training, and longevity with the firm.
The Air Force first notified Evergreen in January 2020, that it was not among the most highly qualified firms. However, following debriefing questions submitted by Evergreen, the agency elected to reevaluate all Statements of Qualifications. On March 20, the Air Force again concluded that Evergreen was not selected as most qualified. In response, Evergreen filed a GAO protest, and the Air Force took corrective action, by again reevaluating the Statements of Qualifications.
On June 1, the Air Force selected nine firms as most highly qualified, but again did not select Evergreen. Evergreen then filed another protest at GAO, alleging that the agency conducted an unreasonably mechanical evaluation by counting only the quantitative number of relevant experience references, Key Personnel licenses and certifications, etc., and failed to perform a comparative qualitative evaluation of the extent and breadth of each firm’s experience, as required. GAO agreed, concluding that the “simple counting of instances, however, does not consider the ‘greater extent and breadth’ of each offeror’s experience in each of the projects . . . [this] mechanical comparison, without a qualitative comparison of offerors, is inconsistent with the synopsis criteria, and not reasonably based.”
This decision is an important reminder for construction and architect/engineering firms bidding on FAR Part 36 contracts that an agency’s selection of the most highly qualified firms under a Brooks Act procurement must be reasonable and consistent with the synopsis, and can be successfully protested by a disappointed offeror at the time it learns that it has not been selected as among the most highly qualified firms.
Last week, the President signed the Internet of Things (IoT) Cybersecurity Improvement Act into law, kicking off a multi-year process that will culminate in the first-ever federal requirements for IoT devices. Under the law, the National Institute of Standards & Technology (NIST) is now charged with drafting and finalizing security requirements for IoT devices, as well as guidelines for managing disclosures about those devices’ security vulnerabilities. In two short years, the federal government will then be prohibited from procuring IoT devices unless (1) the devices meet the pending NIST requirements; or (2) the devices are granted a formal waiver by an agency Chief Information Officer. In addition to creating yet another cybersecurity regime for the government contracting community, the law will create a new benchmark for consumer-facing companies to consider when assessing and complying with the growing number of states imposing their own “reasonable security” requirements for IoT devices.
In this episode, hosts Jacinta Alves and Mana Lombardo continue to discuss DOJ FCA investigations and more common mistakes that targets make in defending these investigations with partner Michael Shaheen. “Let’s Talk FCA” is Crowell & Moring’s podcast covering the latest developments with the False Claims Act.
Fresh off the heels of the DFARS Interim Rule, the Department of Defense (DoD) released Assessment Guides for Levels 1 – 3 of the Cybersecurity Maturity Model Certification (CMMC). These Guides will be used by Certified Assessors to determine whether contractors have satisfied the practices and processes required to attain CMMC certifications at the level needed to be awarded future DoD contracts. These new assessment procedures, which DoD calls “authoritative,” are leveraged from NIST SP 800-171A, the NIST guidance used to assess compliance with NIST SP 800-171.
A notable inclusion in the Levels 2 – 3 Guide is the assessment criteria used to evaluate a contractor’s implementation of processes for each of the 17 CMMC Domains. Under the CMMC, the DoD has stated that contractors will not be certified at CMMC Levels 2 and above if the contractor has not satisfied both the technical practices and process maturity for the desired level.
These Guides will provide useful insights as contractors prepare for the DoD’s phased implementation of CMMC requirements into all DoD contracts over the next 5 years.
On December 3, 2020, the President issued Executive Order 13960, Promoting the Use of Trustworthy Artificial Intelligence in the Federal Government. The Executive Order signals yet again the Federal Government’s emphasis on the use of AI and the importance of ensuring that AI is used in a manner that does not violate Americans’ privacy, civil rights, and civil liberties, consistent with the previously issued Executive Order 13859 and Department of Defense policy announcements covered here, here, and here. The Order encourages agencies to continue to use AI and establishes principles for their use, at least for purposes other than national security and defense.
The principles established in the Executive Order are as follows:
- Agencies must use AI in a manner that respects the Nation’s values and is consistent with the Constitution and other laws and regulations.
- Agencies must assess and manage the risks of using AI and ensure that the benefits of using AI outweigh the risks.
- Agencies must ensure that the application of AI is accurate, reliable, and effective.
- Agencies must ensure that AI applications are safe, secure, and resilient.
- Agencies must ensure that the outputs from AI applications are understandable.
- Agencies must ensure that human responsibilities are clearly defined for AI applications, and that inputs for and outputs from AI applications are documented and traceable.
- Agencies must ensure that AI applications are regularly monitored, including testing each application against these established principles.
- Agencies must be transparent regarding their use of AI and provide relevant information to appropriate stakeholders like Congress and the public.
- Finally, agencies shall be accountable for ensuring proper safeguards for the use and function of AI applications.
These principles are likely to play a role in future procurements and applications of AI, including (1) how agencies procure AI applications, (2) what information agencies will require contractors to provide regarding their AI applications, and (3) how agencies test and audit government contracts for AI applications or government contracts whose performance relies on the use of AI applications.
We will continue to monitor and report on these developments.
Crowell & Moring’s “All Things Protest” podcast keeps you up to date on major trends in bid protest litigation, key developments in high-profile cases, and best practices in state and federal procurement. In this episode, hosts Olivia Lynch and Rob Sneckenberg are joined by colleague Michael Samuels to discuss recent developments in GAO’s Key Personnel case law.
The Trump administration continues to pursue enforcement of its Executive Order 13950 (the EO), while lawsuits filed by two civil rights groups’ work their way through federal courts. The EO bans federal contractors from utilizing training that “inculcates in its employees any form of race or sex stereotyping,” which is defined as “ascribing character traits, values, moral and ethical codes, privileges, status, or beliefs to a race or sex, or to an individual because of his or her race or sex.”
On November 20, 2020, both the National Aeronautics and Space Administration (NASA) and the Department of Defense (DoD) issued class deviations requiring that contracting officers incorporate the EO. Both class deviations require that contracts which will include the clause at Federal Acquisition Regulation (FAR) 52.222-26, Equal Opportunity, also include language implementing the EO. The deviations will apply to DoD solicitations issued on or after November 20, 2020, and NASA solicitations issued on or after November 21, 2020.
At the same time, two pending lawsuits recently filed – one by the NAACP on behalf of the National Urban League and the National Fair Housing Alliance in the United States District Court for the District of Columbia, and one by a group of LGBTQ civil rights organizations in the Northern District of California – present serious challenges to the EO.
No significant action has occurred regarding the NAACP’s suit since it was filed in federal court in Washington, D.C., on October 29. However, Plaintiffs in the litigation filed in the Northern District of California have moved for a preliminary injunction, claiming that the EO violates the First and Fifth Amendments and arguing that the EO has “silenced Plaintiffs’ advocacy” by cutting Plaintiffs off from federal funding through grants and contracts and by preventing them from providing diversity training to recipients of such grants and contracts. The motion for preliminary injunction will be heard by Judge Beth Labson Freeman on December 10, 2020. Briefing on Plaintiffs’ motion is well underway; Defendants’ Opposition was filed on November 25, 2020 and Plaintiffs’ Reply is due December 1. Eight Institutions of Higher Education, including Stanford, Tufts, Brandeis, Boston University, the University of Michigan, and three Ivy League universities, are expected to file amicus briefs in support of Plaintiffs’ motion for preliminary injunction. A proposed brief previews the universities’ argument that the EO is antithetical to First Amendment free speech principals and “risks chilling the activity that is the very lifeblood of American higher education.”
Opposition to the EO has been raised on Capitol Hill as well. On October 16, Rep. Joyce Beatty (D-OH) introduced H.R. 8595, which would nullify EO 13950. As of this writing, H.R. 8595 has 51 co-sponsors and has been introduced in three House committees: Oversight and Reform, Education and Labor, and Armed Services. If the House were to pass the bill, its chances of success in the Republican-controlled Senate are slim; slimmer still are the odds that President Trump would sign the bill into law.
Concern regarding the long-term effects of the EO may be moot as many observers expect that President-elect Biden will rescind the EO relatively early in his term. We will keep clients apprised of further developments on this topic of broad and great concern.
Crowell & Moring’s “Byte-Sized Q&A” podcast takes the complex world of government contracts cybersecurity and breaks it down into byte-sized pieces. In this inaugural episode, hosts Evan Wolff and Kate Growley discuss three new DoD contract clauses that come into effect on November 30, and implement new requirements for government contractors that handle sensitive government data.
In JKB Solutions and Servs., LLC, the Court of Federal Claims denied the contractor’s breach claim and held that the Government constructively terminated the contract for convenience. At issue was an Army contract to provide instructors for the Army’s Operation Contract Support program. The contract required JKB to perform 14 classes per task order, but the Army ordered fewer than 14 classes for all three task orders. In the motion to dismiss stage, the Court rejected the Army’s argument that the contract unambiguously required the Army to pay for only the services it ordered. The court instead found on the merits that the Army constructively terminated the contract for convenience and, therefore, did not breach it, even though the Army did not actually terminate the contract for convenience. In invoking the constructive termination for convenience doctrine on behalf of the Army, the Court found that (1) the Army did not act in bad faith by constructively terminating the contract because the Army never explicitly invoked the doctrine (the Court did) and (2) the Army could have invoked its right to terminate under the circumstances. The Court also ruled that since JKB did not submit a termination for convenience settlement proposal or ask for termination costs in its complaint, JKB was not entitled to recover any costs.
While this case appears to be an outlier in the longstanding termination for convenience jurisprudence, particularly those principles that preclude invocation of constructive termination for convenience in certain circumstances—e.g., after the performance period ends, or in order to circumvent an otherwise alleged breach—contractors should take caution in similar circumstances. When the Government breaches its ordering/payment obligations by reducing the scope of work, and depending on the extent of the reduction, contractors should promptly consider whether to request an equitable adjustment for a deductive change, or submit a termination for convenience settlement proposal to preserve the ability to recover termination settlement costs.