[Federal Register: November 18, 2008 (Volume 73, Number 223)]
[Proposed Rules]               
[Page 68373-68375]
From the Federal Register Online via GPO Access [wais.access.gpo.gov]
[DOCID:fr18no08-55]                         

=======================================================================
-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

GENERAL SERVICES ADMINISTRATION

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION

48 CFR Parts 2, 4, 12, 39, and 52

[FAR Case 2008-019; Docket 2008-0001; Sequence 1]
RIN 9000-AL11

 
Federal Acquisition Regulation; FAR Case 2008-019, Authentic 
Information Technology Products

AGENCIES: Department of Defense (DoD), General Services Administration 
(GSA), and National Aeronautics and Space Administration (NASA).

ACTION: Advance notice of proposed rulemaking and public meeting.

-----------------------------------------------------------------------

SUMMARY: The Civilian Agency Acquisition Council and the Defense 
Acquisition Regulations Council (Councils) are seeking comments from 
both Government and industry on whether the Federal Acquisition 
Regulation (FAR) should be revised to include a requirement that 
contractors selling information technology (IT) products (including 
computer hardware and software) represent that such products are 
authentic. The Councils are also interested in comments regarding 
contractor liability if IT products sold to the Government, by 
contractors, are not authentic. Additionally, the Councils are seeking 
comments on whether contractors who are resellers or distributors of 
computer hardware and software should represent to the Government that 
they are authorized by the original equipment manufacturer (OEM) to 
sell the information technology products to the Government. Finally, 
the Councils invite comments on (1) whether the measures contemplated 
above should be extended to other items purchased by the Government; 
and (2) whether the rule should apply when information technology is a 
component of a system or assembled product.

[[Page 68374]]


DATES: Public Meeting: A public meeting will be held on December 11, 
2008, from 9:00 a.m. to 3 p.m. EST, in the National Aeronautics and 
Space Administration James E. Webb Memorial Auditorium, 300 E Street 
SW, Washington, DC 20546. The visitors' entrance is on the west end of 
the building at the corner of 4th and E Streets SW. Attendees are 
encouraged to arrive at least thirty minutes early to accommodate 
security procedures.
    If you wish to make a presentation on this topic, please contact 
and submit a copy of your presentation by December 1, 2008, to General 
Services Administration, Contract Policy Division (VPC), 1800 F Street, 
NW, Room 4040, Attn: Edward N. Chambers, Washington, DC 20405. 
Telephone: 202-501-3221.
    Submit electronic materials via e-mail to Chambers.Edward@gsa.gov. 
Please submit presentations only and cite Public Meeting 2008-019 in 
all correspondence related to this public meeting. The submitted 
presentations will be the only record of the public meeting. If you 
intend to have your presentation considered as a public comment in the 
formulation of the proposed rule, the presentation must be submitted 
separately as a written comment as instructed below.
    Special Accommodations: The public meeting is physically accessible 
to people with disabilities. Request for sign language interpretation 
or other auxiliary aids should be directed to Edward N. Chambers, at 
202-501-3221, at least 5 working days prior to the meeting date.
    Comments: Interested parties should submit written comments to the 
FAR Secretariat on or before January 20, 2009 to be considered in the 
formulation of a final rule.

ADDRESSES: Submit comments identified by FAR case 2008-019 by any of 
the following methods:
     Regulations.gov: http://frwebgate.access.gpo.gov/cgi-bin/leaving.cgi?from=leavingFR.html&log=linklog&to=http://www.regulations.gov. Submit 
comments via the Federal eRulemaking portal by inputting ``FAR Case 
2008-019'' under the heading ``Comment or Submission''. Select the link 
``Send a Comment or Submission'' that corresponds with FAR Case 2008-
019. Follow the instructions provided to complete the ``Public Comment 
and Submission Form''. Please include your name, company name (if any), 
and ``FAR Case 2008-019'' on your attached document.
     Fax: 202-501-4067.
     Mail: General Services Administration, Regulatory 
Secretariat (VPR), 1800 F Street, NW, Room 4041, ATTN: Laurieann 
Duarte, Washington, DC 20405.
    Instructions: Please submit comments only and cite FAR case 2008-
019 in all correspondence related to this case. All comments received 
will be posted without change to http://frwebgate.access.gpo.gov/cgi-bin/leaving.cgi?from=leavingFR.html&log=linklog&to=http://www.regulations.gov, including 
any personal and/or business confidential information provided.

FOR FURTHER INFORMATION CONTACT Mr. Edward N. Chambers, Procurement 
Analyst, at (202) 501-3221 for clarification of content. For 
information pertaining to status or publication schedules, contact the 
FAR Secretariat at (202) 501-4755. Please cite FAR case 2008-019.

SUPPLEMENTARY INFORMATION: The widespread availability of counterfeit 
Information Technology (IT) products presents a multidimensional threat 
to our nation. While it is estimated that our nation's industries and 
governments lose millions of dollars each year to counterfeiters, the 
trade in counterfeit IT products also presents serious threats to our 
national security and consumer safety.
    Today, IT products, such as computer network hardware, (the 
infrastructure of business, healthcare, education, and communication 
and information networks) and integrated circuits (IC), are used in a 
wide range of applications; including automobiles, aircraft, computers, 
telecommunications, medical devices, and consumer electronics. These IT 
products are also essential to our national infrastructure systems; 
such as air traffic control, financial and telecommunication networks, 
and government and military communications, information, and operating 
systems.
    Counterfeit network hardware and ICs pose a risk in that they 
frequently do not meet the quality standards of genuine equipment. 
Various information indicates that these products have a higher failure 
rate than genuine equipment, and often fail upon installation, or weeks 
or months after installation. Thus, these counterfeit IT products pose 
a threat to the national security and consumer safety because when they 
fail, the entire systems in which they are embedded may also fail.
    The Councils believe requiring contractors to represent that the IT 
products they sell to the Government are authentic, will aid in efforts 
to combat counterfeit IT products. In addition to commenting on the 
Government proposal, the public and industry are invited to offer 
suggestions on other ways to limit the risk to the Government from 
acquiring counterfeit IT products.
    To facilitate public comment, the Councils have attached 
provisional FAR text.
    While the focus of this notice is IT products, comments are invited 
on (1) whether the measures proposed herein should be expanded to 
include other items sold to the Government and (2) whether the rule 
should apply when information technology is a component of a system or 
assembled product. Further, the provisional text places the OEM in the 
role of ``gatekeeper'' as to who is an authorized distributor or 
reseller. Is there another party or process which would be more 
appropriate to this role? Also, through what means should authorized 
status be substantiated? By a letter from the OEM, or a reference on an 
OEM website?
    This is not a significant regulatory action and, therefore, was not 
subject to review under Section 6(b) of Executive Order 12866, 
Regulatory Planning and Review, dated September 30, 1993. This rule is 
not a major rule under 5 U.S.C. 804.

List of Subjects in 48 CFR Parts 2, 4, 12, 39, and 52

    Government procurement.

    Dated: November 12, 2008.
Al Matera,
Director, Office of Acquisition Policy.
    Therefore, DoD, GSA, and NASA propose amending 48 CFR parts 2, 4, 
12, 39, and 52 as set forth below:
    1. The authority citation for 48 CFR parts 2, 4, 12, 39, and 52 
continues to read as follows:

    Authority: 40 U.S.C. 121(c); 10 U.S.C. chapter 137; and 42 
U.S.C. 2473(c).

PART 2--DEFINITIONS OF WORDS AND TERMS

    2. Amend section 2.101 in paragraph (b) in the definition 
``Information technology'' by revising paragraph (2) to read as 
follows:


2.101  Definitions.

* * * * *
    (b) * * *
    Information technology * * *
    (2) The term ``information technology'' includes--
    (i) Computers;
    (ii) Ancillary equipment (including imaging peripherals, input, 
output, and storage devices necessary for security and surveillance);
    (iii) Peripheral equipment designed to be controlled by the central 
processing unit of a computer;
    (iv) Software, firmware and similar products;
    (v) Services (including support services); and

[[Page 68375]]

    (vi) Related resources.
* * * * *

PART 4--ADMINISTRATIVE MATTERS

    3. Amend section 4.1202 by adding paragraph (cc) to read as 
follows:


4.1202  Solicitation provisions and contract clauses.

* * * * *
    (cc) 52.239-XX, Authentic Information Technology Products--
Representation.

PART 12--ACQUISITION OF COMMERCIAL ITEMS

    4. Amend section 12.301 by adding paragraphs (d)(3) and (d)(4) to 
read as follows:


12.301  Solicitation provisions and contract clauses for the 
acquisition of commercial items.

* * * * *
    (d) * * *
    (3) Insert the provision at 52.239-XX, Authentic Information 
Technology Products--Representation, as prescribed at 39.107(b)(1).
    (4) Insert the clause at 52.239-YY, Authentic Information 
Technology Products, as prescribed at 39.107(b)(2).
* * * * *

PART 39--ACQUISITION OF INFORMATION TECHNOLOGY

    5. Amend section 39.002 by adding, in alphabetical order, the 
definition ``Counterfeit information technology product'' to read as 
follows:


39.002  Definitions.

* * * * *
    Counterfeit information technology product means any item of 
information technology (IT), including hardware and software, that is 
an unauthorized copy, replica, or substitute.
* * * * *
    6. Amend section 39.101 by adding paragraph (e) to read as follows:


39.101  Policy.

* * * * *
    (e) To protect the Government from procuring counterfeit IT 
products, agencies shall ensure that all acquisitions for IT products 
are procured from the original equipment manufacturer (OEM), software 
developer, or authorized distributor or reseller. Agencies shall ensure 
that all solicitations and contracts for the acquisition of IT products 
include a requirement for the offeror or contractor to represent that 
the IT products being sold under its contract to the Government are not 
counterfeit.


39.102  [Amended]

    7. Amend section 39.102 by removing from paragraph (b) 
``availability,'' and adding ``availability, counterfeit IT products, 
performance, security,'' in its place.
    8. Amend section 39.107 by designating the undesignated paragraph 
as paragraph (a); and adding paragraph (b) to read as follows:


39.107  Contract clause.

* * * * *
    (b)(1) The contracting officer shall insert the provision at 
52.239-XX, Authentic Information Technology Products--Representation, 
in all solicitations for the acquisition of IT products.
    (2) The contracting officer shall insert the clause at 52.239-YY, 
Authentic Information Technology Products, in all contracts for the 
acquisition of IT products.

PART 52--SOLICITATION PROVISIONS AND CONTRACT CLAUSES


52.239-1  [Amended]

    9. Amend section 52.239-1 by removing from the introductory 
paragraph ``39.107'' and adding ``39.107(a)'' in its place.
    10. Add sections 52.239-XX and 52.239-YY to read as follows:


52.239-XX  Authentic Information Technology Products--Representation.

    As prescribed in 39.107(b)(1), insert the following provision:
    AUTHENTIC INFORMATION TECHNOLOGY PRODUCTS--REPRESENTATION (DATE)
    (a) Definition. Counterfeit information technology product means 
any item of information technology (IT), including hardware and 
software, that is an unauthorized copy, replica, or substitute.
    (b) To be eligible for award of the proposed contract, an offeror 
must--
    (1) Be either the original equipment manufacturer (OEM); or
    (2) Have written authorization from the OEM or software developer 
to function as a distributor or reseller of the subject products.
    (c) By submission of this offer, the offeror represents that--
    (1) The IT products to be sold or leased to the Government under 
the proposed contract are authentic and not counterfeit; and
    (2) It is the original equipment manufacturer or software 
developer, or an authorized distributor or reseller for the IT 
products.
    (End of provision)


52.239-YY  Authentic Information Technology Products.

    As prescribed in 39.107(b)(2), insert the following clause:
    AUTHENTIC INFORMATION TECHNOLOGY PRODUCTS (DATE)
    (a) Definition. Counterfeit information technology product means 
any item of information technology (IT), including hardware and 
software, that is an unauthorized copy, replica, or substitute.
    (b) The Contractor shall sell to the Government only IT products 
that are authentic and not counterfeit. In the event that such IT 
products are determined to be counterfeit, there is no limitation to 
the Contractor's liability.
    (End of clause)
[FR Doc. E8-27275 Filed 11-17-08; 8:45 am]

BILLING CODE 6820-EP-S