Crowell and Moring LLP

AI remains a critical focus of both the federal government and industry, with multiple efforts in recent weeks to address governance of the development and use of AI in the United States. On February 26, 2024, a U.S. Department of State-commissioned report, titled “Defense in Depth: An Action Plan to Increase the Safety and Security of Advanced AI” (Action Plan), proposed multiple U.S. Government and partner nation lines of effort to address growing national security risks posed by rapidly expanding AI capabilities, including the expectation of achieving artificial general intelligence (AGI). Just days later, on March 5, 2024, House Chairman Comer and Ranking Member Raskin introduced the Federal AI Governance and Transparency Act. This bipartisan bill would focus government resources on increasing transparency, oversight, and responsible use of federal AI systems and centrally codifying federal governance of agency AI systems. Additionally, on March 28, 2024 the Office of Management and Budget released the final guidance on Memorandum M-24-10, Advancing Governance, Innovation, and Risk Management for Agency Use of AI as we address here. The State Department-commissioned Action Plan broadly warns that the federal government must move “quickly and decisively” to avert substantial national security risks stemming from AI. The Action Plan outlines five lines of effort (LOEs) designed to put the government on a path to stabilize (LOE1), strengthen (LOE2, LOE3), and scale (LOE4, LOE5) advanced AI development safely and securely. LOE1, titled “Establish Interim Safeguards to Stabilize Advanced AI Development,” focuses on potential executive branch actions to lower AI risk in the near term (1-3 years), while setting the conditions for successful long-term AI safeguards. Examples in the Action Plan include creating an AI Observatory, mandating an interim set of responsible AI development and adoption (RADA), and creating an interagency AI Safety Task Force (ASTF) to coordinate implementation and oversight of RADA safeguards. LOE2, titled “Strengthen Capability and Capacity for Advanced AI,” outlines specific actions that the federal government could take to increase its preparedness for rapidly addressing incidents related to advanced AI development and deployment. For example, the Action Plan recommends coordinating the development of an indications and warnings (I&W) framework for advanced AI and AGI incidents. LOE3, titled “Increase National Investment in Technical AI Safety Research and Standards Development,” offers recommendations that the federal government could take to strengthen domestic technical capacity in advanced AI safety and security, AGI alignment, and other technical AI safeguards. These actions include directly funding advanced AI safety and security research and promulgating safety and security standards for responsible AI development and adoption. LOE4, titled “Formalize Safeguards for Responsible AI Development and Adoption by Establishing an AI Regulatory Agency and Legal Liability Framework,” focuses on specific actions the legislative branch could take to establish the conditions for long-term (4+ years) domestic AI safety and security such as creating the Frontier AI Systems Administration (FAISA), a regulatory agency that would have rulemaking and licensing powers to oversee AI development and deployment. Lastly, LOE5, titled “Enshrine AI Safeguards in International Law and Secure the AI Supply Chain,” suggests near-term diplomatic actions and longer-term measures the federal government could take to establish an effective AI safeguards regime in international law while securing the AI supply chain. Recommendations from the Action Plan include building a domestic and international consensus on catastrophic AI risks and safeguards and establishing an International AI Agency (IAIA) to monitor and verify adherence to those safeguards. The Action Plan also recommends establishing civil and criminal liability for “dangerous behaviors” by individuals and entities involved in the AI supply chain. For example, the report suggests that failing to accurately report high-performance AI hardware to the FAISA or responding to information requests from the FAISA with misleading data may constitute misdemeanors, and disregarding an emergency order to halt AI development activities or breaching the conditions of a license may constitute a felony. Similarly, the proposed Federal AI Governance and Transparency Act focuses on creating federal standards, consolidating other existing laws that impact AI, and establishing AI transparency and accountability. Specifically, the bill focuses on the following key objectives: defining federal standards for responsible AI use by codifying, in law, key safeguards for the development, acquisition, use, management and oversight of AI used by federal agencies; strengthening governmentwide federal AI use policy authority and requirements, by re-codifying and clarifying the role of the Office of Management and Budget in issuing governmentwide policy guidance, in concert with existing federal IT and data policy requirements; establishing agency AI governance charters, which would require the publication of governance charters for high-risk AI systems and other AI systems used by federal agencies that interact with sensitive personal records covered by the Privacy Act; creating additional public accountability mechanisms by establishing a notification process for any individual or entity that has been substantively and meaningfully affected by an agency determination influenced by AI; streamlining and consolidating existing law regarding the government’s use of AI and repealing repetitive provisions in the AI in Government Act of 2020 and the 2022 Advancing American AI Act; and updating existing Privacy Act Personally Identifiable Information (PII) record notice requirements and FAR procurement rules. The House Committee on Oversight and Accountability has considered this bill and voted on a markup. Both the Action Plan and the Federal AI Governance and Transparency Act appear to be in furtherance of Executive Order 14110, Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence. Government contractors engaged in AI development or use should be aware of the Action Plan and recent bill report because, taken together, both suggest broad changes to the federal government’s and industry’s current approach to AI. Additionally, the bill in particular aims to increase U.S. participation from stakeholders, such as government contractors, in critical AI-based activities. The post Recent Developments from the Federal Government Relating to AI appeared first on Government Contracts Legal Forum. View the full article

On March 28, 2024, the Office of Management and Budget (OMB) released Memorandum M-24-10, Advancing Governance, Innovation, and Risk Management for Agency Use of Artificial Intelligence (Memo), updating and implementing OMB’s November 2023 proposed memorandum of the same name. The Memo directs agencies “to advance AI governance and innovation while managing risks from the use of AI in the Federal Government.” In the Memo, OMB focuses on three major areas – strengthening AI governance, advancing responsible AI innovation, and managing risks from the use of AI. Scope The Memo addresses only a subset of AI risks that are directly tied to agencies’ use of AI products—those that threaten the safety and rights of the public due to reliance on AI outputs in agency decision-making or actions. The Memo does not address issues that are present in any automated or software systems regardless of whether AI is used (enterprise risk management, information resources management, privacy, accessibility, federal statistical activities, IT, or cybersecurity), and it does not supersede any more general policies on these matters that may also apply to AI. The Memo also does not apply to AI in National Security Systems. Strengthening Governance The Memo outlines the ways in which agencies will be responsible for managing their use of AI. All agencies will be required to designate a Chief AI Officer (CAIO) and convene senior officials to coordinate and govern issues raised by the use of AI. The CAIO will be responsible for coordinating agency use of AI, promoting AI innovation, managing risks from the use of AI, and carrying out agency responsibilities regarding AI. Agencies must also submit a compliance plan and AI use case inventory. Advancing Responsible AI Innovation The Memo encourages responsible advancement of AI innovation within federal agencies. Each agency will be responsible for identifying and removing barriers to the responsible use of AI, as well as maturing AI integration throughout the agency. This will include improving IT infrastructure to be able to handle AI training and inference; developing adequate infrastructure and capacity to share, curate, and govern agency data for use in AI modeling; updating cybersecurity; and integrating the “potential beneficial uses of generative AI in their missions.” Agencies are also instructed to prioritize the recruiting, hiring, developing, and retaining of talent in AI and AI-enabling roles. This should include designating an AI Talent lead and providing resources to employees for training and development of AI talent. The Memo notes the importance of AI sharing and collaboration in order to advance innovation. Agencies are required to proactively share their custom-developed code and models as open source software on public repositories, when possible, or portions of their code and models if parts cannot be shared. They will also be required to release all data used to develop and test their AI products. When procuring custom AI code, training data, and enrichment of existing data, agencies are also encouraged to obtain the rights necessary for sharing and public release of the procured products and services. Finally, agencies are instructed to harmonize AI management requirements across agencies to create efficiencies and opportunities for sharing resources. At a minimum, this will include shared templates and formats, sharing best practices, sharing technical resources, and highlighting examples of successful AI use within the agency. Managing Risks from the Use of AI The Memo’s third area of focus is to improve AI risk management in government agencies, focusing on so called “safety-impacting” and “rights-impacting” uses of AI. The Memo requires all agencies that utilize safety- and rights-impacting AI products to implement required risk management practices, and to terminate noncompliant uses of AI, by December 1, 2024. The Memo does include limited exclusions, and it includes extensions for agencies that cannot meet the December deadline. Required Practices for all Safety- and Rights-Impacting AI Under the risk management requirements of the Memo, before any federal agency can use a safety- or rights-impacting AI, it is required to complete an AI impact assessment. The AI impact assessment must: state the intended purpose of the AI and its expected benefit; identify the potential risk using the AI and any mitigation measures beyond the minimum practices outlined in the memo; and evaluate the quality of the data used in the AI design and development. The agencies must also test the AI for real-world performance to ensure that it will work for its intended purpose. In the event the AI’s expected benefits do not outweigh its risks, even after attempting to mitigate the risk, OMB is clear that the agencies should not use the AI. After an agency begins using a safety- or rights-impacting AI product, the agency must conduct ongoing monitoring (including human reviews), regularly evaluate risks, and mitigate any emerging risks. The Memo mandates that the agencies ensure that their staff is adequately trained to assess and oversee the AI, as well as provide additional human oversight and accountability when the AI is not permitted to act due to a rights- or safety-impacting issue that requires human mitigation. The agencies are required to provide timely public notice and plain-language documentation for any safety- or rights-impacting AI in use, preferably before the AI takes an action that impacts the individual. Additional Practices for Rights-Impacting AI The use of any rights-impacting AI will require additional safeguards. Before implementing any rights-impacting AI, agencies must first identify and assess the AI’s impact on equity and fairness and mitigate any algorithmic discrimination when it is present. Specifically, the Memo mandates that the agencies’ assessments: identify in the AI impact assessment when the AI is using data that contains information about federally protected classes (e.g., race, age, sex, etc.); analyze whether the AI in real-world context results in significant disparities in the program’s performance across demographic groups; mitigate the disparities that perpetuate discrimination; and cease use of the AI for agency decision-making if the agency cannot mitigate the risk of discrimination against protected classes. The Memo also requires that agencies consult and incorporate feedback on the use of the AI from all affected communities and the public. OMB is clear that if while assessing the feedback an agency determines that the use of the AI causes more harm than good, then the agency should stop using the AI. After the implementation of any rights-impacting AI, the Memo directs agencies to conduct ongoing monitoring and mitigation of discrimination. If mitigation is not possible, then agencies are required to safely discontinue the use of the AI functionality. Agencies must also notify individuals when the use of the AI results in an adverse decision against the individual. In such cases, the agency is required to provide timely human review and, if appropriate, provide a remedy to the use of AI if the impacted person would like to appeal or contest the AI’s negative impact. Agencies must also offer an opt-out option for the AI-enabled decisions for those individuals who would prefer human review and an appeal process for individuals negatively impacted by the use of AI. Managing Risks in Federal Procurement of AI The Memo includes additional guidance for the responsible procurement of AI. First, agencies are encouraged to ensure that the procured AI is compliant with all laws and regulations considering privacy, intellectual property, cybersecurity, and civil rights and liberties. Agencies are also expected to ensure transparent and adequate AI performance from any vendor. In support of this requirement, the Memo recommends agencies obtain adequate documentation to assess the AI’s capabilities and its known limitations; obtain information regarding the data used to train, fine-tune, and operate the AI; regularly evaluate federal contractors’ claims regarding the effectiveness of their AI offerings; consider contract provisions that incentivize continuous improvement of AI; and require post-award monitoring of AI. The Memo encourages agencies to ensure competition for Federal AI procurement practices. Agencies are encouraged to obtain adequate data rights, including any improvements to the data to allow the agency to continue design, development, testing, and operation of the AI system. The memo requires agencies to ensure that AI developers and their vendors are not relying on test data to train AI systems. When procuring Generative AI, the Memo encourages agencies to include risk management requirements. As generally required when procuring goods or services, the Memo encourages agencies to consider the AI system’s impact to the environment, including considering carbon emissions and resource consumption from supporting data centers. Definitions and Examples of Safety- and Rights-Impacting AI. The Memo defines safety-impacting AI as AI “whose output produces an action or serves as a principal basis for a decision that has the potential to significantly impact the safety” of (1) human life, (2) the climate or environment, (3) critical infrastructure, or (4) strategic assets or resources. Memo Appendix I further describes AI purposes that are presumed to be safety-impacting, including: Safety-critical functions of dams, electrical grids, traffic control, fire safety systems, nuclear reactors Physical movements of robots or robotic systems Autonomously or semi-autonomously moving vehicles Controlling industrial emissions and environmental impacts Carrying out the medically relevant functions of medical devices Controlling access to or security of government facilities The Memo defines rights-impacting AI as AI “whose output serves as a principal basis for a decision or action concerning a specific individual or entity that has a legal, material, binding, or similarly significant effect” on (1) civil rights, (2) equal opportunity, or (3) access to critical government resources or services. Appendix I further describes AI purposes that are presumed to be rights-impacting, including: Blocking, removing, hiding, or limiting protected speech Law enforcement contexts including risk assessment, identification, tracking, or monitoring of individuals Education contexts including plagiarism detection, admissions, or disciplinary decisions Replicating a person’s likeness or voice without express consent Screening tenants in the context of housing, valuations, mortgage underwriting, or insurance Determining the terms or conditions of employment, including screening, hiring, promotion, performance management, or termination Key Takeaways The OMB’s final Memo continues the trend toward increasing AI accountability and the implementation of risk-based frameworks for AI assessment and governance. The Memo is a significant step forward and an increase in the sophistication of the government’s approach to managing its use of AI systems. The Memo can be expected to influence new regulations around the development, procurement, and use of AI in general, at both the state and federal levels. The post OMB Releases Final Guidance Memo on the Government’s Use of AI appeared first on Government Contracts Legal Forum. View the full article

What’s the Point? To set the groundwork for future episodes, Nicole Owren-Wiest and Erin Rankin talk fundamentals: What is the purpose behind the often counter-intuitive and complex government contracts cost and pricing rules? What are the various price analysis techniques available to the world’s largest buyer of goods and services? “It All Adds Up” is Crowell & Moring’s podcast covering the latest government contract accounting, cost, and pricing developments. Listen: Crowell.com | PodBean | SoundCloud | Apple Podcasts The post It All Adds Up appeared first on Government Contracts Legal Forum. View the full article

End User License Agreements, Whistleblower Incentives, GHG Disclosures This week’s episode covers a Federal Circuit decision holding that an end user license agreement incorporated into another contractor’s agreement was sufficient to establish jurisdiction under the Contract Disputes Act, a new DOJ pilot program to incentivize whistleblowers to report corporate misconduct by offering monetary rewards, and a DOD Class Deviation prohibiting DoD from requiring certain defense contractors to disclose a greenhouse gas inventory or any other report on greenhouse gas emissions, and is hosted by Peter Eyre and Yuan Zhou. Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or executive should be without. Listen: Crowell.com | PodBean | SoundCloud | Apple Podcasts The post Fastest 5 Minutes appeared first on Government Contracts Legal Forum. View the full article

On March 11, 2024, the Cybersecurity and Infrastructure Security Agency (CISA) and the Office of Management and Budget (OMB) published an updated Secure Software Development Attestation Form, meaning that producers of software and providers of products containing software used by the federal government may be required to submit their attestations in the very near future. The Attestation Form, first published in April 2023, is a key cog in CISA’s implementation of software supply chain security requirements in accordance with Executive Order 14028, Improving the Nation’s Cybersecurity and OMB Memoranda M-22-18 and M-23-16. Attestation Form Applicability and Content The Attestation Form broadly requires software producers and suppliers of products containing software to affirm that their software development practices for in-scope software conform with the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-­218 and the NIST Software Supply Chain Security Guidance. Per OMB M-22-18 and M-23-16, Attestation Forms will be required from producers of third-party software used by federal agencies if the software: is developed after September 14, 2023; is modified by major version changes after September 14, 2022; or is software to which the developer delivers continuous changes to the software code (e.g., software-as-a-service (SaaS) offerings or other products using continuous delivery/continuous deployment). “Software” subject to attestation includes firmware, operating systems, applications, and application services (e.g., cloud-based software), as well as products containing software. Attestation Deadline M-23-16 explained that Attestation Form submissions would be due: for “critical software,”[1] no later than three months following OMB approval of the Attestation Form under the Paperwork Reduction Act (PRA), or for all other in-scope software, no later than six months following OMB PRA approval. OMB apparently provided PRA approval on March 8, 2024, suggesting that the respective submission deadlines will fall three and six months after that date. Separately, CISA published the Attestation Form on March 11 but has yet to confirm the submission deadlines. Crowell continues to monitor updates from OMB and CISA, and we will update this alert when the Attestation Form submission deadlines are confirmed. Attachments Download AttachmentThe Court’s Decision Granting SJ [1] As defined in OMB Memorandum M-21-30. The post Software Developments: CISA Finalizes Attestation Form, Triggering Secure Software Development Implementation appeared first on Government Contracts Legal Forum. View the full article

On March 5, 2024, a federal judge in Texas struck down a federally-sponsored racial preference extended to minority groups seeking to access capital and government contracts. Nuziard v. Minority Business Development Agency (“Nuziard”). Plaintiffs, who are non-minority business owners, challenged a preference provided by the Minority Business Development Agency (“MBDA”), a bureau of the Department of Commerce, to “socially or economically disadvantaged individual[s],” defined to include African Americans, Hasidic Jews, Hispanic Americans, Native Americans and Pacific Islanders. The court struck down the MBDA’s presumption that such racial minorities are socially disadvantaged, finding the preference violated the Equal Protection Clause. Nuziard, like the recent decision by a federal court in Tennessee in Ultima Services Corp. v. U.S. Department of Agriculture (“Ultima”), follows the Supreme Court’s decision in Students for Fair Admissions, Inc. v. Pres & Fellows of Harvard College, 600 U.S. 181 (2023) (“SFFA”) and, like Ultima, advances the mission of activist organizations across the country seeking to invalidate race-based presumptions in federally funded and sponsored entitlement programs. Nuziard Decision Summary The MBDA serves “socially or economically disadvantaged individual[s]” pursuant to 15 U.S.C. § 9501(9)(A). The statute includes a presumption that the term “socially or economically disadvantaged individual” includes individuals who are Black or African American, Hispanic or Latino, American Indian or Alaska Native, Asian, and Native Hawaiian or other Pacific Islanders (“Presumption Rule”). The Nuziard plaintiffs, who did not fall into any of the prescribed racial categories, challenged the presumption under the Equal Protection Clause and Administrative Procedure Act. In striking down the Presumption Rule, the court applied the “strict scrutiny” test commonly used to evaluate race-based classifications under the Equal Protection Clause which asks: (1) if the racial classification furthers compelling government interest; and (2) if so, whether the classification is narrowly tailored to achieve those interests. The government offered two compelling interests to justify the presumption favoring minorities under the MBDA program: (1) alleviating discrimination in access to credit; and (2) addressing discrimination in private contracting markets. Applying considerations provided by the Supreme Court’s decision in the SFFA case, the court considered whether specific acts of historic discrimination caused the proposed compelling interests and whether the government “actively participated” in or contributed to the discrimination. The court rejected the government’s “access to credit” interest, finding that although there was evidence to show historical discrimination against minorities in accessing credit, the record failed to trace such discrimination to specific disparities today. The court further determined that the record contained “no concrete evidence of government ‘induction, encouragement, or promotion’ of credit discrimination.” The court found that the second proposed interest was a compelling government interest, based on the significant disparity ratios for minority business enterprises (“MBEs”) in government procurement/prime contracting which necessarily suggested government participation in such discrimination. Despite finding that the government had a compelling interest in remedying past discrimination in government contracting, the court determined that the MBDA’s Presumption Rule was not narrowly tailored to further the compelling government interest. The court described the MBDA’s race-based presumption as both under and over-inclusive, because the presumption excludes many MBEs owned by individuals from countries who are also disadvantaged while including individuals from “more affluent” countries. Additionally, once again citing the SFFA decision, the court determined that the MBDA’s presumption was based on racial stereotypes and had no logical endpoint. Consequently, the court issued a permanent, nationwide injunction, enjoining the MBDA from utilizing the Presumption Rule or otherwise considering or using an applicant’s race or ethnicity in determining whether they can receive MBDA programming. What does Nuziard mean for government contractors and private businesses? As Judge Pittman stated in the Nuziard decision, “[t]his is a case about presumptions,” which suggests that any presumption-based race conscious law or policy may be vulnerable to a successful legal challenge. Under SFFA, Ultima, and now Nuziard, programs sponsored by the Small Business Administration, as well as the U.S. Department of Transportation’s Disadvantaged Business Enterprise program, are just two examples of federal programs that may be challenged and transformed. The legal challenges could expand further, implicating state and local programs that rely on inclusion of any race-based or gender-based presumptions. In each instance, eligibility applications, as well as agency reviews and approvals, will likely become more restrictive and burdensome. While neither Ultima nor Nuziard has a direct legal impact on private employers, the indirect effects are potentially profound. First, MBEs that are government contractors will no longer benefit from the presumption that certain racial groups are socially and economically disadvantaged, and, as a result, eligible for MBDA programs. Government contractors will likely see a revamp of the MBDA application process from race-based presumptions to requiring entities to submit narratives addressing a litany of “who,” “where,” “when,” and “what” questions to support their claim of social or economic disadvantage, much like what the Small Business Administration did in the wake of the Ultima decision. Crowell & Moring discussed these changes in detail in a previous alert. For their part, private employers should remain vigilant and well prepared to defend their DEI initiatives and employment decisions against claims that they unlawfully favor or advantage minorities. Judge Pittman’s admonition in Nuziard that nothing in the SSFA decision should be “constrained” to the college admission context portends ongoing scrutiny of and challenges to employer efforts to advance diversity in their workplaces and business relationships, including with subcontractors and vendors. The considerations Crowell & Moring previously identified here after the SFFA decision remain all the more relevant following the Nuziard decision. Plaintiffs will likely continue to assert challenges to race-conscious policies, so employers should continue to assess their DEI policies and initiatives and consider whether to adjust the language in these policies to provide flexibility in this changing landscape. The post Nuziard v. Minority Business Development Agency: Another Blow To Federally Sponsored Affirmative Action Efforts appeared first on Government Contracts Legal Forum. View the full article

Government Contracts and International Trade partner Addie Cliffe and Government Contracts counsel Liam O’Reilly discuss the Inflation Reduction Act’s Domestic Content Bonus Credits.Click to read more | Watch now on our YouTube channel The post Crowell Talks Tax: The Inflation Reduction Act’s Domestic Content Bonus Credits (VIDEO) appeared first on Government Contracts Legal Forum. View the full article

2023 brought many important False Claims Act developments for companies with business involving government funds. While overall recoveries remained down compared to pre-2022 levels, the total number of settlements and judgments exceeded any prior year. Those settlements and judgments also highlight areas of particular focus for the Government, including cybersecurity compliance, pandemic fraud, and small business fraud, among others. Of particular note, 2023 saw the U.S. Supreme Court issue decisions concerning the Government’s authority to dismiss qui tam actions and the critical element of scienter/knowledge that will have wide-reaching impact. The courts of appeals also issued significant decisions on damages, materiality, and more. Crowell attorneys discuss these highlights and others in a “Feature Comment” published in The Government Contractor. The post The Top FCA Developments of 2023 appeared first on Government Contracts Legal Forum. View the full article

In February 2024, GAO continued its streak of taking a hard look at procurements conducted under Federal Acquisition Regulation (FAR) subpart 8.4. Subpart 8.4 allows the government to use “simplified” ordering procedures to obtain commercial supplies and services. However, some agencies have apparently adopted the position that “anything goes” in these simplified procurements. Not so! Over the past year, GAO has issued a series of decisions emphasizing that, although this process is supposed to be simplified, it is not intended to be lawless. (Check out our discussion of the Washington Business Dynamics, LLC, decision in December’s Sustain of the Month post.) This welcome trend has continued into 2024, with GAO’s issuance of a sustain decision in LOGMET LLC, B-422200, Feb. 21, 2024. In LOGMET, the General Services Administration (GSA) sought to issue an order for organizational level aircraft maintenance services procured on behalf off the Marine Corps. GSA conducted the procurement under FAR subpart 8.4 procedures and issued the solicitation to vendors holding federal supply schedule (FSS) contracts with special item number 488190, aircraft components, maintenance, repair services, extended warranties, and maintenance agreements. The Solicitation required vendors to submit pricing schedules that included quoted labor categories from their underlying FSS contracts. Vendors were also required to demonstrate that the labor categories they proposed corresponded with the solicitation’s requirements with respect to skills, qualifications, and experience. To do so, vendors were required to prove a “crosswalk” between the labor categories in the solicitation and those on the vendor’s FSS contract. The three labor categories relevant here (maintenance admin specialist; tool room program coordinator; and advanced skills management fleet administrator) all required a minimum of five years of previous aviation maintenance experience, among other qualifications. AVMAC proposed the following labor categories to satisfy the Solicitation’s identified needs: Solicitation Labor Category / Years of ExperienceAVMAC’s Proposed Labor Category / Years of ExperienceMaintenance admin specialist / 5 years of aviation maintenance experienceAircraft logs and records technician / 2 years of experienceTool room program coordinator / 5 years of aviation maintenance experienceWarehouse manager / 4 years of experienceAdvanced skills management (ASM) fleet administrator / 5 years of aviation maintenance experienceData manager / 3 years of experience LOGMET protested that the labor categories required by the solicitation did not fall within the scope of AVMAC’s proposed FSS labor categories. GAO agreed, noting that “[w]here an agency intends to order from an existing FSS contract, all goods or services quoted must be on the vendor’s schedule contract as a precondition to receiving the order.” Here, each of the three labor categories noted above required fewer years of experience than the minimum of 5 years of aviation maintenance experience required by the solicitation. GAO recognized that FSS labor categories with a minimum years of experience requirement that is less than that required by the corresponding labor category in the solicitation can still be within the scope of the solicitation labor category. However, quoting its decision in Async-Nu Microsystems, Inc., GAO noted that where, as here, the “FSS solicitation requires vendors to perform using personnel that meet certain minimum qualification requirements (such as, for example, years of experience), and requires vendors to map their FSS labor categories to those minimum requirements, the record must include some sort of affirmative showing that the vendor intends to meet the RFQ’s minimum requirements.” More concerning than the numerical years of experience was the fact that AVMAC’s descriptions of the data manager and warehouse manager positions required only “general experience” and did not specifically mention experience with aviation maintenance. GAO found that the record contained no evidence that GSA had specifically considered these issues. Noting that there was no contemporaneous documentation of GSA’s analysis of the deficiencies in AVMAC’s crosswalk, GAO rejected GSA’s reliance on “conclusory language from the evaluation documents,” concluding that the evaluation of AVMAC’s proposal was not reasonable. The LOGMET decision provides another helpful reminder that procurements conducted under FAR subpart 8.4 are still subject to the requirement that agencies perform reasonable evaluations that are consistent with the solicitation and sufficiently documented. Moreover, companies proposing FSS labor categories should ensure that they demonstrate how their FSS labor categories meet the requirements for each labor category identified in the solicitation. We would like to thank Cherie J. Owen, Consultant, for her contribution to this blog post. The post February 2024 Bid Protest Sustain of the Month appeared first on Government Contracts Legal Forum. View the full article

On March 7, 2024, Deputy Attorney General (DAG) Lisa Monaco delivered remarks at the American Bar Association’s 39th National Institute on White Collar Crime announcing a new Department of Justice (DOJ) pilot program that incentivizes whistleblowers to report corporate misconduct by offering monetary rewards. Likening the program to “the days of ‘Wanted’ posters across the Old West,” DAG Monaco explained that individuals who help DOJ discover otherwise unknown, “significant” corporate or financial crime could receive a portion of the resulting forfeiture. This program will encourage whistleblowers to report a broad range of criminal activity by bridging the divide between DOJ’s priorities and other whistleblower mechanisms such as the False Claims Act’s qui tam provision (which is only available for fraud against the government), and programs at the Securities and Exchange Commission (SEC), Commodity Futures Trading Commission (CFTC), and other federal agencies (which only cover misconduct within their respective jurisdictions). By placing a bounty on corporate actors, this DOJ pilot program—which will be developed by the Department’s Money Laundering and Asset Recovery Section (MLARS)—underscores the need for companies to take stock of their compliance programs and enhance their internal reporting infrastructure. DOJ’s Focus on Financial Crime and Corruption Although the Attorney General was already authorized to pay awards for information or assistance that lead to civil or criminal forfeitures—and did so on occasion—the sharpening of this tool as part of a targeted program demonstrates DOJ’s continued effort to crack down on corporate misconduct. Notably, DAG Monaco made clear that foreign and domestic corruption and financial crimes are particular focus areas, and highlighted that DOJ is especially interested in receiving information about: Criminal abuses of the U.S. financial system; Financial corruption cases outside the jurisdiction of the SEC, including FCPA violations by non-issuers and violations of the recently enacted Foreign Extortion Prevention Act; and Domestic corruption cases, especially involving illegal corporate payments to government officials. Pilot Program Guardrails: Key Parameters and More Information to Come Under the pilot program, individuals who come forward with truthful information about “significant corporate or financial misconduct” may be offered cash payments, but only where there is no competing financial disclosure incentive (i.e., by other federal whistleblower program or qui tam), and only if the individual was not involved in the criminal activity itself. Further, the information must not have been previously known to the government and must be provided voluntarily—meaning, not in response to any government inquiry, preexisting reporting obligation, or imminent threat of disclosure. Whistleblowers are also second in line to victims, who must be properly compensated before any rewards are paid. DOJ also expects to provide rewards to whistleblowers only in cases involving penalties above a certain monetary threshold. Though that threshold is yet to be determined, in subsequent but complementary remarks Acting Assistant Attorney General (AAG) Nicole Argentieri signaled that DOJ welcomed input on the appropriate threshold amount, and noted—as a datapoint—that both the SEC and CFTC limit rewards to cases involving sanctions of at least $1 million. Key Takeaway: Investment in Compliance is a Priority In the wake of this announcement, companies should carefully examine their internal compliance and reporting structures to ensure that they encourage the reporting of wrongdoing through internal channels. At a minimum, this compliance health-check should consider the following: Gauging the degree to which organization-wide training, communication, and other educational efforts drive awareness of reporting mechanisms and anti-retaliation policy; Assessing (and updating, as appropriate) the company’s whistleblower investigation policies, protocols, and training on same to ensure completeness and consistency across business functions; Identifying concerns that are raised through all channels (i.e., exit interviews, cultural surveys, 360 reviews)—not only those raised via formal reporting pathways; Tracking report response and resolution times, as well as any remedial efforts; Monitoring additional key metrics related to whistleblower investigations—i.e., volume of reports, patterns of reports, whether reported issues are substantiated or unsubstantiated, whether reports are raised anonymously or not—and assessing those results at the business unit level; and Identifying whether complainants indicate a fear of retaliation, and if so, whether those fears are concentrated in a particular business unit. Further, this new incentive for whistleblowers heightens the pressure on companies to carefully weigh whether to make use of DOJ’s voluntary self-disclosure mechanisms. In DAG Monaco’s own words: “these incentives reinforce each other and create a multiplier effect, encouraging both companies and individuals to tell us what they know as soon as they know it.” The post DOJ Offers Cash “Carrot” to Whistleblowers; Foreshadows “Stick” of More Corporate Enforcement appeared first on Government Contracts Legal Forum. View the full article

A wave of recent changes in federal and state law pertaining to PFAS chemicals is likely to present both immediate and long-term challenges to the government contracting community. At the federal level, contractors that import products, parts, packaging, equipment or other articles with components that contain PFAS must confront new and extensive regulatory reporting requirements relating to such imports going back to 2011, and they must do so by May 2025. At the state level, a growing list of states are enacting total bans on the sale and distribution of such products and components. On top of this flurry of environmental regulatory activity, the Biden Administration continues to direct federal agencies to develop procurement strategies that prioritize the purchase of PFAS-free articles as part the Administration’s broader effort to leverage the federal procurement function in pursuit of climate and sustainability policy objectives. As these regulatory responses to PFAS chemicals continue to grow and proliferate, government contractors should be prepared to face increasing levels scrutiny aimed at their direct and indirect use of PFAS chemicals. For a primer on this emerging landscape, refer to Crowell & Moring’s recent webinar Critical Reporting Requirements for Products Containing PFAS: What Companies Need to Know (and Do) Now. What are PFAS chemicals and where are they used in government contracting? Per-and polyfluoroalkyl substances (commonly referred to as PFAS) are a broad class of man-made synthetic chemicals that are used widely in consumer, commercial, and industrial products for their range of performance qualities, including: Resistance to chemical reactivity or degradation, Resistance to extreme temperatures, Physical strength and resilience Water repellency, Flame retardancy, Anti-friction properties, Surfactant properties, and Superior electrical insulation. PFAS chemicals are widely used across the U.S., including the following sectors: Aerospace and Defense, Automotive, Construction, Electronics, Energy, and Consumer Products and Apparel. PFAS chemicals are commonly found in a wide range of products and components sold to the government, including some types of tubing, piping, seals, gaskets, cables, insulators, wiring, castings, sealants, laminates, printed circuit boards, coolants, solar panel components, consumer products and fabrics—just to name a few. A recent U.S. Department of Defense (“DoD”) report to Congress reflected such widespread presence of PFAS throughout, for example, the defense industrial base value chain. As DoD summarized: Critical PFAS uses were identified in almost every major weapon system category including but not limited to fixed wing aircraft (trainers, fighters, bombers, transports, refuelers, ground support, unmanned, and associated support equipment); rotary wing aircraft (attack, transports, heavy lifts, search-and-rescue, and associated support equipment); surface ships (combat, destroyers, aircraft carriers, cutters, landing crafts); submarines; missiles (air-to-air, ground-to-air, air-to-ground, ballistic); torpedo systems; radar systems; and battle tanks, assault vehicles, and infantry carriers.[1] What environmental regulation is emerging? Federal Environmental Regulation EPA recently issued final regulations under Section 8(a)(7) of the Toxic Substances Control Act (TSCA) (as mandated by Congress in the FY 2020 National Defense Authorization Act) that impose extensive reporting obligations on any company that, at any time since 2011, manufactured or imported any PFAS chemical, including PFAS chemicals imported as part of manufactured articles. Importantly, EPA’s new PFAS reporting regulations do not include many of the exemptions that are typically found in regulations issued under TSCA. For example, there is no exemption for substances manufactured or imported as impurities or byproducts and no broad exemption for materials manufactured or imported only for research and development (R&D) purposes. Moreover, there is no exemption for articles manufactured or imported pursuant to a government contract, and no exemption for articles that might implicate national security concerns. Finally, there is no minimum production (or import) threshold that triggers reporting and no “de minimis” level of PFAS content below which reporting is not required. As a consequence, government contractors will be subject to the reporting requirements of the rule if, at any time since January 1, 2011, the contractor imported a piece of equipment containing one or more PFAS compounds, regardless of the number of pieces of equipment imported (e.g. for one-off imports) and regardless of the level or concentration of PFAS in each piece of equipment. What Information Must be Reported? Companies subject to the new rule will be required to provide EPA with the information listed below, at a minimum, for each facility that imported an article containing components with one or more PFAS compounds: The identities of the PFAS substances in the article; The categories of use of the PFAS substances in the article; The specific functions of the PFAS substances in the article; The estimated maximum concentrations of the PFAS substances in the article; and The annual import volume of the article containing the PFAS substance(s). What is the reporting standard? Importantly, this information must be reported for each year, starting in 2011, that articles with PFAS-containing components were imported by the facility, to the extent that such information is “known to or reasonably ascertainable by” the submitter. The regulations define this to mean “all information in the person’s possession or control, plus all information that a reasonable person similarly situated might be expected to possess, control, or know.” EPA further explains in the preamble to the final rule that the “known to or reasonably ascertainable” standard requires submitters to conduct a reasonable inquiry within the full scope of their organization and may also require: inquiries outside the organization to fill gaps in the submitter’s knowledge. Such activities may include phone calls or email inquiries to upstream suppliers or downstream users or employees or other agents of the manufacturer, including persons involved in the research and development, import or production, or marketing What is the timeline for compliance? Under the new rule, companies will have one year to collect the information required to be reported, followed by a six-month period, ending in May 2025, during which reports must be submitted to EPA. Given the complexities of navigating multi-tiered global supply chains, contractors should act without delay to understand their obligations and initiate the investigations and develop the internal processes needed to assure compliance with this new rule. State Law Bans and Restrictions Two states – Maine and Minnesota – have recently enacted laws that will prohibit the sale and distribution in those states of any product or any product component that contains any PFAS chemical, regardless of whether the product is intended for industrial, commercial or consumer use. Under both states’ laws, the regulator may exempt specific products or product categories if the regulator determines that the use of PFAS in those products is “currently unavoidable.” Both states define a currently unavoidable use to mean a use that is “essential for health safety or the functioning of society” for which alternatives are not reasonably available. Also, it is important to be aware that several other states are poised to follow Maine and Minnesota in enacting laws to ban from commerce all products containing PFAS chemicals. Copycat bills have been introduced already this session in Illinois and Connecticut, and similar bills are pending or expected to be introduced in additional states, including New York, California, Colorado, and Kentucky, among others. Conclusion Government contractors should be prepared to face increasing levels of PFAS-driven scrutiny. For example, the identification of PFAS-containing articles in compliance with EPA’s PFAS reporting rule might also pose unique risks to government contractors where, simultaneously, the Biden Administration continues to develop new policies fostering “sustainable procurement” mechanisms, including the development of new markets for PFAS-free products and services. As we have explained previously, through Executive Order 14057, Catalyzing Clean Energy Industries and Jobs Through Federal Sustainability, the Administration outlined a host of federal sustainability and climate change-related procurement initiatives, with a primary focus on achieving “a carbon pollution-free electricity sector by 2035 and net-zero emissions economy-wide by no later than 2050.” Also included within the Administration’s notion of sustainable procurement, however, is prioritizing the procurement of PFAS-free products. According to the Implementing Instructions for E.O. 14057 issued by the White House Council on Environmental Quality (“CEQ”) in August 2022, the provisions of Section 208 within E.O. 14057 include the direction for agencies to “prioritize substitutes for products that contain perfluoroalkyl or polyfluoroalkyl substances (PFAS). . .” While direct procurement restrictions pursued to date have been discretely targeted (e.g., phaseout of PFAS-containing firefighting foams and a DoD ban on the purchase of consumer products such as non-stick cookware and utensils, as well as stain-resistant upholstered furniture, carpets, and rugs (as directed by section 333 of the FY 2021 NDAA)), additional restrictions, labelling and notice requirements, and information requests are expected to emerge, both in the form of new procurement policies as well as specific provisions included in individual contracting opportunities. Accordingly, government contractors should approach the immediate compliance obligations summarized above with one eye on future procurement restrictions and preferences. [1] Report on Critical Per- and Polyfluoroalkyl Substance Uses Pursuant to Section 347 of the James M. Inhofe National Defense Authorization Act for Fiscal Year 2023 (Public Law 117-263) at 5 (Aug. 2023). The post New Federal and State PFAS Requirements Pose Unique Challenges to the Government Contracting Community appeared first on Government Contracts Legal Forum. View the full article

The U.S. Court of Appeals for the Federal Circuit held in Avue Technologies Corp. v. Department of Health and Human Services that an appellant’s non-frivolous allegation of a contract with the government via an end-user license agreement (EULA) incorporated into another contractor’s Federal Supply Schedule (FSS) agreement was sufficient to establish jurisdiction under the Contract Disputes Act (CDA). The Federal Circuit addressed a situation in which the Food and Drug Administration (FDA) purchased a software license from an authorized reseller of Avue’s products through a task order issued under a General Services Administration (GSA) FSS contract. The task order and contract incorporated an undated and unsigned version of Avue’s EULA. After the task order expired, Avue alleged that the FDA was misappropriating data in violation of the EULA terms and conditions, Avue’s intellectual property rights, and the Trade Secrets Act. Avue submitted a claim to the FDA, but the contracting officer instructed Avue that it would need to have the reseller submit a pass-through claim on Avue’s behalf. Avue appealed to the Civilian Board of Contract Appeals on a deemed-denial basis. At the Board, the government initially moved to dismiss the appeal for lack of jurisdiction on the basis that Avue was not a “contractor” within the meaning of the CDA. The Board initially denied the motion but later sua sponte ordered the parties to file supplemental briefs addressing whether a software license is a procurement contract. As discussed in a previous alert, the Board then dismissed the appeal on the basis that the EULA was not a procurement contract within the meaning of the CDA. The Federal Circuit reversed the Board’s decision. Relying on its precedent in Engage Learning, Inc. v. Salazar, 660 F.3d 1346 (Fed. Cir. 2011), the Federal Circuit explained that, to establish jurisdiction under the CDA, a plaintiff needs only to allege the existence of an express or implied contract with the Government. The appellant’s obligation to prove the existence of an enforceable contract must be resolved as a decision on the merits. Because Avue alleged that it was a party to the FSS contract and the FDA task order by virtue of each incorporating the EULA, the Board had jurisdiction to hear the appeal. On remand, the Board still must consider whether Avue was a party to the FSS contract and FDA task order, or otherwise has enforceable rights through the agreements. For now, this case stands as a notable reminder of the complexities potentially associated with EULAs incorporated into third-party contracts. The post Just Trust Me on This: Allegation of Contract’s Existence Is Sufficient to Establish Jurisdiction Under Contract Disputes Act appeared first on Government Contracts Legal Forum. View the full article

Our Two Cents In this second inaugural episode of It All Adds Up, Nicole Owren-Wiest and Erin Rankin riff on why they care so much about government contracts cost and pricing – and why you should, too. “It All Adds Up” is Crowell & Moring’s podcast covering the latest government contract accounting, cost, and pricing developments. Listen: Crowell.com | PodBean | SoundCloud | Apple Podcasts The post It All Adds Up appeared first on Government Contracts Legal Forum. View the full article

Defense Innovation Unit, AI, Proposal Timeliness This week’s episode covers DoD’s Defense Innovation Unit report about actions to maintain U.S. technological superiority, DOJ’s plans to address the dangers posed by AI technology by seeking sentencing enhancements for crimes committed using AI technology, and a GAO decision involving a situation in which an offeror’s proposal was blocked by the agency’s cybersecurity system, and is hosted by Peter Eyre and Yuan Zhou. Crowell & Moring’s “Fastest 5 Minutes” is a biweekly podcast that provides a brief summary of significant government contracts legal and regulatory developments that no government contracts lawyer or executive should be without. Listen: Crowell.com | PodBean | SoundCloud | Apple Podcasts The post Fastest 5 Minutes appeared first on Government Contracts Legal Forum. View the full article

A recent decision in a non-intervened qui tam suit in the Northern District of Georgia provides an example of a defendant threading the needle to avoid dismissal of its counterclaims despite those counterclaims arguably implicating the conduct that the relator alleged violated the False Claims Act (FCA). It also stands as a rare instance where a company’s counterclaims against an FCA relator have survived early court scrutiny and, as such, provides FCA defendants with a potential strategy to combat opportunistic relators. Background In United States ex rel. Cooley v. ERMI, LLC, a relator alleged that medical device manufacturer ERMI violated the FCA through various schemes, including one involving the provision of durable medical equipment (DME) to Florida residents without a valid license from the Agency for Health Care Administration (AHCA). The relator was ERMI’s Chief Compliance Officer during the time period at issue, and she alleged that ERMI retaliated against her when she attempted to bring ERMI into compliance with applicable law. In its answer, ERMI filed counterclaims against the relator, which the court initially dismissed. ERMI subsequently filed amended counterclaims for breach of fiduciary duty and breach of contract. The counterclaims alleged that the relator breached her duties to ERMI by (1) improperly retaining documents; (2) misleading ERMI about the AHCA renewal process; and (3) misleading ERMI such that it believed she was providing legal advice to it on various issues. The relator again moved to dismiss, arguing primarily that allowing the company’s counterclaims to proceed would deter future relators from coming forward and therefore run counter to public policy. ERMI’s Counterclaims Survive Dismissal The court denied the motion to dismiss, concluding that public policy does not bar a counterclaim that is based on damages independent of the FCA claims (i.e., if the counterclaim is based on conduct distinct from that underlying the FCA case, or if the counterclaim can only prevail if the defendant is not liable under the FCA). Applying this rubric to ERMI’s claims, the court found that both counterclaims could proceed, although it did not accept all of ERMI’s arguments. Breach of Fiduciary Duty With respect to ERMI’s counterclaim for breach of fiduciary duty, the court concluded that the document-retention theory could not proceed, as the only alleged breach involving those documents was their use in the FCA action. It also ruled that, though public policy did not preclude proceeding on the legal-advice theory, pleading deficiencies warranted that claim’s dismissal due to ERMI’s failure to allege a breach of fiduciary duty specific to the relator’s conduct. Importantly, however, the court permitted the counterclaim based on the AHCA-renewal theory to proceed because ERMI had alleged that the relator’s misrepresentations led to costly unfair-trade-practices litigation by a competitor, which was independent of the FCA claims. Breach of Contract As to the breach of contract claim, ERMI alleged that the relator breached her confidentiality agreement by retaining confidential information, such as financial and operations reports, and attaching confidential information to her FCA complaint. In her motion to dismiss the breach claim, the relator argued that she was legally permitted to take the confidential information based on (1) public policy and, more specifically, that ERMI could not identify any confidential information that was not related to the FCA claims; and (2) the terms of the confidentiality agreement she signed as a corporate officer. The court was not persuaded by either argument. The court explained, as it had in its previous order dismissing the initial counterclaims, that ERMI was not required to identify the specific documents allegedly taken at the pleading stage, and it was therefore too early in the litigation to conclude that all of the confidential documents were related to the FCA litigation. The court similarly reasoned that it was too early in the litigation to determine whether the confidentiality agreement provisions provided a safe harbor, because it was not yet clear how closely related the documents were to the relator’s FCA claims. Significantly for defendants, the decision also expressly provided for reasonable discovery for the counterclaim allegations and retained the possibility for ERMI to recover litigation costs under the relevant Georgia statute. Key Takeaway: Some (Limited) Good News for FCA Defendants While ERMI’s counterclaims may not have survived fully intact, this decision is good news for similarly situated companies, who often feel powerless when a relator improperly takes confidential information under the auspices of using it for FCA allegations and allegedly ferreting out fraud. This case demonstrates some difficulties inherent in bringing a counterclaim against a relator, but the ultimate decision provides another tool in an FCA defendant’s toolbox, particularly against opportunistic relators. The post Counterclaims Against Compliance-Officer-Turned-Relator Survive Motion to Dismiss appeared first on Government Contracts Legal Forum. View the full article