Government Contracts Legal Round-Up | 2021 Issue 13

Welcome to Jenner & Block’s Government Contracts Legal Round‑Up, a biweekly update on important government contracts developments. This update offers brief summaries of key developments for government contracts legal, compliance, contracting, and business executives. Please contact any of the professionals at the bottom of the update for further information on any of these topics.

Regulatory Developments

1. DFARS Case 2018-D063: Data Collection and Inventory for Services Contracts, Final Rule (Effective July 9, 2021)

  • This final rule requires all contractors that are awarded a contract or order in excess of $3 million for services in four service acquisition portfolio groups to report contract data in the System for Award Management (SAM). The four service acquisition portfolio groups include:
    • Logistics management services;
    • Equipment-related services;
    • Knowledge-based services; or
    • Electronics and communications services.
  • The contractor is required to report the total amount invoiced for services performed during the preceding fiscal year and the number of direct labor hours, including first-tier subcontractor hours, expended on services performed during the preceding fiscal year.
  • The proposed rule instead required contractors to enter data into a DoD-unique system, Enterprise Contractor Manpower Reporting Application (ECMRA), but in response to comments received, DoD has adopted the service contract reporting process in SAM used by other Federal Agencies and no longer requires use of ECMRA.

2. Department of State Acquisition Regulation (DOSAR), Access to Contractor Records, Proposed Rule (Issued July 2, 2021)

  • Agencies may evaluate the accuracy, completeness, and currency of certified cost or pricing data required to be submitted with respect to a contract or subcontract, and examine contractor or subcontractor records related to proposals, proposal discussions, and pricing or performance of the contract or subcontract.
  • The Department has determined, after a review of existing regulations, that further clarity is required as it relates to contracts other than contracts by negotiation, which are already covered by FAR section 15.209(b). 
  • Accordingly, the Department has proposed to add section 615.209-70 to the DOSAR, requiring contracting officers to insert a new clause, Examination of Records, in all solicitations and contracts, other than contracts by negotiation.
  • Comments on the proposed rule will be accepted until August 31, 2021.

3. GSAR Case 2021-G527: Immediate and Highest Level Owner for High-Security Leased Space, Interim Rule (Effective June 30, 2021)

  • GSA has amended the General Services Administration Acquisition Regulation (GSAR) to implement requirements that address the risks of foreign ownership of Government-leased real estate and requires the disclosure of ownership information for high-security space leased by a Federal agency.
  • This interim rule applies to new lease awards, the exercise of options for current leases, lease extensions, and ownership changes for high-security leased space on or after June 30, 2021.
  • Comments on the interim rule will be accepted until August 30, 2021.

Protest Cases

1. Qwest Government Services, Inc. d/b/a CenturyLink QGS, B-419045.4; B-419045.5; B-419045.6 (June 2, 2021) (Published July 1)

  • GAO denied a protest challenging the Department of Education’s conduct of discussions, finding that a second round of discussions was not required merely because new issues came to light upon final proposal submission.
  • Following corrective action from a prior protest, the agency opened discussions and advised CenturyLink of issues identified with its pricing, including that the price proposal failed to provide a summary of total proposed costs by CLINs, left several items unpriced, and did not include labor rates or volumes for proposed labor. The firm submitted a revised proposal, and upon review the agency concluded that CenturyLink’s proposed price did not reflect a proper understanding of the agency’s requirements and was unrealistic. 
  • CenturyLink alleged that the agency engaged in inaccurate and misleading discussions by advising the protester to revise only its price proposal, but failed to advise the protester of the agency’s concerns with CenturyLink’s proposed staffing in its technical proposal.
  • GAO disagreed, finding that only after reopening discussions and receiving the protester’s final proposal did the agency have sufficient information to identify discrepancies between the protester’s price and technical proposals—and finding concerns with the protester’s revised proposal did not obligate the agency to engage in additional rounds of discussions to address the newly discovered discrepancies. Because the agency reasonably led CenturyLink into the area of its proposal requiring amplification, the agency was not required to conduct additional discussions once it determined that the price proposal, as revised, remained unrealistic.

Agencies are not obligated to hold additional discussions to inform offerors of new issues that emerge based upon final proposal submissions. While companies are often reluctant to revise any areas of their proposal not identified as a weakness or deficiency, it nonetheless is good practice to ensure that final proposal submission as a whole reflects the agency’s needs.

Claims Cases

1. Appeal of Lockheed Martin Aeronautics Co., ASBCA No. 62505, 62506 (June 24, 2021)

  • Lockheed performed aircraft upgrade work in Singapore and South Korea under the Foreign Military Sales program. The work was performed through undefinitized contract actions (UCAs).
  • The parties failed to agree on a price and to definitize the contracts. The Air Force contracting officer then unilaterally established a price.
  • Lockheed appealed this unilateral price determination to the Armed Services Board of Contract Appeals, asserting that it constituted an appealable final decision.
  • The ASBCA disagreed, holding that UCA price determinations are not claims because they merely set pricing rather than demand amounts from the contractor. The ASBCA rejected the argument that a prior decision on this issue, Bell Helicopter Textron, had been superseded by subsequent case law expanding what constitutes a claim. A unilateral price determination must still be filed as a claim to the contracting officer for a final decision.

Undefinitized contract actions are frequently used by the government to attempt to obtain performance quickly. But the failure to agree on a price at the outset often leads to problems later on, including with the government seeking to lower profit based on the fact that actual costs have become known. Pay careful attention to UCAs to avoid long-term disagreements. 

2. Appeal of Lockheed Martin Aeronautics Co., ASBCA No. 62209 (June 22, 2021)

  • Lockheed submitted a claim for excessive “over & above” work on a contract to upgrade C-5 aircraft.  
  • The claim was submitted within the six-year statute of limitations provided by the Contract Disputes Act, but the government raised an affirmative defense of laches, arguing that Lockheed had unreasonably delayed bringing the claim and that the government was prejudiced as a result, including because of the voluminous records likely to be relevant to the claim.
  • The ASBCA granted Lockheed’s motion for partial summary judgment on laches, holding that the CDA’s six-year statute of limitations precludes the assertion of a laches argument. Citing Supreme Court precedent, the Board summarized, “Where ‘Congress explicitly puts a limit upon the time for enforcing a right which it created, there is an end of the matter. The Congressional statute of limitation is definitive.’”

It is essential to comply with the six-year statute of limitations in submitting a government contract claim, but this decision ensures contractors will not also have to fight a laches argument for claims properly submitted within that time.  

The Government Contracts Legal Round-Up | Episode 13

The Government Contracts Legal Round-Up | Episode 13


In this episode, host David B. Robbins welcomes Partner Jeri K. Somers, the former Chief Judge of the Civilian Board of Contract Appeals, who recently joined the firm and its Government Contracts Practice. They discuss Judge Somers’ perspective on what practitioners can do better before the boards of contract appeals.


Government Contracts Legal Round-Up | 2021 Issue 12

Welcome to Jenner & Block’s Government Contracts Legal Round‑Up, a biweekly update on important government contracts developments. This update offers brief summaries of key developments for government contracts legal, compliance, contracting, and business executives. Please contact any of the professionals at the bottom of the update for further information on any of these topics.

Regulatory Update

1. Department of State Acquisition Regulation; Safety Requirements, Final Rule, Effective June 28, 2021

  • The Department of State has adopted as final an interim rule amending the Department of State Acquisition Regulation (DOSAR) to provide new guidance prescribing more stringent safety requirements for certain overseas construction and services projects.

2. DoD Class Deviation 2021-O0006: Department of State Rescission of Determination Regarding Sudan, Effective June 24, 2021

  • This class deviation implements the Department of State Public Notice: 11281, Rescission of Determination Regarding Sudan, announcing removal of Sudan from the US list of state sponsors of terrorism, effective December 14, 2020. 
  • This class deviation is to be used in lieu of the provision at DFARS 252.225-7050, Disclosure of Ownership or Control by the Government of a Country that is a State Sponsor of Terrorism; and the clause at DFARS 252.225-7051, Prohibition on Acquisition of Certain Foreign Commercial Satellite Services.

3. DoD Class Deviation 2020-O0012, Revision 1, Undefinitized Contract Actions During the National Emergency for the Coronavirus Disease 2019

  • This class deviation revises and supersedes the class deviation issued on April 3, 2020 regarding the same subject. 
  • Contracting officers shall follow the policies and procedures in this class deviation in lieu of those at DFARS 217.7404(a) and (a)(1)(i), 217.7404-3(a), and 217.7404-4(a) for undefinitized contract actions (UCAs) related to the national emergency for COVID-19, as determined by the head of the contracting activity (HCA).
  • This class deviation eliminates the requirement to limit obligations, after receipt of a qualifying proposal, to 75 percent of the not-to-exceed price before definitization, for UCAs related to the national emergency for COVID-19.
  • The HCA may also waive certain limitations for a COVID-19-related UCA, including a conditional waiver of the 80 percent progress-payment limit (10 U.S.C. 2307(e)(2)) for a UCA, if the HCA determines that the waiver is necessary due to the national emergency for COVID-19. The HCA may issue the 80 percent progress-payment limit waiver if:
    • The contractor has not already received increased progress payments from DoD on contractual actions other than UCAs; or
    • The contractor has received increased progress payments from DoD on other than UCA contractual actions, and can demonstrate that it is flowing the amount of the increase to its subcontractors at any tier, its suppliers, or small business concerns (evidence of which the HCA must then provide to the congressional defense committees and DPC).
    • Special certification and a 60-day extended timeline for definitization (post waiver) would apply to UCAs subject to the waiver that have not been definitized for 180 days beginning on the date the UCA was entered into.

Protest Cases

1. Journey Aviation LLC, B-419368.2; B-419368.3, June 2, 2021 (published June 16)

  • GAO denied a protest alleging that the Federal Bureau of Investigation unreasonably assigned the protester’s proposal a deficiency, which resulted in the company being deemed technically unacceptable.
  • The statement of work (SOW) required the aircraft delivered under the contract to meet or exceed approximately 35 specifications and technical requirements, one of which was to include a bipolar ionization system to ensure better air quality in the cabin. The protester’s proposed aircraft did not contain such a system; moreover, the proposal did not specify that the aircraft would be modified to add one, but rather only included a general reference to meeting the solicitation requirements. The Agency concluded this was a material failure and assigned a red/fail rating.
  • Journey argued that the assigned deficiency was unreasonable because its proposal clearly stated that the proposed aircraft would meet all of the requirements specified in the SOW.
  • GAO concluded that Journey’s blanket statement of compliance was insufficient to demonstrate the protester’s ability to meet a specific material requirement, and it was therefore reasonable for the Agency to find the protester’s proposal technically unacceptable for failing to meet minimum performance standards.

This decision is an important reminder that clear proposal drafting is critical. GAO consistently finds that blanket statements of intent to meet minimum performance standards are insufficient, and agencies can reasonably conclude that such proposals are technically unacceptable.

Claims Cases

1. ECC International Constructors, LLC, ASBCA No. 59586 (May 21, 2021)

  • ECC International contracted with the US Army Corps of Engineers to design and construct a military compound in Afghanistan. ECCI submitted a “demand for $13,519,913.91 for 329 days of alleged government delay in three categories…..” ECCI broke the demand amount into cost elements, such as labor and equipment, but didn’t break it down by individual delay categories or events alleged to have caused the damages.
  • USACE moved to dismiss for lack of jurisdiction, arguing that ECCI failed to comply with the CDA requirement to assert a sum certain as part of a claim.
  • The Armed Services Board of Contract Appeals agreed with USACE, holding that the requirement to state a sum certain applies to each separate claim, which is not the same as the entire case between the contractor and government. The ASBCA stated that claims are separate if they request different remedies or assert materially different grounds, either factually or legally.

This case highlights the importance of a thorough and granular quantum presentation of claims against the government. Demonstrating the connection between specific government actions and resulting damages is important both in developing a sum certain and, ultimately, proving the case at trial.

2. Appeal of Corinthian-WBCM, ASBCA No. 62379 (May 20, 2021)

  • Corinthian contracted to widen a road at Marine Corps Base Quantico. During performance, it submitted several requests for equitable adjustment based on the Changes and Differing Site Conditions clauses.
  • During discovery, the Navy sought Corinthian’s underlying bid data. Corinthian refused to produce it, and the Navy moved to compel production.
  • The ASBCA held that the information Corinthian relied on in preparing its proposal was relevant to two of its claims and must be produced. For example, the Board held that Corinthian asserted a differing site condition claim alleging that an existing water line was discovered in a different location than identified in the Navy’s drawings and that Corinthian had relied on those drawings in preparing its bid.

In developing a contract claim quantum, it is important to identify the basis for the calculation and provide sufficient information regarding that basis during litigation.

Investigations and Enforcement

1. CH2M Hill Plateau Remediation Company Agrees to Pay More than $3 Million to Settle Hanford Subcontract Small Business Fraud Allegations, USAO-EDWA, Department of Justice

DoJ announced a $3 million settlement with CH2M Hill Plateau Remediation Company following allegations that the company submitted false small business subcontract reports. The key allegation is that the prime contractor knew that two HUBZone subcontractors did not have that status at the time of award.

5 Ways Government Contractors Can Harness the Power of the New

Haws_Matthew_COLOR Chaudhry_Umer_COLOR



By: Matthew L. Haws and Umer M. Chaudhry

On May 24, 2021, the General Services Administration (GSA) launched the new It looks different and has both new requirements and functionality. So what do government contractors need to know before they start using the new system? And how can they make the most of the new in building a successful government contracting business? We have spent years helping our clients navigate these government databases—and even helped build some of the legacy systems in a prior life. Based on that experience, here are our insights into how to make the most of the new

What is the “new”?
After years of maintaining numerous legacy databases and public facing portals—including those incorporated into “” over the last two years—the System for Award Management (SAM) is dramatically closer to achieving its objective of becoming a single point of entry for federal government procurement information. This is a laudable goal: by aggregating disparate federal acquisition databases, the system aims to improve the efficiency and transparency of the contract award process, and SAM’s “one-stop-shop” approach should allow government agencies, contractors, and the general public to better harness key information about federal procurement. The new includes: federal business opportunities (under Contract Opportunities); federal procurement data (under Contract Data and the Data Bank); entity registration; entity reporting (BioPreferred and Service Contract Act); Service Contract Act / Davis-Bacon Act wage determinations; the Catalog of Federal Domestic Assistance (related to grants), and federal bureaucracy hierarchy data that had been spread across many different Government websites and databases.

How well did the new do?
Early reviews are mixed. On the one hand, the new succeeds in placing eight legacy information systems in one place. That is a notable accomplishment for any collection of government legacy systems. But one casualty is clarity and simplicity of use. Unlike a commercial system created from scratch, the new carries over a disappointing amount of the chunkiness of the legacy government systems. Long-term users will also immediately notice a different look and feel: there is a new landing page, different organization, and users need to create an account with to access entity registration data and certain other features (such as the new “Workspace”).

How can government contractors make the most of the new
Despite these frustrations, government contract professionals— business leaders, lawyers, compliance professionals, and business development/capture teams—will be using the new features on an almost daily basis: to search for and track contracting opportunities, find teaming partners, research potential subcontractors, complete annual representations and certifications, maintain entity registration and execute other compliance related functions. The new offers these professionals several significant enhancements that will help build more successful and compliant government contracting businesses. Here are 5 insights that will help you make the most out of the new

1. Government contractors can access more historical data on government spending to better develop their long-term business strategies
Historical contracting data is vitally important for government contract professionals developing long term business strategies. These professionals rely on historical contract (or “spend”) data to understand past buying decisions of customer agencies. They also use this data to perform competitive analysis, which may include examining a competitor’s top contracts, customer agencies, past performance, set-aside contracts, contract end dates, and contract modification records. While this data is not new, SAM’s enhanced search and data access features should make it easier for a wider range of contractors, including small business and non-traditional government contractors, to perform in-depth analysis for their long-term business strategies

For example, government contractors can now take advantage of 36 standard (pre-prepared) reports, covering such topics as “Bundled and Consolidated Contracts” and reports showing contracts terminated for default. In addition, the Ad-Hoc report builder allows users to apply complex search logic and criteria to develop custom reports. While some features of FPDS-NG are still being moved to the new SAM module, the migrated features offer enhanced, more robust capabilities. For example, the Ad-Hoc report builder now allows users to tap into 10 years of data instead of five years previously. The result is that government contracting professionals can access more historical contracting data and do so more easily—a tremendous development in the competitive government contract marketplace.

2. Government contractors can more readily access contract opportunity data, allowing them to better perform key business intelligence functions
Equally important for government contract professionals is finding new contracting opportunities. Business owners, leaders, and business development/capture staff rely on federal opportunities data to identify, research and access key documents related to upcoming bid opportunities. The new integrates the legacy Federal Business Opportunities (FedBizOpps or public-facing government portal and retains the ability to search for opportunities. But with’s move first to “” and now to the new SAM portal, contracting professionals have access to a more robust record of linkage of bid opportunities through various stages—from pre-solicitation to award. Up to this point, opportunity records were haphazardly published by agencies, forcing contractors to track and string together various pieces of an opportunity through its different stages. The improved linkages will allow government contractors to more effectively track an opportunity throughout its lifecycle, saving them time and improving understanding of new opportunities.

3. Users can customize their experience and simplify repeat tasks by creating their own “Workspace” within
Traditionally, each visit to meant starting from ground zero. As a result, contractors would use third-party data aggregation services to build and manage opportunity pipelines. These third-party data providers often limit many functionalities and features to premium subscription holders. However, the new offers tools that allow users to conduct more of this research themselves. For example, the new allows users to customize their experience and save searches for the future, including through a “Workspace” feature. Using Workplaces, government contract professionals can track opportunities, save their search results, set email notifications to get alerts about updates, and manage their user profiles.

In addition, government contractors can develop their own applications to analyze procurement data. The new SAM Application Programming Interface (API) allows for in-house development of analytical tools. For example, by retrieving data from the API, companies can build applications and tools specific to their needs. The ability to export large datasets into their own environments/tools will allow more contractors to perform complex research more effectively and at lower cost than by using third-party distributors of federal procurement data. This significant enhancement will allow users—including small businesses that can’t afford third-party data aggregation services—to harness more power directly from the primary source of this federal data.

4. Government contractors can conduct more robust searches across all SAM datasets and more easily work with the resulting data
Lawyers, compliance teams, and supply chain professionals rely on government entity registration data to identify potential business partners and conduct due diligence to ensure they are working with ethical, responsible entities. The new makes it easier to conduct this important research by allowing users to perform unified searches across all SAM datasets. In addition to unified searches, SAM provides access to many more filters. Search results are also easily exportable to a comma-separated values (CSV) file or to a PDF for further review and diligence.

With the new integrated SAM search capability, excluded parties will also likely get more exposure, as users run across these entities while performing other SAM searches. This will make it even easier for supply chain, compliance, and legal teams to ensure they are meeting their contract obligations to avoid excluded companies / individuals in their business dealings.

Finally, with increased public access to procurement data, contractors may be more likely to face bid protests and other litigation based on data available on SAM. Competitors could glean insights from historic contract data to highlight potential performance issues. From example, termination records or significant numbers of contract modifications may be used by competitors or other litigants to support protest arguments or other claims.

5. Government contractors can manage users within their company
The Workspace feature also allows users to more efficiently manage their own reporting obligations. Users are now able to set up email notifications about required updates and manage user profiles within their organization. For example, if you are an entity administrator for a company with many SAM registrations (say, due to multiple locations/facilities), you can assign and manage role-based access for other users within your organization. This reduces internal administrative burden in keeping SAM registrations up-to-date.

Government contractors will be getting to know the new over the next year. While it may take a bit of time to master the organization and features within the new, government contractors will ultimately come to appreciate this important evolution of such a critical resource. These tips will help you make the most of the new portal—to convert quickly and begin to harness its new features to build a successful and compliant government contracting business.

Government Contracts Legal Round-Up | 2021 Issue 11

Welcome to Jenner & Block’s Government Contracts Legal Round‑Up, a biweekly update on important government contracts developments. This update offers brief summaries of key developments for government contracts legal, compliance, contracting, and business executives. Please contact any of the professionals at the bottom of the update for further information on any of these topics.

Regulatory Update

1. FAR Case 2019-007: Update of Historically Underutilized Business Zone Program, Proposed Rule (June 14, 2021)

  • This proposed FAR rule removes obsolete text and updates terminology and processes to correspond with SBA changes made back in November 2019 to reflect current policies on HUBZone program regulations found in 13 CFR 126.200 and in the Dynamic Small Business Search (DSBS).
  • HUBZone status protests procedures at FAR 19.306 are revised as follows:
    • To specify who may protest the prospective contractor’s HUBZone status for HUBZone sole-source awards;
    • To ensure that the Director of SBA’s HUBZone program will determine whether a protested concern has certified HUBZone status; 
    • To remove the concern’s HUBZone status in DSBS if SBA upholds the protest; and
    • To add references and procedures for filing protests against a HUBZone joint venture.

2. OMB Memorandum M-21-26: Increasing Opportunities for Domestic Sourcing and Reducing the Need for Waivers from Made in America Laws (June 14, 2021)

  • This memorandum provides initial guidance to covered agencies regarding how a new “Made in America Office” (MIAO), will provide greater oversight of waivers from “Made in America Laws,” to increase consistency and public transparency of such waivers.
  • President Biden mandated the creation of the MIAO in Executive Order 14005, Ensuring the Future is Made in All of America by All of America’s Workers, issued January 25, 2021. 
  • In a phased implementation approach, the MIAO aims to increase reliance on domestic supply chains and reduce the need for waivers through a strategic process aimed at: 
    • Achieving consistency across agencies; 
    • Gathering data to support decision-making to make US supply chains more resilient;
    • Bringing increased transparency to waivers in order to send clear demand signals to domestic producers; and
    • Concentrating efforts on changes that will have the greatest impact.

3. OMB Memorandum M-21-25: Integrating Planning for a Safe Increased Return of Federal Employees and Contractors to Physical Workplaces with Post-Reentry Personnel Policies and Work Environment (June 10, 2021)

  • This memorandum provides agencies with guidance (and a July 19, 2021 deadline) for planning for an effective, orderly, and safe increased return of Federal employees and contractors to the physical workplace.
  • Agency leaders have been instructed to use “values-informed” planning, and to leverage telework, remote work, and flexible work schedules as tools for recruitment and retention, and for advancing diversity, equity, inclusion, and accessibility in the Federal workforce.

Protest Cases

1. Yang Enterprises, Inc., B-418922.4, B-418922.6, May 20, 2021 (published June 4, 2021)

  • GAO sustained a protest challenging the Air Force’s evaluation of the joint venture (JV) awardee’s past performance for the award of a contract for mission and base operations services.
  • The solicitation expressly provided that the Air Force would evaluate the past performance of the offeror, major subcontractors, teaming partners, and joint venture partners by “focusing on performance that is relevant to the [t]echnical subfactors and [c]ost/[p]rice factor for those requirements that they are proposed to perform.”
  • GAO concluded that the Air Force unreasonably evaluated the awardee’s past performance because the agency failed to take into account the work each JV member was proposed to perform on the contract. For instance, the agency credited the awardee’s large business JV member with past performance in areas that it was not proposed to perform on the contract, in violation of the solicitation’s evaluation criteria.
  • In sustaining the protest, GAO rejected the Air Force’s argument that SBA regulations required the agency to consider the JV’s past performance in the aggregate, highlighting that the updated regulation cited by the Air Force was not effective until after the solicitation was issued and that it was not retroactive.

For solicitations issued after November 20, 2020, SBA regulations require a procuring activity to consider the work done by each partner to a joint venture, and that an agency cannot “require the protégé firm to individually meet the same evaluation or responsibility criteria as that required of other offerors generally.” 13 C.F.R. § 125.8(e). But for solicitations issued prior to that date, the previous version of the regulations permitted a contracting agency to limit the types of past performance that would be attributed to the joint venture, for instance by requiring the experience to involve the same functional areas that the joint venture partner is proposed to perform on a contract, which was the case here.

2. Qwest Government Services, Inc. d/b/a CenturyLink QGS, B-419597, B-419597.2, May 24, 2021 (published June 3, 2021)

  • GAO denied a protest alleging that the Department of Homeland Security waived a material requirement for the awardee.
  • CenturyLink argued that the agency unreasonably found the awardee’s proposal eligible for award even though the company did not propose to meet the solicitation requirement for full operational capability (FOC) within 18 months of task order issuance.
  • DHS’s interpretation of the solicitation was that FOC was met by hitting a certain user capacity, while CenturyLink claimed that FOC was only reached when an offeror will have met all of the RFP’s objective capabilities.
  • GAO concluded the record supported that at the time of proposal submission, CenturyLink interpreted the RFP’s requirement for FOC to mean providing the requisite user capacity—the interpretation offered by DHS. Because the solicitation interpretation advanced in CenturyLink’s protest was inconsistent with the interpretation that informed the protester’s proposal, GAO determined that this interpretation was unreasonable.

When challenging a solicitation provision as containing a latent ambiguity, it is critical that the company’s proposal supports the solicitation interpretation being advanced. If not, GAO will use this as evidence that the provision is unambiguous.

Claims Cases

1. Pernix Serka Joint Venture v. Sec’y of State, Fed. Cir., No. 2020-2153 (June 9, 2021)

  • The US Court of Appeals for the Federal Circuit denied Pernix Serka’s effort to revive its claim for more than $1 million in costs stemming from an Ebola outbreak that caused the company to stop work in Sierra Leone.
  • According to the Civilian Board of Contract Appeals’ decision, upon the Ebola outbreak, Pernix Serka became concerned about continued performance and sought agency guidance. The State Department refused to direct Pernix Serka to shut down (or otherwise protect employees). Ultimately, the company unilaterally stopped work, evacuated employees, and later filed a claim for safety and health costs arising from differing site conditions and disruption of work.
  • The Federal Circuit affirmed the Board’s grant of summary judgment to the State Department in April 2020, finding that Pernix Serka bore the risk under the fixed price contract for any costs arising from an unforeseen epidemic.

Contractors operating under a fixed price contract will find it difficult to seek pandemic-related costs that were not ordered or authorized by the government. The excusable delays clause, which grants time but not money for epidemic-related delays, among others, controls in the absence of agency direction that would change the scope of the underlying contract. Although the Federal Circuit expressed some empathy during oral argument for Pernix Serka’s position and the lack of State Department direction, the court found insufficient evidence for Pernix Serka’s constructive suspension of work argument.

2. Appeal of Ology Bioservices, Inc., ASBCA No. 62633 (May 20, 2021)

  • Ology held four cost reimbursement contracts with the government. As part of these contracts it included $2,730,686 attributable to executive compensation in its final indirect cost rate proposal submitted for 2013.
  • Because this amount exceeded the 2013 cap on allowable executive compensation costs, the government denied the unallowable costs and asserted a penalty equal to the amount of unallowable costs, asserting that these were expressly unallowable.
  • Before the Armed Services Board of Contract Appeals, the government changed its argument slightly—asserting that the costs were expressly unallowable because they exceeded the 2012 executive compensation cap, which it asserted was still applicable to Ology’s 2013 indirect cost rate proposal.
  • The ASBCA held that the government could not assess a penalty for expressly unallowable costs by applying the 2012 cap to Ology’s 2013 proposal. Congress intended for the government to adjust the cap on an annual basis and the government had unreasonably delayed doing so until after the deadline for contractors to submit their indirect cost rate proposals: “[W]e do not believe that Congress intended OFPP to have unlimited time to update the cap or for the government to apply an outdated cap for years on end.”
  • The Board concluded that Ology 2013 executive compensation costs “were not expressly unallowable at the time it certified its final indirect cost rate proposal because the FY 2012 cap was no longer applicable.”

The government often fails to meets its statutory deadlines for rulemaking, and this decision holds it accountable for that failure. While contractors must carefully analyze cost allowability rules and limitations, they should also assert their rights in areas of greyness.

Anti-corruption National Security Memorandum

Source: Memorandum on Establishing the Fight Against Corruption as a Core United States National Security Interest | The White House

Making anti-corruption a priority, President Biden has ordered more than a dozen federal agencies to collaborate and issue recommendations to elevate federal anti-corruption efforts within 200 days.

White House Doubles Down on Private Sector Outreach for Cybersecurity Push

By: David BitkowerDavid B. RobbinsShoba PillayAaron R. Cooper, and Tali R. Leinwand

The White House sent an open letter last week to “corporate executives and business leaders” urging their companies to take “immediate steps” toward better protecting themselves against ransomware attacks.[1] Although the White House cannot generally dictate the actions that private companies take, the Biden administration has emphasized that “[b]usiness leaders have a responsibility to strengthen their cyber defenses to protect the American public and . . . economy.”[2] To that end, the letter referenced the five “best practices” set forth in the recently issued Executive Order on Cybersecurity, including (1) multifactor authentication; (2) endpoint detection; (3) endpoint response; (4) encryption; and (5) a skilled and empowered security team. The letter also outlined five basic but impactful security practices that the White House recommended companies implement:

  • Back-up Data. Back-up data, system images, and configurations, regularly test them, and keep the backups offline. If network data is encrypted with ransomware, the organization may still be able to restore its systems. 
  • Update Systems. Promptly update and patch systems, including applications and firmware.
  • Test Plans. Test incident response plans to help identify gaps and understand how long business operations can be sustained without access to certain systems.
  • Conduct Independent Checks. Check the security team’s work and ability to defend against a sophisticated attack, thereby increasing the likelihood that back doors or other loopholes can be addressed. 
  • Segment networks. Separate corporate business functions from manufacturing and production operations, and limit internet access to operational networks.[3] 

The letter, which was authored by Anne Neuberger, Deputy National Security Advisor for Cyber and Emerging Technology, was sent in light of a reported uptick in attacks involving ransomware (software that seizes control of a computer until the victim pays a fee), most recently an attack that reportedly closed off beef and pork production from one of the country’s leading food suppliers.[4]  

The letter also reflects the Biden administration’s growing emphasis on the need to improve the government’s cybersecurity defenses, both within and across various agencies. Yesterday, in a press conference regarding the ransomware attack on Colonial Pipeline, Deputy Attorney General Lisa Monaco emphasized that companies should take preemptive action against ransomware attacks, urging them to “pay attention now” and “invest resources now” because “[f]ailure to do so could be the difference between being secure now – or a victim later.”[5] The press conference came just a few days after Deputy Attorney General Monaco issued an internal memorandum directing US prosecutors to report all ransomware investigations that they may be working on, stressing the need for better coordination within the Department.[6] Two weeks ago, the Department of Homeland Security’s Transportation Security Administration announced a security directive requiring pipelines to report confirmed and potential cyber incidents and review current cybersecurity practices.[7] And last month, the White House issued the Executive Order imposing a variety of requirements on federal agencies and government contractors that are aimed at improving the government’s cybersecurity defenses. 

As companies seek to evaluate cybersecurity and expand their protections, it is important to consider the following legal issues alongside business and technical concerns:

  • Importance of a Multi-Functional Team. Cybersecurity and information protection are broad efforts encompassing many different skills within a company. Legal counsel should be included in the team to advise about the application of relevant laws, regulations, and policies, and to prepare for potential litigation and enforcement actions. 
  • Importance of Legal Privilege. Companies should consider how to maximize the application of legal privilege to internal factfinding efforts that are designed to address potential legal exposure from cybersecurity and data protection rules.

Outside counsel can help bolster in-house teams and provide broad industry perspective on common issues in these reviews. Jenner & Block lawyers stand ready to assist.


[1] Letter from Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger to Corporate Executives and Business Leaders (June 3, 2021).

[2] Press Briefing by Press Secretary Jen Psaki (June 3, 2021),; see also Tucker Higgins, CEOs Need to Prepare Now for Exponential Increase in Ransomware Attacks, Top DOJ Official Says, CNBC (June 4, 2021),

[3] Letter from Deputy National Security Advisor for Cyber and Emerging Technology Anne Neuberger to Corporate Executives and Business Leaders (June 3, 2021).

[4] David E. Sanger and Nicole Perlroth, White House Warns Companies to Act Now on Ransomware Defenses, N.Y. Times (June 3, 2021),

[5] Office of Public Affairs, Department of Justice, DAG Monaco Delivers Remarks at Press Conference on Darkside Attack on Colonial Pipeline (June 7, 2021).

[6] Deputy Attorney General Lisa Monaco, Memorandum for all Federal Prosecutors on Guidance Regarding Investigations and Cases Related to Ransomware and Digital Extortion (June 3, 2021). 

[7] Press Release, DHS Announces New Cybersecurity Requirements for Critical Pipeline Owners and Operators, Department of Homeland Security (May 27, 2021).

Government Contracts Legal Round-Up | 2021 Issue 10

Welcome to Jenner & Block’s Government Contracts Legal Round‑Up, a biweekly update on important government contracts developments. This update offers brief summaries of key developments for government contracts legal, compliance, contracting, and business executives. Please contact any of the professionals at the bottom of the update for further information on any of these topics.

Regulatory Update

1. Class Deviation 2021-O0005: Revision to Requirement to Use Firm-Fixed-Price Contracts for Foreign Military Sales (May 26, 2021)

  • Effective May 26, contracting officers are not required to use firm-fixed-price contracts for foreign military sales as directed at Defense Federal Acquisition Regulation Supplement (DFARS) 225.7301-1(a). The waiver at DFARS 225.7301-1(b) is no longer required.

2. DFARS Case 2018-D055: Past Performance of Subcontractors and Joint Venture Partners, Proposed Rule (May 20, 2021)

  • This proposed rule adds one new solicitation provision and two new contract clauses, DFAR 252.242-70YY, past Performance of Joint Venture Partners – Construction and Architect Engineer Services; and 252.242-70ZZ, Past Performance of Subcontractors – Construction and Architect-Engineer Services to implement section 823 of the FY 2019 National Defense Authorization Act (NDAA). 
  • Section 823 requires performance evaluations in accordance with specified conditions for individual partners of joint ventures awarded construction or architect-engineer (A&E) services contracts exceeding the threshold set forth in FAR 42.1502(e)(currently $750,000), and for first-tier subcontractors performing a portion of a construction or A&E services contract with an estimated value as set forth in FAR 42.1502(e) or 20 percent of the value of the prime contract, whichever is higher.
  • An exception may be granted when submission of annual past performance evaluations would not provide the best representation of the contractor’s performance, including subcontractors and joint venture partners.

3. DFARS Case 2018-D009: Postaward Debriefings, Proposed Rule (May 20, 2021)

  • DoD is proposing to amend the DFARS to implement a section of the FY 2018 NDAA that provides enhanced postaward debriefing rights under negotiated contracts, task orders, and delivery orders that exceed $10 million.
  • The new procedures will provide offerors the opportunity, upon receiving a postaward debrief, to submit follow-up questions related to the debriefing and to receive agency responses, and sets out new timeframes for the suspension of performance or termination of a contract, task order, or delivery order awarded, upon notification from the GAO of a protest filed.
  • For a more detailed description of the proposed rule, see our client alert.

Protest Cases

1. DigiFlight, Inc., B-419590, B-419590.2 (May 24, 2021)

  • GAO sustained a protest where the Department of the Army disparately evaluated quotations for programmatic support of the agency’s Program Executive Office Aviation Headquarters.
  • The Army assigned the awardee’s quotation a strength based on the company’s approach to employee retention, but a similar strength was not assigned to the protester’s quotation.
  • GAO found no merit to the Army’s position that the two offerors proposed materially different approaches to employee retention. Indeed, GAO’s review of the record confirmed the two approaches were substantially the same.
  • For example, GAO rejected the Army’s argument that the approaches were different because the protester did not use the phrase “tuition reimbursement”—which was used by the awardee—but instead referred to reimbursement for “academic degrees.” The record also was devoid of any explanation of why the evaluators considered noteworthy the awardee’s retention rate of 95 percent, but did not similarly consider significant the protester’s higher retention rate of 96 percent.

It is a fundamental principle of federal procurement law that a contracting agency must treat all vendors equally and evaluate their quotations evenhandedly against the solicitation’s requirements and evaluation criteria. GAO will sustain a protest where a protester shows that the agency unreasonably failed to assess strengths for aspects of its quotation that were substantively indistinguishable from, or nearly identical to, those contained in other quotations.

2. PAE National Security Solutions, LLC, B-419207.2, B-419207.3, B-419207.4 (May 19, 2021)

  • GAO sustained a protest where the Federal Bureau of Investigation improperly applied unstated evaluation considerations in evaluating quotations for administrative and analysis support services for the agency’s National Name Check Program.
  • First, GAO found that the agency improperly gave evaluation credit to the awardee for having previously performed a contract implementing a “continuous vetting” (CV) program, as opposed to the discrete work item investigations contemplated under the RFQ. The relevant evaluation subfactor made no mention of experience performing CV-related services, nor was this term mentioned anywhere in the RFQ. As such, GAO found it unreasonable to use CV-related attributes of the awardee’s quotation as a discriminator in the competition.
  • Next, GAO found it unreasonable that the agency gave the awardee evaluation credit for having key personnel who previously transitioned FBI contracts where the key personnel subfactor made no explicit mention of such experience. GAO concluded that applying strengths on this basis was the application of an unstated evaluation criterion.

Agencies are required to evaluate proposals based solely on the factors identified in the solicitation unless there is a clear nexus between the stated criteria and unstated considerations. If a debriefing identifies that the awardee’s strengths, or your weaknesses, were based upon considerations not expressly identified in the solicitation without such a clear nexus, this is a fruitful area for protest.

Claims Cases

1. Appeal of Sauer Incorporated, ASBCA No. 62395 (Apr. 16, 2021)

  • Sauer received a contract to design and build the headquarters for the 82nd Airborne at Fort Bragg. The contract broke the project into three phases. Sauer completed phases 1 and 2 on time, but was a month late delivering phase 3. The government assessed $144,000 in liquidated damages. Sauer appealed the liquidated damages, arguing the project was substantially complete.
  • The Armed Services Board of Contract Appeals (ASBCA) focused on the fact that the single liquidated damage amount had not been adjusted when the RFP was revised to break the project into phases. Because the LDs were not assigned to specific phases, it distinguished prior cases holding that each phase must be complete for a project to be substantially complete.
  • The Board held that phases 1 and 2 were substantially complete and that the LDs must be apportioned for phase 3. The proper measure for such an apportionment was actual loss by the government.

Liquidated damage assessments often fail to account for the complexities of contract performance. It is important to carefully consider your factual and legal defenses in the face of delay and liquidated damages.

2. Appeal of Force 3, LLC, CBCA No. 6654 (Apr. 14, 2021)

  • Force 3 received a contract to provide support for FireEye cybersecurity appliances that were purchased by HHS. In order to provide the support services, Force 3 purchased and delivered to HHS a three-year support contract with FireEye. The Force3/HHS contract stated that, after non-renewal, HHS would certify that it had deleted or disabled the software and was no longer using it.
  • After the base year of performance, HHS declined to exercise the option years. HHS failed to provide the certification of deletion and non-use. And because the license delivered by Force3 had a three year term, HHS continued to download updates and contact FireEye for support.
  • The Civilian Board of Contract Appeals concluded that, even though HHS did not exercise the option, its continued use of the software (with the contracting officer’s knowledge) ratified its commitment to use Force3’s support services and made it liable for the license costs.

The government often fails to properly track and manage software use in accordance with its license agreement. While costs incurred in expectation of option exercise are typically not recoverable, this case demonstrates an exception where the government knowingly fails to uninstall and continues to use software contrary to the license terms.

New COVID-19 Fraud Task Force Launched by DoJ

Attorney General Garland announced the formation of a COVID-19 Fraud Enforcement Task Force led by the Deputy Attorney General, and drawing upon resources from across the government. The organizations participating in the Task Force include DoJ, the FBI, Department of Labor, Treasury, DHS, SBA, and the oversight organizations created by the CARES Act (SIGPR and PRAC).

Source press release: Attorney General Announces Task Force to Combat COVID-19 Fraud | OPA | Department of Justice

Biden Administration Expands Cybersecurity Requirements for Government Contractors that Are Likely to Have a Broad Impact on the Private Sector

Bitkower_David_COLOR Robbins_David B_COLOR Pillay_Shoba_COLOR Cooper_Aaron_COLOR Leinwand_Tali_COLOR



By: David Bitkower, David B. Robbins, Shoba Pillay, Aaron R. Cooper, and Tali R. Leinwand

An Executive Order released by the Biden administration last month (the Cybersecurity EO) seeks to bolster the federal government’s cybersecurity defenses and resilience by imposing a variety of requirements on federal agencies and government contractors that are likely to have spillover effects in the private sector.[1] While many federal agencies and contractors already abide by existing agency-specific cybersecurity measures, the Cybersecurity EO establishes additional criteria to ensure that all information systems used or operated by federal agencies “meet or exceed” the cybersecurity requirements set forth in the Cybersecurity EO.[2] In particular, the Cybersecurity EO will directly affect companies that provide information technology (IT) and operational technology (OT) services, cloud computing software, and other technology to the federal government. In turn, the private sector, even when not servicing the federal government, is expected to see a renewed emphasis on security requirements and assessment standards.  

President Biden signed the highly anticipated Cybersecurity EO just a few months after the discovery of major cybersecurity incidents that targeted the United States, including Solar Winds (the reported Russian cyber espionage operation that affected nine federal agencies and about 100 American companies), a reported Chinese cyber hacking campaign that compromised tens of thousands of small and midsize firms that used Exchange email servers, and, most recently, the largest known cyberattack on the US energy sector, which led to the shutdown of the Colonial Pipeline.[3] Referencing these events, the Cybersecurity EO and corresponding White House fact sheet (1) make clear that the directives are aimed at improving the government’s “insufficient cybersecurity defenses,” (2) cast remediation of these incidents as a “top priority and essential to national and economic security,” and (3) order several dozen actions be taken beginning as soon as this summer.[4]

We highlight here the key initiatives and imminent deadlines that the EO sets out:

  • Remove barriers to threat information-sharing between the government and private sector.[5] Contractual barriers that prevent IT and OT service providers from sharing threat information will be removed, and such providers will be required to share certain breach information with the government.[6] This structure is intended to facilitate a more robust information-sharing regime. Traditionally, only defense contractors have been subject to federal requirements regarding breach reporting,[7] and while the Federal Acquisition Regulation (FAR) imposes basic safeguarding requirements, it stops short of requiring breach notification.[8] The Cybersecurity EO now extends the reporting requirement to all providers of IT and OT services to the federal government. Contractors will also be required to collect and share information related to cyber threats, incidents, and risks with the Cybersecurity and Information Security Agency (CISA), the Federal Bureau of Investigation, and other agencies.[9] While changes to government contracts will take time to implement, deadlines have been imposed on federal agencies to hasten these initiatives, beginning as soon as this month:
    • June 2021: The Secretary of Homeland Security, in consultation with other agency heads, is directed to recommend to the FAR Council the nature and type of information pertaining to cyber incidents that require reporting.[10]
    • July 2021: The Director of the Office of Management and Budget (OMB), in consultation with other agency heads, is directed to review and recommend updates to contractual requirements and language for IT and OT service providers to report cyber incidents.[11]
    • September 2021: The Secretary of Homeland Security and the Director of OMB are directed to take “appropriate steps” to ensure service providers are sharing data with certain agencies.[12] This requirement is broad; it implicates information that “may be necessary for the Federal government to respond to cyber threats, incidents, and risks,” and that information must be shared “to the greatest extent possible.”[13] It remains to be seen whether these open-ended directives are ultimately cabined by their implementing regulations.
  • Modernize and implement stronger cybersecurity standards in federal government.[14]Over the next several months, the government must develop “security best practices,” such as the use of zero-trust architecture, cloud service solutions, and multi-factor authentication and encryption.[15] The government must also modernize the FedRAMP program—the federal government’s main security authorization program for cloud security—to include training for agencies and improved communication with cloud service providers.[16]
  • Improve software supply chain security.[17]Over the next year, the Department of Commerce’s National Institute of Standards and Technology (NIST) is directed to develop guidance to “enhance[e] software supply chain security criteria,” with an emphasis on “critical software,” that will include standards, procedures, or criteria regarding data encryption, multi-factor authentication, and other measures.[18] Eventually, and critically, only software that abides by these new rules will be eligible for federal procurement; non-compliant software will be removed from federal contracts and purchase agreements, and legacy software will need to be redesigned as necessary to comply with these new requirements.[19] Further, the Secretary of Commerce, acting through the Director of NIST, is also directed to develop criteria for product labels to explain for consumers the cybersecurity capacities of commercial (including Internet-of-Things) devices and software, including the “levels of testing and assessment” that a product may have undergone.[20] From the perspective of companies concerned about potential Federal Trade Commission enforcement, the labelling regime will be especially important to bear in mind so as to ensure that device or software development processes meet or exceed the stated criteria, and accurately reflect existing practice.
  • Establish a cyber safety review board.[21]An incident review board will convene when there are “significant” cybersecurity incidents.[22] The board reflects a public-private partnership centered on digital defense and identifying lessons learned. It will be co-led by the Secretary of Homeland Security and others, including representatives from private sector entities, who will be selected based on the particular incident being investigated.[23]
  • Create a standard playbook for responding to cyber incidents.[24]By September 2021, the Department of Homeland Security (DHS), OMB, and other federal agencies will be required to develop a “playbook”—e., a standard set of operating procedures—to be used in planning and conducting cybersecurity vulnerability and incident response activity with respect to Federal Civilian Executive Branch (FCEB) Information Systems.[25] The playbook must (1) incorporate all appropriate NIST standards, (2) be used by FCEB agencies, and (3) articulate progress and completion through all phases of incident response.[26]
  • Improve detection of cybersecurity incidents on federal government networks.[27]In order to detect incidents early, agencies must deploy Endpoint Detection and Response initiatives to support proactive detection of cybersecurity incidents within federal government infrastructure, active cyber hunting, containment and remediation, and incident response.[28] These requirements will be based on requirements issued by OMB in consultation with DHS.[29]
  • Improve investigative and remediation capabilities.[30]Over the next three months, the Secretary of Homeland Security, in consultation with other federal agencies, is directed to develop standardized requirements for maintaining information event logs for federal agencies.[31] The requirements will include the types of logs to be maintained, the time periods to retain the logs, and guidance for protecting those logs.[32]

As written, the Cybersecurity EO is designed to have a meaningful impact not only on the federal government but also on its contractors and, ultimately, the private sector. Yet for all of the Cybersecurity EO’s ambitious directives and timelines, execution of these directives will take time, and the Cybersecurity EO’s ultimate effect will be heavily informed by implementing regulations that have not yet been announced. It remains to be seen how soon the new initiatives envisioned by the Cybersecurity EO will actually take effect, but IT and OT providers most likely to be directly impacted are on notice that change is on the horizon, and that the security community as a whole is contemplating new benchmarks for what cybersecurity looks like.

Of course, the Cybersecurity EO only offers one vector of the federal government’s cybersecurity response, and therefore is equally notable for what it does not, and cannot, address. For example, in the wake of the hack of Solar Winds and the ransomware attack on Colonial Pipeline, it is natural to ask what the Biden Administration’s response will be to continued Russian and Chinese state-sponsored cyber intrusions and, relatedly, foreign safe-harbors provided to criminal groups.[33] The Cybersecurity EO does not say. Separately, will Congress go beyond the Cybersecurity EO to impose broad-sweeping and mandatory breach disclosure requirements, as some have alluded to?[34] From that perspective, the Cybersecurity EO may signal just the beginning of a broader effort within the federal government that is likely to continue in the coming months.    


[1] White House, Executive Order on Improving the Nation’s Cybersecurity (May 12, 2021),

[2] Cybersecurity EO § 1.

[3] Ellen Nakashima, Biden Signs Executive Order Designed to Strengthen Federal Digital Defenses, Washington Post (May 12, 2021),

[4] Cybersecurity EO § 1; White House, Fact Sheet: President Signs Executive Order Charting New Course to Improve the Nation’s Cybersecurity and Protect Federal Government Networks (May 12, 2021),

[5] Cybersecurity EO § 2.

[6] Cybersecurity EO § 2.

[7] DFARS 252.204.7012.

[8] FAR 52.204-21.

[9] Cybersecurity EO §§ 2(a), 2(e).

[10] Cybersecurity EO § 2(g)(i).

[11] Cybersecurity EO § 2(b).

[12] Cybersecurity EO § 2(e).

[13] Cybersecurity EO § 2(e) (emphasis added).

[14] Cybersecurity EO § 3.

[15] Cybersecurity EO § 3(d).

[16] Cybersecurity EO § 3(f).

[17] Cybersecurity EO § 4.

[18] Cybersecurity EO §§ 4(c)-(e). Under the EO, “critical software” is “software that performs functions critical to trust (such as affording or requiring elevated system privileges or direct access to networking and computing resources),” and which will be subject to additional security guidance. Id. §§ 4(a), (g)-(j).

[19] Cybersecurity EO §§ 4(p)-(q).

[20] Cybersecurity EO §§ 4(s)-(t).

[21] Cybersecurity EO § 5.

[22] Cybersecurity EO § 5(c).

[23] Cybersecurity EO § 5(e).

[24] Cybersecurity EO § 6.

[25] Cybersecurity EO § 6(b).

[26] Cybersecurity EO § 6(b).

[27] Cybersecurity EO § 7.

[28] Cybersecurity EO § 7(b).

[29] Cybersecurity EO §§ 7(c)-(d).

[30] Cybersecurity EO § 8.

[31] Cybersecurity EO §§ 8(b)-(c).

[32] Cybersecurity EO § 8(b).

[33] See Mae Anderson & Frank Bajak, Cyberattack on U.S. Pipeline is Linked to Criminal Gang, Associated Press (May 9, 2021),

[34] See Eric Geller & Martin Matishak, A Federal Government Left ‘Completely Blind’ on Cyberattacks Looks to Force Reporting, Politico (May 15, 2021),

DoD Issues Proposed Rule Implementing Enhanced Debriefing Requirement

Bleicher_Noah_COLOR Weiss_Carla_COLOR Broder_Moshe_COLOR


By: Noah B. BleicherCarla J. Weiss, and Moshe Broder

The Department of Defense (DoD) has issued a proposed rule to amend the Defense Federal Acquisition Regulation Supplement (DFARS) to require that DoD provide enhanced postaward debriefings to contractors. Although these changes were required by Section 818 the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2018, and were partially implemented by a Class Deviation issued by DoD in the same year, the proposed rule would permanently implement these changes in the DFARS and provide for the production of redacted source selection documents in certain debriefings. Comments on the proposed rule are due by July 19, 2021.

Government contractors often struggle to understand the government’s decision to select the proposal of another offeror for contract award. The postaward debriefing process is an important tool to gain insight into the government’s reasoning, but the limited information provided to contractors during a debriefing frequently raises more questions than it answers and may cause contractors to protest the award decision as a way to gather more information or test the soundness of an agency’s opaque award rationale. Increased transparency through postaward debriefings can boost confidence in procurement decisions and provide disappointed offerors with practical insight that can help improve future bids.

Recognizing these benefits, Section 818 for NDAA FY18 required DoD to revise the DFARS to include, at a minimum, disclosure of a redacted version of the agency’s source selection decision, and an opportunity to ask follow-up questions and receive answers before the close of the debriefing, thereby delaying the deadline to timely file a bid protest and obtain an automatic stay of performance during the pendency of the protest at the Government Accountability Office (GAO).

Shortly after the passage of the NDAA, DoD partially implemented the requirement through a Class Deviation that required contracting officers to provide unsuccessful offerors with an opportunity to submit additional questions within two business days of receiving the debriefing, and for the agency to respond in writing within five business days of receipt of the questions. Importantly, the debriefing would remain open until the contractor received the written responses. DoD’s Class Deviation did not, however, implement the statutory requirement to provide offerors with a redacted version of the source selection decision, though DoD agencies were not prohibited from providing this documentation; indeed, some did upon request.

DoD’s proposed rule, issued on May 20, 2021, seeks to implement both aspects of Section 818 of NDAA FY18. Consistent with the changes implemented in the 2018 Class Deviation, the DFARS would be revised to require that contractors be provided the opportunity to submit written follow-up questions within two business days of receiving a debriefing and for the DoD agency to respond within five business days after receipt of the questions. The debriefing would not be considered concluded until the contractor receives the agency’s answers, and the clock to timely file a protest and receive an automatic suspension of contract performance would not begin to run until the debriefing concluded. Importantly, the proposed rule confirms that a contractor must submit follow-up questions for the protest clock to be tolled; otherwise, the time to file a protest begins to run from the day on which the contractor received the debriefing.

In addition, the DFARS would be revised to require that DoD, as part of a postaward debriefing, disclose to a disappointed offeror a redacted version of the source selection decision document where: (a) the offeror is a small business or nontraditional defense contractor, and the award is above $10 million; or (b) for all offerors, where the award is greater than $100 million. The proposed rule also clarifies that, when timely requested, a debriefing is required for all contracts and task orders or delivery orders valued at $10 million or more. These requirements will apply to negotiated procurements and contracts for the acquisition of commercial items, including Commercial-off-the-Shelf (COTS) items.

Government contractors should seek to utilize these procedures to maximize the benefit from a postaward debriefing in DoD procurements. Contractors should prepare and submit thoughtful and detailed follow-up questions and request a redacted version of the agency’s source selection decision. This information can provide invaluable insight to a contractor seeking to improve its next proposal submission or evaluate the merits of a potential protest. Practically speaking, the additional time allotted during the enhanced debriefing process provides a contractor with more breathing room to consider the cost/benefit of any potential bid protest—a decision often made under the pressure of short protest deadlines. As part of the DFARS, the proposed rule, once implemented, applies only to DoD and not civilian agencies, but non-DoD agencies are not prohibited from adopting these practices or implementing similar rules.

Jenner & Block’s Government Contracts lawyers have extensive bid protest experience, including prior service as a supervising bid protest hearing officer at GAO, and stand ready to support any challenges to the award of a government contract.