The Cybersecurity and Infrastructure Security Agency (CISA) is seeking public comment on the secure software development common self-attestation form to be completed by software producers that sell software to the federal government. Federal agencies are scheduled to begin collecting attestation forms for critical software by June 2023 and for all other software by September 2023.
Continue Reading CISA Releases Proposed Security Attestation Form for Software Producers
On March 2, 2023, the Biden Administration released its National Cybersecurity Strategy. The Strategy represents the latest push by the Administration to focus on cybersecurity concerns, following the release of Executive Order 14028, Improving the Nation’s Cybersecurity in May 2021. The Strategy lays out the cybersecurity goals and objectives for the federal government and outlines a fundamental change in how the federal government wishes to allocate roles, responsibilities, and resources for cybersecurity. It contemplates placing greater responsibility on industry, particularly owners and operators of systems that hold personal data and technology providers.
Continue Reading Biden Administration Releases Highly Anticipated National Cybersecurity Strategy
Per Executive Order 14028, Improving the Nation’s Cybersecurity, the Office of Management and Budget (OMB) issued a memorandum on September 14, 2022 requiring federal agencies to only use software from software producers that attest compliance with secure software development guidance issued by the National Institute of Standards and Technology (NIST).
Continue Reading Federal Government Outlines New Security and Attestation Requirements for Software
Software companies selling indirectly to the Federal Government finally received an answer to a question that has lingered for years – can a software company going to market through a reseller bring a direct claim under the Contract Disputes Act (“CDA”) against the Federal Government for violating a term of the software company’s End User License Agreement? Sadly, the answer is “no.”
Continue Reading Software Companies Beware: Board Holds Subcontractor Cannot Enforce EULA Directly Against Federal Government
Every now and then, the FAR Councils issue a Federal Acquisition Circular (FAC) – an update to the Federal Acquisition Regulation implementing a number of changes. Often these changes are rather pro forma. But occasionally, you get a Circular with many different (and interesting) issues. FAC 2005-67, issued in late-June 2013, with rules becoming effective in June and July 2013, is one such circular. We thought it would be helpful to highlight five of these rules that raise interesting and timely issues, especially where they may signal additional changes yet to come.
Continue Reading Lots of Little Things – FAR Updates from the Federal Acquisition Circular
By Louis Victorino and Jonathan Aronie (originally published in the San Diego Business Journal)
It has been noted, the more things change, the more they stay the same. In the world of Government Contracts Law, however, the more things change, the more the phone rings. And while we’re only a few weeks into 2013, the phone has been ringing off the hook. Here are a few of the reasons why.
Continue Reading What Does 2013 Have In Store for Government Contractors and Their Lawyers?
One of the most perplexing questions that has plagued the government contracting community in recent years relates to the country of origin for computer software. Where most government procurements restrict the purchase of products that were not manufactured or substantially transformed in an approved country, the question of where software is “substantially transformed” is one of critical importance – particularly where the government buys more and more software products, and particularly where those software products are distributed via direct download. The Department of U.S. Customs and Border Protection has long resisted issuing any authoritative guidance on the country of origin for computer software, leaving industry to reach its own conclusions, conclusions that hopefully will be adjudged as reasonable in the event of later Government scrutiny or challenge. But Customs has recently issued an advisory opinion that may finally shed some light on this dark and murky topic.
Continue Reading Country of Origin for Computer Software – U.S. Customs Finally Sheds Some Light on the Issue
The United States has long been the world’s principal purchaser of (a) research and development services, (b) the products generated by the R&D, and (c) the intellectual property relating to that R&D. Historically, Government-funded R&D has evoked images of an omnipresent, overly intrusive, audit-fixated purchaser bent on levying a host of required terms and conditions on the seller, many of which are wholly unrelated to the underlying R&D and are designed solely to advance socio-economic policies and preferences. For these (and other) reasons, companies, particularly new and emerging companies, are often reluctant to accept federal funding to advance their privately conceived and privately developed ideas.
Continue Reading A Brief Guide to Alternative Contracting Arrangements for R&D