The FAR Council released an Interim Rule in August implementing part of Section 889 of the John S. McCain National Defense Authorization Act for Fiscal Year 2019.  In this briefing, we highlight points where the Interim Rule provides clarity; definitional issues that remain unresolved; and new procedural requirements that government contractors should track.

The Interim Rule covers the portion of Section 889, subsection (a)(1)(A), that prohibits the federal government from acquiring certain telecommunications equipment/services from Huawei, ZTE, and other Chinese companies.  Specifically: “The head of an executive agency may not … procure or obtain or extend or renew a contract to procure or obtain any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.”

Section (a)(1)(A) took effect on August 13, 2019, although a 60-day window remains open for stakeholders to submit comments to be considered in the development of a final rule.  Comments on the (a)(1)(A) Interim Rule are due by October 15, 2019.

The second part of Section 889 implementation, sections (a)(1)(B) and (b)(1), go into effect on August 13, 2020. Regulations for those sections remain pending within the government, but the definitions and waiver process established by (a)(1)(A) will be instructive for those regulations as well.

Concurrently, all of Section 889 is subject to a legal challenge in U.S. District Court for the Eastern District of Texas.  Huawei has sued to invalidate the entire provision, with the most prominent argument that Section 889 is an unconstitutional Bill of Attainder.  The case is in a relatively early stage, with another round of briefing due on September 10 and a hearing scheduled for September 19, 2019.

I.                Clarifications 

As expected, the rule adopts statutory text to define “covered telecommunications equipment or services,” with no changes.  It does, however, import an expansive definition of “critical technology,” borrowed from the Foreign Investment Risk Review Modernization Act (“FIRRMA”).  The Interim Rule concedes that the definition is overbroad – it includes “select agents and toxins” that are unlikely to apply to telecommunications – but used it in the interest of government-wide consistency as both the changes to the foreign investment review process contained in FIRRMA and Section 889 are being implemented simultaneously.  The law applies – as expected – at all dollar values (i.e., below the Simplified Acquisition Threshold) and to purchases of commercial and commercially available off-the-shelf items.

II.             Open Questions

Substantial or essential component” is defined, but broadly and only at a high level: “any component necessary for the proper function or performance of a piece of equipment, system, or service.”  Each agency will have to determine which components meet that definition for purposes of compliance.  This is an area where seeking additional clarification through the comment period could be important.

Critical infrastructure” is not defined at all, even though the definition of “covered telecommunications equipment” includes equipment produced by Hytera, Hikvision, or Dahua used for “physical security surveillance of critical infrastructure.”  Based on the approach to defining “critical technology,” however, we expect that the government would likely borrow the definition of “critical infrastructure” from FIRRMA: “systems and assets, whether physical or virtual, so vital to the United States that the incapacity or destruction of such systems or assets would have a debilitating impact on national security.”

III.           Important New Requirements

The Interim Rule describes two sets of compliance obligations that deserve close attention from current and prospective government contractors.

A.              “Representations”

The Interim Rule imposes a two-step certification process that presents serious new risks for government contractors.

  1. First, in connection with work after August 13, and later as part of the System for Award Management profile, contractors will be required to represent whether they sell material or services that include covered telecommunications equipment or services.
  1. Second, if they respond that they do, then they must make separate, detailed, offer-by-offer disclosures in connection with bids for contracts and for task/delivery orders.

This system of certifications meaningfully expands the scope of risk associated with due diligence in acquisitions, and broadens potential exposure to the False Claims Act and other anti-fraud statutes.

The representations could also have a potential upside in terms of justifying an exclusion or waiver.  The preamble explains that the information provided in the “representation will assist the Government in appropriately assessing the presence of any covered telecommunications equipment or services that may be present … to determine if the items in question will be used as a substantial or essential component, or to determine if a waiver request may be appropriate.”  The head of an executive agency may, on a one-time basis, waive the requirements for section (a)(1)(A) for up to two years if the entity seeking the waiver provides a “compelling justification” for the additional time needed for the entity to implement the requirements under the law.

Entities that seek a waiver will also be required to submit to the head of the executive agency for which they are intending to contract with a “full and complete laydown” of the presences of covered equipment or services in the supply chain and a “phase-out” plan to eliminate those elements from the supply chain.  The process for submitting a waiver will be determined by each agency.

B.              Reporting Requirements 

The Interim Rule creates a severe reporting regime with aggressive deadlines:  “In the event the Contractor identifies covered telecommunications equipment or services used as a substantial or essential component of any system, or as critical technology as part of any system, during contract performance, or the Contractor is notified of such by a subcontractor at any tier or by any other source, the Contractor shall report the information … to the Contracting Officer … [and] in the case of the Department of Defense, the Contractor shall report to the [DIBNET].”

An initial report is due within one business day, with a follow-up report due in 10 business days.  The contractor must report any covered equipment/systems/services discovered during contract performance in a fairly high level of detail, and must flow this requirement down to subcontractors.

The “notified” prong of this reporting requirement is broad, and is not qualified by thresholds like “credible” information.  Because it captures notification by “any other source,” it is conceivable that the government could impose a constructive notice requirement on contractors, or could take the position that open-source news reporting triggers the reporting requirements.

IV.           Applicability Dates 

The prohibitions take effect on August 13, 2019, and apply to new solicitations issued on/after that date and any resulting contracts, as well as to contracts that are awarded on/after August 13, 2019, even if the solicitations preceded that date.  The Interim Rule requires contracting officers to include the corresponding FAR clause in any future orders under an indefinite delivery (“ID/IQ”) contract, and in any extension of existing contracts or task/delivery orders (including an option).

Contracting officers must also include the representations provision in all solicitations or notices of intent under an existing ID/IQ contract, whenever performance will occur on/after August 13, 2019.