Overview
Beginning August 13, 2020, executive agencies will be prohibited from contracting with companies that use "covered telecommunications products or services" (i.e., technologies from certain China-based companies) – even if the use is unrelated to performance of federal contracts. On July 13, 2020, the FAR Council issued an interim rule amending the Federal Acquisition Regulation (FAR) to implement section 889(a)(1)(B) of the National Defense Authorization Act (NDAA) for FY 2019 (Pub. L. No. 115-232). Section 889 has several rules prohibiting the use of federal funding for the procurement of the "covered telecommunications products or services," including Section 889(a)(1)(A), which went into effect in August 2019 and prohibits federal agencies from procuring any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component or as critical technology as part of any system.
Section 889(a)(1)(B) goes even further than this prior rule, appearing to ban any use of the technology by federal contractors. As implemented at FAR 4.2102, this rule provides that, as of August 13, 2020, executive agencies may no longer "enter into a contract (or extend … a contract) with an entity that uses any equipment, system, or services that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system," regardless of whether the equipment or services are used in the performance of work under a federal government contract. The FAR Council estimates that the cost of compliance in the first year will be at least $12 billion.
Section 889 and the FAR define covered telecommunications equipment or services as including:
- Telecommunications equipment produced by Huawei Technologies Company or ZTE Corporation (or any subsidiary or affiliate of such entities);
- For the purpose of public safety, security of government facilities, physical security surveillance of critical infrastructure, and other national security purposes, video surveillance and telecommunications equipment produced by Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, or Dahua Technology Company (or any subsidiary or affiliate of such entities);
- Telecommunications or video surveillance services provided by such entities; and
- Telecommunications or video surveillance equipment or services produced or provided by an entity that the Secretary of Defense, in consultation with the Director of the National Intelligence or the Director of the Federal Bureau of Investigation, reasonably believes to be an entity owned or controlled by, or otherwise connected to, the government of a covered foreign country [i.e., China].
The restrictions implemented under Section 889 include an exception. The law does not prohibit agencies or federal contractors from contracting with an entity to obtain "a service that connects to the facilities of a third-party, such as backhaul, roaming, or interconnection arrangements" or "cover telecommunications equipment that cannot route or redirect data traffic or permit visibility into any user data or packets that such equipment transmits or otherwise handles." The interim rule further clarifies this exception by adding new definitions for "backhaul," "interconnection arrangements," and "roaming."
Contractor Compliance
Although the interim rule provides some additional guidance beyond the plain language of Section 889, there remains significant uncertainty regarding the scope of the prohibition's application and the scope of a contractor's compliance obligations. As an initial matter, the scope of the term "use" remains unclear. While the interim rule prohibits agencies from contracting with companies that "use" covered telecommunications equipment and services in either their federal government or commercial business, the rule does not define "use." The rule also leaves open the question of whether the ban would apply to "affiliates" of the federal contractor but, from a compliance perspective, the existing IT infrastructure and other shared equipment or services within a corporate family may dictate the rule's impact more than the rule's definition of the scope of covered entities.
Unlike many acquisition regulations that are triggered by the dollar value or type of procurement, this prohibition will apply broadly to all procurement contracts, including micro-purchase contracts (less than $10,000) as well as acquisitions of commercial items and commercial-off-the-shelf-items. The prohibition states that it will only apply to prime contractors and will not flow down to subcontractors at any tier because subcontractors are not parties to a US government contract, but the rule has some conflicting guidance on this issue.
When the prohibition goes into effect on August 13, 2020, offerors will be required to submit a representation with each offer, under FAR 52.204-24, indicating whether, after conducting a reasonable inquiry, covered telecommunications equipment or services are used by the offeror. This certification will be required in solicitations issued on or after August 13, 2020 and in solicitations issued before August 13, 2020 where award of the resulting contract will occur on or after August 13, 2020. Agencies also must modify existing indefinite delivery contracts and contracts with options, prior to ordering work or extending those contracts.
A "reasonable inquiry" is an inquiry "designed to uncover any information in the entity's possession about the identity of the producer or provider of covered telecommunications equipment or services used by the entity. Commentary on the rule indicates that a reasonable inquiry "need not include an internal or third-party audit." The rule also establishes that a prime contractor's "reasonable inquiry" must include examining relationships with subcontractors and suppliers where the prime contractor is using the supplier or subcontractor's "covered telecommunications" equipment or services as a substantial or essential component of any system, suggesting that prime contractors will need to consider a subcontractors' use too (as well as potentially that of any affiliates involved in the contract or related support). The regulation does not specifically address whether this inquiry considers subcontractors' access to certain information that is subject to additional regulatory safeguards, such as "Federal contract information" or "covered defense information." While the term "reasonable inquiry" is defined, the exact scope of offerors' compliance obligations remains unclear.
In some cases, contractors (or their suppliers or other parties) may need to consider the export control risk involved in this inquiry and reporting process, given that certain of the Chinese technology companies implicated by this rule are subject to US export control restrictions.
Waiver Process
Under the interim rule, agencies may waive, on a one-time basis, the prohibition in Section 889(a)(1)(B). The waiver process appears intentionally burdensome, and any granted waivers may not extend beyond August 13, 2022. To obtain the waiver, the procuring agency must submit the waiver request to the head of the executive agency with the following information:
- A compelling justification for the additional time to implement the requirements under FAR 4.2102(a)(2); and
- A full and complete laydown or description of the presences of covered telecommunications or video surveillance equipment or services in the relevant supply chain and phase-out plan to eliminate such covered telecommunications or video surveillance equipment or services from the relevant systems.
Adding to the burden, if the head of the executive agency approves the waiver, the rules also require notification to certain Congressional committees, including the "phase-out plan" to eliminate such covered telecommunications or video surveillance equipment or services from the relevant systems.
Comment Period
Although the interim rule goes into effect August 13, 2020, the FAR Council will accept comments for 60 days after the rule's release. Specifically, the council is seeking input from industry on the following topics, largely related to the hurdles and costs associated with achieving compliance:
- The extent to which interested parties currently use covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.
- The impact on interested parties’ ability to comply with the prohibition if the prohibition was expanded to cover affiliates, parents, and subsidiaries of the offeror that are domestic concerns.
- The estimated cost impact of compliance for interested parties that currently use covered telecommunications equipment or services.
- The extent to which interested parties have insight into existing systems and their components.
- The equipment and services that need to be checked to determine whether they include any covered telecommunications equipment or services, and the best processes for doing so.
- The challenges involved in identifying prohibited uses of covered telecommunications equipment or services.
- Whether interested parties anticipate use of any products or services that are unrelated to a service provided to the federal government and connects to the facilities or a third-party (e.g., backhaul, roaming, or interconnection arrangements) that uses covered telecommunications equipment or services.
- The extent to which interested parties currently have direct control over existing equipment, systems, or services in use and their components.
- The steps required to replace covered telecommunications equipment or services.
- Cases in the supply chain where it would not be feasible to cease use of equipment, system(s), or services that use covered telecommunications equipment or services.
- Data on the extent of the presence of covered telecommunications equipment or services.
- Data on the fully burdened cost to remove and replace covered telecommunications equipment or services.
Steptoe is continuing to monitor the FAR Council’s implementation of Section 889 and is available to assist clients in navigating these new compliance challenges.