Eastern District of California Allows False Claims Act Allegations Based on Noncompliance with DoD Cybersecurity Requirements to Go Forward

Carolyn R. Cody-Jones

A recent decision in the federal district court for the Eastern District of California is one of the first to recognize application of the False Claims Act (“FCA”) to Department of Defense (“DoD”) cybersecurity requirements, and will likely encourage future lawsuits alleging noncompliance with federal cybersecurity procurement regulations. In United States ex rel. Markus v. Aerojet Rocketdyne Holdings, Inc., No. 2:15-cv-2245 WBS AC, 2019 WL 2024595 (E.D. Cal. May 8, 2019), the court denied the defendant contractor’s motion to dismiss qui tam complaint fraud allegations against the company. The complaint—brought by a former employee from the company’s cybersecurity department a month after his termination from the company—alleged the defendant fraudulently entered into DoD and National Aeronautics and Space Administration (“NASA”) contracts despite knowing that it did not meet the minimum standards required to receive the awards. The court permitted the case to move forward despite the government declining to intervene.

The primary regulations at issue in the case are DFARS 252.204-7012, which recently required, as of December 31, 2017, that contractors have a cybersecurity plan in place complying with 110 recommended security control standards set forth in NIST SP 800-171. However, the court’s decision in Aerojet Rocketdyne focused on the previous 2013 final rule and the two interim rules in 2015 implementing DFARS 252.204-7012, and also a NASA cybersecurity regulation at 48 C.F.R. § 1852.204-76 involving contractor security controls for sensitive but unclassified government information. Continue reading “Eastern District of California Allows False Claims Act Allegations Based on Noncompliance with DoD Cybersecurity Requirements to Go Forward”

Renewed Focus on Contractor Business System Reviews

Sara N. Gerber

According to a recent U.S. Government Accountability Office (“GAO”) report, the Defense Contract Audit Agency (“DCAA”) and the Defense Contract Management Agency (“DCMA”) have taken certain steps to improve the contractor business system (“CBS”) review process and are forecasting that CBS reviews will increase significantly over the next four years. Contractor business systems include a contractor’s accounting, earned value management, estimating, purchasing, material management, and property management systems. These systems require contractors to maintain internal controls that, as GAO noted, “act as the first line of defense against fraud, waste and abuse of federal funding.” Given their importance, the renewed focus on ensuring CBS reviews are conducted in a timely and consistent manner is not surprising, and contractors should prepare for a new wave of audit activity. Continue reading “Renewed Focus on Contractor Business System Reviews”

Technical Data Rights Protections Eroded by FY19 NDAA

Scott Arnold and Carolyn Cody-Jones

The Fiscal Year (“FY”) 2019 National Defense Authorization Act (“NDAA”), H.R. 5515, 115th Cong., 2d Sess. (2018), passed both chambers of Congress at breakneck speed this year, the fastest pace in approximately 20 years, and was presented to President Trump on August 3, 2018. The bill enjoyed substantial bipartisan support in both the Senate and the House. It authorizes a $717 billion national defense budget and also reforms certain practices. Continue reading “Technical Data Rights Protections Eroded by FY19 NDAA”

New DOD Class Deviation Changes Debriefing Process

Scott Arnold

The United States Department of Defense (“DOD”) has amended the process for debriefings required under Federal Acquisition Regulation (“FAR”) 15.506 to allow for offeror questions related to the debriefing. Offerors are allowed up to two business days following a debriefing to submit written questions, and the agency has up to five business days after receipt of the questions to submit written responses. The agency must hold the debriefing open until it delivers its written responses to the disappointed offeror. The new process applies to all DOD debriefings required under FAR 15.506.

The purpose of this new rule implementing section 818 of the 2018 National Defense Authorization Act (“NDAA”) is to improve the quality of debriefings and reduce the number of situations where disappointed offerors feel compelled to protest because the information they receive in debriefings is insufficiently detailed to convince them that the selection decision was fair. More fulsome debriefings should allow offerors to make more informed decisions about whether to protest. Continue reading “New DOD Class Deviation Changes Debriefing Process”