Federal Acquisition Regulation; FAR Case 2008-019, Authentic Information Technology Products

Federal Register: November 18, 2008 (Volume 73, Number 223)

Proposed Rules

Page 68373-68375

From the Federal Register Online via GPO Access [wais.access.gpo.gov]

DOCID:fr18no08-55

DEPARTMENT OF DEFENSE

GENERAL SERVICES ADMINISTRATION

NATIONAL AERONAUTICS AND SPACE ADMINISTRATION 48 CFR Parts 2, 4, 12, 39, and 52

FAR Case 2008-019; Docket 2008-0001; Sequence 1

RIN 9000-AL11

Federal Acquisition Regulation; FAR Case 2008-019, Authentic

Information Technology Products

AGENCIES: Department of Defense (DoD), General Services Administration

(GSA), and National Aeronautics and Space Administration (NASA).

ACTION: Advance notice of proposed rulemaking and public meeting.

SUMMARY: The Civilian Agency Acquisition Council and the Defense

Acquisition Regulations Council (Councils) are seeking comments from both Government and industry on whether the Federal Acquisition

Regulation (FAR) should be revised to include a requirement that contractors selling information technology (IT) products (including computer hardware and software) represent that such products are authentic. The Councils are also interested in comments regarding contractor liability if IT products sold to the Government, by contractors, are not authentic. Additionally, the Councils are seeking comments on whether contractors who are resellers or distributors of computer hardware and software should represent to the Government that they are authorized by the original equipment manufacturer (OEM) to sell the information technology products to the Government. Finally, the Councils invite comments on (1) whether the measures contemplated above should be extended to other items purchased by the Government; and (2) whether the rule should apply when information technology is a component of a system or assembled product.

Page 68374

DATES: Public Meeting: A public meeting will be held on December 11, 2008, from 9:00 a.m. to 3 p.m. EST, in the National Aeronautics and

Space Administration James E. Webb Memorial Auditorium, 300 E Street

SW, Washington, DC 20546. The visitors' entrance is on the west end of the building at the corner of 4th and E Streets SW. Attendees are encouraged to arrive at least thirty minutes early to accommodate security procedures.

If you wish to make a presentation on this topic, please contact and submit a copy of your presentation by December 1, 2008, to General

Services Administration, Contract Policy Division (VPC), 1800 F Street,

NW, Room 4040, Attn: Edward N. Chambers, Washington, DC 20405.

Telephone: 202-501-3221.

Submit electronic materials via e-mail to Chambers.Edward@gsa.gov.

Please submit presentations only and cite Public Meeting 2008-019 in all correspondence related to this public meeting. The submitted presentations will be the only record of the public meeting. If you intend to have your presentation considered as a public comment in the formulation of the proposed rule, the presentation must be submitted separately as a written comment as instructed below.

Special Accommodations: The public meeting is physically accessible to people with disabilities. Request for sign language interpretation or other auxiliary aids should be directed to Edward N. Chambers, at 202-501-3221, at least 5 working days prior to the meeting date.

Comments: Interested parties should submit written comments to the

FAR Secretariat on or before January 20, 2009 to be considered in the formulation of a final rule.

ADDRESSES: Submit comments identified by FAR case 2008-019 by any of the following methods:

Regulations.gov: http://www.regulations.gov. Submit comments via the Federal eRulemaking portal by inputting ``FAR Case 2008-019'' under the heading ``Comment or Submission''. Select the link

``Send a Comment or Submission'' that corresponds with FAR Case 2008- 019. Follow the instructions provided to complete the ``Public Comment and Submission Form''. Please include your name, company name (if any), and ``FAR Case 2008-019'' on your attached document.

Fax: 202-501-4067.

Mail: General Services Administration, Regulatory

Secretariat (VPR), 1800 F Street, NW, Room 4041, ATTN: Laurieann

Duarte, Washington, DC 20405.

Instructions: Please submit comments only and cite FAR case 2008- 019 in all correspondence related to this case. All comments received will be posted without change to http://www.regulations.gov, including any personal and/or business confidential information provided.

FOR FURTHER INFORMATION CONTACT Mr. Edward N. Chambers, Procurement

Analyst, at (202) 501-3221 for clarification of content. For information pertaining to status or publication schedules, contact the

FAR Secretariat at (202) 501-4755. Please cite FAR case 2008-019.

SUPPLEMENTARY INFORMATION: The widespread availability of counterfeit

Information Technology (IT) products presents a multidimensional threat to our nation. While it is estimated that our nation's industries and governments lose millions of dollars each year to counterfeiters, the trade in counterfeit IT products also presents serious threats to our national security and consumer safety.

Today, IT products, such as computer network hardware, (the infrastructure of business, healthcare, education, and communication and information networks) and integrated circuits (IC), are used in a wide range of applications; including automobiles, aircraft, computers, telecommunications, medical devices, and consumer electronics. These IT products are also essential to our national infrastructure systems; such as air traffic control, financial and telecommunication networks, and government and military communications, information, and operating systems.

Counterfeit network hardware and ICs pose a risk in that they frequently do not meet the quality standards of genuine equipment.

Various information indicates that these products have a higher failure rate than genuine equipment, and often fail upon installation, or weeks or months after installation. Thus, these counterfeit IT products pose a threat to the national security and consumer safety because when they fail, the entire systems in which they are embedded may also fail.

The Councils believe requiring contractors to represent that the IT products they sell to the Government are authentic, will aid in efforts to combat counterfeit IT products. In addition to commenting on the

Government proposal, the public and industry are invited to offer suggestions on other ways to limit the risk to the Government from acquiring counterfeit IT products.

To facilitate public comment, the Councils have attached provisional FAR text.

While the focus of this notice is IT products, comments are invited on (1) whether the measures proposed herein should be expanded to include other items sold to the Government and (2) whether the rule should apply when information technology is a component of a system or assembled product. Further, the provisional text places the OEM in the role of ``gatekeeper'' as to who is an authorized distributor or reseller. Is there another party or process which would be more appropriate to this role? Also, through what means should authorized status be substantiated? By a letter from the OEM, or a reference on an

OEM website?

This is not a significant regulatory action and, therefore, was not subject to review under Section 6(b) of Executive Order 12866,

Regulatory Planning and Review, dated September 30, 1993. This rule is not a major rule under 5 U.S.C. 804.

List of Subjects in 48 CFR Parts 2, 4, 12, 39, and 52

Government procurement.

Dated: November 12, 2008.

Al Matera,

Director, Office of Acquisition Policy.

Therefore, DoD, GSA, and NASA propose amending 48 CFR parts 2, 4, 12, 39, and 52 as set forth below: 1. The authority citation for 48 CFR parts 2, 4, 12, 39, and 52 continues to read as follows:

Authority: 40 U.S.C. 121(c); 10 U.S.C. chapter 137; and 42

U.S.C. 2473(c).

PART 2--DEFINITIONS OF WORDS AND TERMS 2. Amend section 2.101 in paragraph (b) in the definition

``Information technology'' by revising paragraph (2) to read as follows: 2.101 Definitions.

* * * * *

(b) * * *

Information technology * * *

(2) The term ``information technology'' includes--

(i) Computers;

(ii) Ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance);

(iii) Peripheral equipment designed to be controlled by the central processing unit of a computer;

(iv) Software, firmware and similar products;

(v) Services (including support services); and

Page 68375

(vi) Related resources.

* * * * *

PART 4--ADMINISTRATIVE MATTERS 3. Amend section 4.1202 by adding paragraph (cc) to read as follows: 4.1202 Solicitation provisions and contract clauses.

* * * * *

(cc) 52.239-XX, Authentic Information Technology Products--

Representation.

PART 12--ACQUISITION OF COMMERCIAL ITEMS 4. Amend section 12.301 by adding paragraphs (d)(3) and (d)(4) to read as follows: 12.301 Solicitation provisions and contract clauses for the acquisition of commercial items.

* * * * *

(d) * * *

(3) Insert the provision at 52.239-XX, Authentic Information

Technology Products--Representation, as prescribed at 39.107(b)(1).

(4) Insert the clause at 52.239-YY, Authentic Information

Technology Products, as prescribed at 39.107(b)(2).

* * * * *

PART 39--ACQUISITION OF INFORMATION TECHNOLOGY 5. Amend section 39.002 by adding, in alphabetical order, the definition ``Counterfeit information technology product'' to read as follows: 39.002 Definitions.

* * * * *

Counterfeit information technology product means any item of information technology (IT), including hardware and software, that is an unauthorized copy, replica, or substitute.

* * * * * 6. Amend section 39.101 by adding paragraph (e) to read as follows: 39.101 Policy.

* * * * *

(e) To protect the Government from procuring counterfeit IT products, agencies shall ensure that all acquisitions for IT products are procured from the original equipment manufacturer (OEM), software developer, or authorized distributor or reseller. Agencies shall ensure that all solicitations and contracts for the acquisition of IT products include a requirement for the offeror or contractor to represent that the IT products being sold under its contract to the Government are not counterfeit. 39.102 [Amended] 7. Amend section 39.102 by removing from paragraph (b)

``availability,'' and adding ``availability, counterfeit IT products, performance, security,'' in its place. 8. Amend section 39.107 by designating the undesignated paragraph as paragraph (a); and adding paragraph (b) to read as follows: 39.107 Contract clause.

* * * * *

(b)(1) The contracting officer shall insert the provision at 52.239-XX, Authentic Information Technology Products--Representation, in all solicitations for the acquisition of IT products.

(2) The contracting officer shall insert the clause at 52.239-YY,

Authentic Information Technology Products, in all contracts for the acquisition of IT products.

PART 52--SOLICITATION PROVISIONS AND CONTRACT CLAUSES 52.239-1 [Amended] 9. Amend section 52.239-1 by removing from the introductory paragraph ``39.107'' and adding ``39.107(a)'' in its place. 10. Add sections 52.239-XX and 52.239-YY to read as follows: 52.239-XX Authentic Information Technology Products--Representation.

As prescribed in 39.107(b)(1), insert the following provision:

AUTHENTIC INFORMATION TECHNOLOGY PRODUCTS--REPRESENTATION (DATE)

(a) Definition. Counterfeit information technology product means any item of information technology (IT), including hardware and software, that is an unauthorized copy, replica, or substitute.

(b) To be eligible for award of the proposed contract, an offeror must--

(1) Be either the original equipment manufacturer (OEM); or

(2) Have written authorization from the OEM or software developer to function as a distributor or reseller of the subject products.

(c) By submission of this offer, the offeror represents that--

(1) The IT products to be sold or leased to the Government under the proposed contract are authentic and not counterfeit; and

(2) It is the original equipment manufacturer or software developer, or an authorized distributor or reseller for the IT products.

(End of provision) 52.239-YY Authentic Information Technology Products.

As prescribed in 39.107(b)(2), insert the following clause:

AUTHENTIC INFORMATION TECHNOLOGY PRODUCTS (DATE)

(a) Definition. Counterfeit information technology product means any item of information technology (IT), including hardware and software, that is an unauthorized copy, replica, or substitute.

(b) The Contractor shall sell to the Government only IT products that are authentic and not counterfeit. In the event that such IT products are determined to be counterfeit, there is no limitation to the Contractor's liability.

(End of clause)

FR Doc. E8-27275 Filed 11-17-08; 8:45 am

BILLING CODE 6820-EP-S