Overview

The month of May saw a number of proposed and implemented developments that were equally applicable to nonprofit and for-profit contractors and grant recipients. For example, Congress signaled that many non-Department of Defense agencies likely will see budget cuts during fiscal year 2014. Federal agencies also set forth plans requiring organizations that obtain contracts or grants from the U.S. Government to implement internal IT security programs that meet information security requirements and associated continuous monitoring, risk management, and reporting requirements. Finally, the U.S. Supreme Court came to a far-reaching decision that will require lower courts to now apply a standard of deference when reviewing an agency’s interpretation of, or decision regarding, its own authority.

U.S. House of Representatives Proposes Additional Non-Defense Spending Cuts for 2014 – On May 21, 2013, the House Appropriations Committee proposed a 2014 budget plan that would increase defense spending by 5 percent and would impose severe cuts upon many non-Defense Department agencies, including a 19 percent cut to spending in the Health and Human Services, Labor, Education, and State Departments. In total, the plan would reduce the federal budget by approximately 2 percent from fiscal year 2013. The cuts would have a significant impact on these agencies’ resources, thereby potentially limiting their ability to fund grants and contracts in 2014.

Cybersecurity Regulation – The federal government’s increased focus on cybersecurity threats1 has prompted a new trend in federal contracting – modifications of existing government contracts and grants requiring federal government contractors and grant recipients to comply with the Federal Information Security Management Act (FISMA), the Federal Privacy Act, the National Institute of Standards and Technology (NIST) Risk Management Framework, and the Federal Risk and Authorization Management Program (FedRAMP). For example, while the federal government has included FISMA provisions in information technology contracts for a number of years, federal agencies are now extending these provisions to non-IT contracts where the agencies deem the FISMA provisions applicable. Federal agencies also are flowing down FISMA metrics to contractors and grantees, and imposing additional security requirements on contractors and grantees using cloud-computing solutions.

U.S. Supreme Court Expands Discretion of Federal Agencies – On May 20, 2013, in the City of Arlington, Texas, et al. v. Federal Communications Commission et al., the U.S. Supreme Court ruled that courts should apply the standard of deferential review articulated in Chevron USA Inc. v. Natural Resources Defense Council Inc., 467 U.S. 837 (1984) when reviewing an agency’s interpretation of its own authority. Under Chevron, courts presume that agencies are properly interpreting and applying statutory (legislative) requirements so long as the agency has a reasonable basis for its interpretation. Previously, this deferential standard had not been applied to agencies’ determinations of their own statutory authority. Consequently, challenging an agency’s action (or inaction) may now become more difficult. For a complete copy of the U.S. Supreme Court’s opinion, visit here.