- Section 889 Part B of the FY 2019 NDAA significantly expands the prohibition on federal agencies and contractors procuring or using equipment or services produced by certain designated entities.
- Companies that utilize banned equipment and services in areas of their business unrelated to their federal contracts may be prohibited from contracting with the federal government.
- Companies that are not direct or indirect suppliers to the government may still be asked diligence questions by customers who separately supply the government.
Section 889 of the Fiscal Year 2019 National Defense Authorization Act prohibits federal agencies and contractors doing business with the federal government from procuring or using “covered telecommunications equipment or services” (defined below) that are produced by certain designated entities as a “substantial or essential component of any system, or as critical technology as part of any system.” The prohibition falls into two parts.
The first, Section 889(a)(1)(A), referred to as “Part A,” requires the federal government not to “procure or obtain or extend or renew a contract to procure or obtain any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as a critical technology as part of any system.” Part A became effective on August 13, 2019.
The second part, Section 889(a)(1)(B), or “Part B”, which becomes effective on August 13, 2020, requires the federal government not to “enter into a contract (or extend or renew a contract) with an entity that uses any equipment, system, or services that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.”
Under interim rules implementing Part A published on August 13 and December 13, 2019, contractors are required to represent whether they would provide covered telecommunications equipment or services to the government in the performance of any contract, subcontract or other contractual instrument resulting from a solicitation. A subsequent interim rule provided some temporary relief as contractors struggled to meet these requirements.
Part B goes even further, appearing to prohibit the federal government from contracting with entities that use covered telecommunications equipment or services in the prohibited ways, even if the equipment or services are used in activity unconnected to the federal government contract. Accordingly, it is a significant expansion in scope from Part A and will require substantial diligence and other action by federal contractors.
Discussion of Part B
As stated earlier, Part B will be effective on August 13. Currently, the government has not released a proposed rule for public comment and therefore is expected to issue an interim rule that is effective before public comment.
As noted above, Part B states that no executive agency may “enter into a contract (or extend or renew a contract) with an entity that uses any equipment, system, or service that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system.”
“Covered telecommunications equipment or services” is defined as:
- Telecommunications equipment produced by Huawei Technologies Company or ZTE Corporation (or any subsidiary or affiliate of such entities).
- For the purpose of public safety, security of Government facilities, physical security surveillance of critical infrastructure, and other national security purposes, video surveillance and telecommunications equipment produced by Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, or Dahua Technology Company (or any subsidiary or affiliate of such entities).
- Telecommunications or video surveillance services provided by such entities or using such equipment.
- Telecommunications or video surveillance equipment or services produced or provided by an entity that the Secretary of Defense, in consultation with the Director of the National Intelligence or the Director of the Federal Bureau of Investigation, reasonably believes to be an entity owned or controlled by, or otherwise connected to, the government of the People's Republic of China.
It is clear that Part B is a significantly more restrictive step, but in exactly what direction remains to be seen.
First, it is not clear how broadly the government will interpret the meaning of “uses.” Given the scope of Part A, it is unlikely that “uses” will be confined to use by prime contractors in a service or system that touches the companies’ U.S. government work in some fashion. We anticipate that this provision will act as a sort of boycott and restrict U.S. government agencies from contracting with companies that utilize covered telecommunications equipment or services even in areas unconnected to their government contracting work. To what extent this approach will extend to subcontractors is unclear. If a subcontractor uses restricted equipment to provide a service for a prime contractor wholly unconnected to the prime’s government contracting, the relationship may or may not disqualify the prime contractor. For example, Company A supplies automobiles to the U.S. government. It also contracts with a vendor to provide video surveillance of lots containing vehicles that are located abroad and not sold to the government. The surveillance equipment is provided by Hangzhou Hikvision. Whether this is covered is unclear.
The scope of “critical technology” is also uncertain. Companies may be surprised to learn that many types of “smart” equipment – thermostats, audio speakers, pacemakers and more – could be considered part of a system subject to Part B. Similarly, the scope of “substantial or essential component” of any “system” has not been explained. However, it is very possible that the U.S. government will interpret this broadly.
Another key question is which entities will be covered by a certification. Will a contractor be required only to narrowly certify as to its own Part B compliance? Or will the certification be required to include affiliates, parents and subsidiaries?
These unresolved questions make it difficult for companies to fully prepare for Part B’s August 13 effective date. Nevertheless, there are some practical measures companies may take in the next several weeks.
Recommendations for Contractors and Suppliers
During this period prior to the issuance of a rule for Part B, prime contractors, subcontractors and suppliers should strive to understand the law’s general requirements and prepare for its further implementation. Although certain issues regarding scope and application of its requirements remain unaddressed, taking action now to prepare for full implementation will allow contractors and suppliers to respond quickly and efficiently to the expected Part B rule.
First, contractors should undertake sufficient diligence to identify covered telecommunications equipment and services used in their own operations and business even if they are not used to perform a government contract. Specifically, contractors should look at technology manufactured by one of the companies (or its affiliates or subsidiaries) identified in Section 889. As part of that diligence effort, contractors should look broadly at what constitutes “technology,” and not limit a review to certain classes of products. Similarly, contractors should consider whether any of their subcontractors or suppliers use the covered telecommunications equipment or services to provide them with items or services, even outside of the government procurement pipeline. This may or may not be included in the rule’s scope, but if it is, identifying and mitigating this will require a significant diligence effort.
Completing such an analysis ahead of publication of the rule implementing Part B will provide contractors and suppliers with a strong basis from which to address issues arising from implementation of Section 889.
Second, contractors and suppliers should prepare to manage implementation of the section as part of their contractual relationships. Prime contractors should prepare for any certification obligations that flow from Section 889 by completing the diligence effort described above, including preparing to obtain representations from their subcontractors and suppliers. Subcontractors and suppliers likely will face similar certification requirements that are flowed down from prime contractors. Apart from preparing to respond to any certification imposed as part of a contract, subcontract or purchase order, parties should consider consulting with counsel either to develop appropriate contract flow-down language addressing Section 889’s obligations (for prime contractors and subcontractors) or to determine an appropriate response to any flow-down requirement (for subcontractors and suppliers).
Apart from essential steps to prepare for the implementation of Section 889, companies should understand the risks associated with performance of contracts in light of its requirements. Given the breadth of its definition of “covered telecommunications equipment or services” as well as terms such as “uses” in the language of the section, companies that provide covered products and services to the government must ensure that they understand the requirements of the section and have adequately assessed its impact on their offerings to eliminate the risk of any false certification. Companies that fail to perform such an assessment risk exposure under the False Claims Act, both from direct government investigation and prosecution and from whistleblowers alleging that a company has violated terms of the section. Utilizing the period prior to publication of the Part B rule to review products or services affected by Section 889 and to prepare for its full implementation may provide significant protection against exposure arising from potential false claims.