The Department of Defense (DoD) finalized a rule last week prohibiting DoD from buying any equipment, system or service that uses certain Chinese or Russian telecommunications equipment or services in connection with DoD's nuclear deterrence and homeland defense missions. According to DoD, the final rule is "structured to align" with the broader, governmentwide implementation of Section 889(a)(1)(A) (Section 889 Part A) of the FY2019 National Defense Authorization Act (NDAA) in the Federal Acquisition Regulation (FAR). Below we discuss the few changes adopted by DoD in the final rule, how the DoD rule "aligns" with Section 889 Part A, and a few key takeaways for government contractors that may be impacted by the regulations.  

Background

DoD's final rule updates a December 2019 interim rule (previously discussed here) and implements Section 1656 of the FY2018 NDAA, which prohibits DoD from buying any equipment, system, or service in support of "covered missions" that uses "covered defense telecommunications equipment or services" as a "substantial or essential component" of any system or as a "critical technology" as a part of any system. The key terms are defined as follows:

• "Covered missions" means DoD's nuclear deterrence mission, including programs relating to nuclear command, control, and communications; integrated tactical warning and attack assessment; and continuity in government. The definition also includes DoD's homeland security mission, including ballistic missile defense.  
• "Covered defense telecommunications equipment or services" means telecommunications equipment and services produced by Huawei Technologies or ZTE Corporation (and their subsidiaries and affiliates) or any entity that the Secretary of Defense reasonably believes is owned, controlled, or related to a covered foreign country."  
• "Covered foreign country" means the People's Republic of China or the Russian Federation.  
• "Substantial or essential component" means any component that is necessary for the proper function or performance of a piece of equipment, system, or service.
• "Critical technology" includes: (1) defense articles and services included on the United States Munitions List under the International Traffic in Arms Regulations (ITAR); (2) certain items included on the Commerce Control List (CCL) under the Export Administration Regulations (EAR); (3) certain specially designed nuclear equipment, parts and components, materials, software, and technology; (4) certain nuclear facilities, equipment, and material; (5) certain select agents and toxins; and (6) emerging and foundational technologies controlled pursuant to Section 1758 of the 2018 EAR.  

Changes Between the Interim and Final Rules

In response to public comments, DoD made two changes to the interim rule. These changes amend Defense Federal Acquisition Regulation Supplement (DFARS) clause 252.204-7018, Prohibition on the Acquisition of Covered Defense Telecommunications Equipment of Services, to: 

1. Extend the deadline from one day to three days for contractors to report the discovery of covered defense telecommunications equipment or services. 
2. Extend the deadline from 10 days to 30 days for contractors to identify mitigation actions after reporting the discovery of covered defense telecommunications or services.  

Though these extended timeframes provide contractors with some much-welcomed relief, DoD was less helpful in other respects. For example, commenters to the interim rule noted the lack of clear definitions or examples for many of the key terms used in the rule, a problem that also extends to the broader prohibitions under Section 889 of the FY2019 NDAA. DoD sidestepped the issue, however, noting that the underlying statute does not itself provide such definitions or examples.  Respondents also asked DoD to make publicly available a list of the "subsidiaries and affiliates" covered by the final rule. Again, DoD declined on the basis that the statute did not require the Department to produce such a list. 

How the New DoD Rule Aligns with the Governmentwide FAR Restrictions Implementing Section 889 Part A

One of DoD's stated goals was to ensure that the new final rule "aligns" with governmentwide FAR provisions implementing Section 889 Part A. Though DoD's new rule largely accomplishes that goal, it is important to keep in mind the ways in which the new rule differs from the FAR's Section 889 Part A regulations. For example:

• The scope of the final DoD rule is limited to DoD's "covered" nuclear deterrence and homeland defense missions, in contrast to the Section 889 Part A FAR regulations which apply governmentwide. 
• The scope of the DoD rule is also narrower in that it applies to "covered defense telecommunications equipment or services," but does not include video surveillance equipment or services, while the governmentwide FAR restrictions apply to "covered telecommunications equipment or services," including those for video surveillance. 
• The DoD rule includes both China and Russia within the definition of "covered foreign country." The FAR restrictions, however, apply solely to telecommunications equipment and services produced by certain Chinese companies and their subsidiaries or affiliates. 
• Finally, while Section 889 Part A is implemented through the FAR clauses at 52.204-24, 52.204-25 and 52.204-26, the DoD rule appears in: 
  1. DFARS 252.204-7016 (Covered Defense Telecommunications Equipment or Services-Representation),
  2. DFARS 252.204-7017 (Prohibition on the Acquisition of Covered Defense Telecommunications Equipment of Services-Representation), and 
  3. DFARS 252.204-7018 (Prohibition on the Acquisition of Covered Defense Telecommunications Equipment or Services). 

These DFARS provisions are mandatory in every DoD solicitation and contract, including those below the simplified acquisition threshold and those acquiring commercial items. Finally, it is worth noting that the FAR Council has yet to finalize the rule implementing Section 889 Part A. Industry also is awaiting the even broader final rule on Section 889(a)(1)(B), which prohibits the government from contracting with any company that uses equipment, systems or services that use covered telecommunications equipment or services as a substantial or essential component or critical technology of any system.  

Key Takeaways

Though targeted narrowly at procurements arising from DoD's nuclear deterrence and homeland security missions, the Department's final rule is yet another reminder that the U.S. government is moving aggressively to eliminate from the federal supply chain certain telecommunications equipment and services that pose a national security risk. This overarching policy has garnered bipartisan support in the last several NDAAs and, with the looming final implementation of Section 889 Parts A and B in the FAR, contractors can safely bet that the regulatory trends in this space are likely to continue in 2021 and beyond.  

At the same time, the Pentagon is taking steps to bolster the cybersecurity of the federal supply chain through the adoption of the Cybersecurity Maturity Model Certification (CMMC) framework, and it may soon initiate additional regulatory actions aimed at limiting the sale of other Chinese-made supplies (e.g., drones pursuant to Section 848 of the FY2020 NDAA). Recognizing that the challenges confronting DoD are multifaceted—and yet related in many ways—defense contractors should consider structuring their compliance programs to holistically address regulations that impose overlapping demands and limitations on their supply chains. An approach that focuses on any particular regulation in isolation is unlikely to produce consistent results and is bound to require modification in the future. Instead, contractors are better served by a global strategy that accounts for both the commonalities and nuances of each regulatory requirement.  Whichever approach a company chooses, one thing is clear—the time has passed for wondering whether the U.S. government's emerging supply chain regulations will stick. Federal contractors must act now to ensure the integrity of their supply chains. Otherwise, they risk being left behind by both their competitors and customers.  

For more information, please contact:

Alex L. Sarria, asarria@milchev.com, 202-626-5822

Jason N. Workmaster, jworkmaster@milchev.com, 202-626-5893

Elizabeth J. Cappiello*

Connor Farrell, a Miller & Chevalier law clerk, contributed to this client alert.

*Former Miller & Chevalier attorney

The information contained in this communication is not intended as legal advice or as an opinion on specific facts. This information is not intended to create, and receipt of it does not constitute, a lawyer-client relationship. For more information, please contact one of the senders or your existing Miller & Chevalier lawyer contact. The invitation to contact the firm and its lawyers is not to be construed as a solicitation for legal work. Any new lawyer-client relationship will be confirmed in writing.

This, and related communications, are protected by copyright laws and treaties. You may make a single copy for personal use. You may make copies for others, but not for commercial purposes. If you give a copy to anyone else, it must be in its original, unmodified form, and must include all attributions of authorship, copyright notices, and republication notices. Except as described above, it is unlawful to copy, republish, redistribute, and/or alter this presentation without prior written consent of the copyright holder.