Bill seeks to protect against counterfeit IT

DOD officials concerned by globalization of IT industry, increased vulnerability to counterfeit IT systems

The Senate Armed Services Committee has proposed giving the Defense Department authority to exclude companies from competing for contracts if the firms threaten IT system development, according to legislation.

The committee’s concern for the supply chain stems from a 2009 DOD report on trusted defense systems. DOD found that the globalization of the IT industry has increased the vulnerability of the department's IT systems. The report found a growing risk that systems and networks critical to DOD could be exploited through counterfeit systems or malicious code and other defects introduced by suppliers.

Under the measure, an agency in DOD would be able exclude a company from competing for a contract, task or delivery order, or even a subcontract, but officials would not be required to disclose who’s on the list, according to the Senate’s National Defense Authorization Act (S. 3454).

Related stories:

DOD builds infrastructure to support cyber forces

Report suggests cyberattacks against DOD are falling

The director of the Defense Intelligence Agency and the assistant secretary of defense for networks and information integration would make the decision “that the exclusion of a particular source is necessary to avoid an unacceptable supply chain risk,” the bill states.

Furthermore, it states that a company “shall not be subject to disclosure.”

“The committee concludes that the secretary should have the authority needed to address this risk,” according to the committee’s report that sheds light on the bill’s provisions.

The current session of the Senate is not likely to act on the bill, but the upper chamber may revisit the legislation after the new Congress begins.

“The new Congress will have to start over, but the delay will not have any significant impact,” said Robert Burton, former deputy administrator in the Office of Federal Procurement Policy and now a partner at the Venable law firm.

Despite the committee’s attempts at protection, the provision has raised concerns in the acquisition community. Experts fear DOD and the government overall could go too far with authority.

“It is stunning," Burton said. "Basically, any contractor can be excluded from a competition because of an ‘unacceptable supply chain risk.' I think the provision is overly broad and could be abused.”

Companies on such a list also could spread to other agencies, even beyond DOD, and lead other agencies to question a company’s reputation, said the American Small Business Association. This could start de facto debarments across the government without due process.

Alan Chvotkin, executive vice president and counsel at the Professional Services Council (PSC), said the government can find better options for keeping a check on supply chain risks.

“Exclusion should be the last approach,” he said.

However, DOD has a legitimate concern for malicious IT systems, he said. Standards are too broad when determining a risky system, which needs to be worked out. The PSC and other industry groups have met with the Senate committee, and Chvotkin said the committee staff members have been engaged in open, substantive discussions.

About the Author

Matthew Weigelt is a freelance journalist who writes about acquisition and procurement.


  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected