NDAAs, Covered Entities and Government Contractor Prohibitions

The NDAA FY18 Section 1634 prohibits the use of products and services developed or provided by Kaspersky Lab. The Federal Acquisition Regulation (FAR) now prohibits government contracting for hardware, software, and services developed or provided by Kaspersky Lab and Other Covered Entities.

Additional information can be found in the resources below:

• FAR Clause 52.204-2388 FR 69503 (Eff. Date 12/04/2023) - Federal Acquisition Regulation: Implementation of Federal Acquisition Supply Chain Security Act (FASCSA) Orders
• Kaspersky Prohibition. Section 1634 of Division A of the National Defense Authorization Act for Fiscal Year 2018 (Pub. L. 115-91)
• FCC Supply Chain Covered List

The federal government has imposed restrictions on the use of ByteDance (TikTok & Lark) Social Networking Services under the FAR. Under this Act, Caltech personnel, including all faculty, postdocs, employees, and graduate students, are prohibited from downloading or using TikTok or Lark on any information technology – including laptops, cell phones, software, and firmware – used in the performance of a federal government contract. Please review this campus memo for additional guidance: "Recently Imposed Restrictions on Use of ByteDance (TikTok & Lark) Social Networking Services" issued on August 15, 2023.

Additional information can also be found here:

• FAR Clause 52.204-27 Prohibition on a ByteDance Covered Application.
• 88 FR 36430 (Eff. Date 06/02/23) Federal Acquisition Regulation: Prohibition on a ByteDance Covered Application.
• Consolidated Appropriations Act, 2023, DIVISION R—NO TIKTOK ON GOVERNMENT DEVICES, SEC. 102. PROHIBITION ON THE USE OF TIKTOK. (Pub. L 117-328).

Any Caltech employee with information related to an actual or potential violation of Section 889 by Caltech, a Caltech employee, or a subrecipient or subcontractor at any tier must report any concerns to Caltech ASIC hotline or the Senior Director for Research Administration or the Office of General Counsel. Caltech will not tolerate retaliation against anyone who raises a concern honestly and in good faith.

"Covered telecommunications equipment or service"—includes those telecommunications and video surveillance equipment or services produced by:

• Huawei Technologies Company, ZTE Corporation, Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, Dahua Technology Company, and any subsidiaries or affiliates;
• Any other entities that the Secretary of Defense designates as being owned or controlled by China; and
• Any entities marked as excluded on www.sam.gov.

"Equipment"—refers to "tangible personal property (including information technology systems) having a useful life of more than one year and a per-unit acquisition cost which equals or exceeds the lesser of the capitalization level established by the non-Federal entity for financial statement purposes, or $5,000."^[1]

"Substantial or essential component"—means "any component necessary for the proper function or performance of a piece of equipment, system, or service."

"Subrecipient"—refers to a usually non-Federal entity "that receives a subaward from a pass-through entity to carry out part of a Federal award; but does not include an individual that is a beneficiary of such award. A subrecipient may also be a recipient of other Federal awards directly from a Federal awarding agency."^[2]

"Subsidiaries or affiliates"—Caltech has compiled a list of entities that produce or manufacture covered telecommunications and/or video surveillance equipment and services, which is found here. Caltech employees must also use the SAM search function to verify an entity's status before contracting with the entity.

[1] 2 C.F.R. §200.1 (2020).

[2] Id.

For specific questions or contact information, please refer to the following contact list:

Contacts:

Procurement Services questions: https://procurement.caltech.edu/

Procurement resources: https://procurement.caltech.edu/documents/20758/purchasing_goods_services_policy.pdf

Caltech Export Compliance Office for export compliance issues or questions about the Consolidated List: exportcompliance@caltech.edu

Research Administration for award-specific questions: david.mayo@caltech.edu

Federal Register Notices

• 84 FR 22961 https://www.bis.doc.gov/index.php/documents/regulations-docs/2394-huawei-and-affiliates-entity-list-rule/file
• 84 FR 43487 https://www.bis.doc.gov/index.php/documents/regulations-docs/federal-register-notices/federal-register-2019/2436-temporary-general-license-rule-on-public-display-and-effective-8-19-19-and-to-publish-in-fr-on-8-21-19/file
• 85 FR 51596 https://www.bis.doc.gov/index.php/documents/regulations-docs/federal-register-notices/federal-register-2020/2593-85-fr-51596/file
• 85 FR 42665 https://www.federalregister.gov/documents/2020/07/14/2020-15293/federal-acquisition-regulation-prohibition-on-contracting-with-entities-using-certain
• 83 FR 28141 https://www.federalregister.gov/documents/2018/06/15/2018-12847/federal-acquisition-regulation-use-of-products-and-services-of-kaspersky-lab

Federal Award Terms

• FAR 52.204-23 https://www.govinfo.gov/content/pkg/FR-2018-06-15/pdf/2018-12847.pdf
• FAR 52.204-24 https://www.acquisition.gov/far/52.204-24
• FAR 52.204-25 https://www.acquisition.gov/far/52.204-25
• FAR 52.204-26 https://www.acquisition.gov/far/52.204-26
• FAR 52.204-27 https://www.acquisition.gov/far/52.204-27
  

Agency-Specific Guidance

• NASA Memo "Preparing NASA Contractors for Section889(a)(1)(B) of National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2019, Prohibition on Contracting with Entities Using Certain Telecommunications and Video Surveillance Services or Equipment / Assessing Section 889 Impacts"
• NASA Brochure "Section 889 – Understanding the Basics of Section 889 and How NASA is responding"
• National Institutes of Health "https://grants.nih.gov/grants/guide/notice-files/NOT-OD-21-041.html"
• FCC https://www.fcc.gov/supplychain/coveredlist