Have a contracting issue which impacts security v. full and open competition.

Scenario: Assume a situation where a contract is being solicited for construction of a public facility: i.e., passenger terminal, transit station, or whatever- a facility with complex environmental systems (ventilation, heating, etc.). Assume this is a non-DOD project, where procedures for “classified” procurements have never been historically used by the procuring activity.

Question: In a post 9/11 environment, how are procuring activities addressing and handling the issue of providing access to sensitive data in a competitive procurement environment to all prospective competing sources with no real means of limiting access without adversely impacting the competition in the face of potential dangers given the data could land in the hand of terrorists? The specific concern are the specifications, drawings, and technical information about an entire system and location of key information on all of the intricacies and details of the system. Certainly, access can be limited subsequent to award through the contract terms with the successful awardee and to some degree in a negotiated procurement environment; but how does one limit access when the data is needed by the prospective sources in order to intelligently compete in a sealed bid environment?

By Anon on Tuesday, December 10, 2002 - 04:06 pm:

Could you use FAR 52.211-4, and when potential offerors show up to examine the specs have them execute a nondisclosure statement?

By formerfed on Tuesday, December 10, 2002 - 04:11 pm:

I noticed a couple procurements in FedBizOps where non-DOD agencies only made RFP materials available to firms with a Secret clearance. I checked witha friend at one agency and he admitted the contract is non-classified but the restriction is for the exact purpose you described.

I'm not certain that is a correct way to approach it or not, but it was the only thing that one agency could think of within the time constraints they had.

By Vern Edwards on Friday, December 13, 2002 - 11:02 am:

The issue is whether the requirement for a security clearance would be unduly restrictive.

There have been a few cases since the enactment of CICA in which a bidder has protested that a requirement that it have a security clearance by the time of award was unduly restrictive of competition. The GAO has denied all such protests.

I did not find any protest about a requirement that a bidder have a clearance in order to get access to documents it would need in order to prepare a proposal.

If an agency set such a requirement based on standard agency security practices, then I doubt that the GAO would sustain any protest in that regard. I also doubt that the GAO would object if such a requirement had a reasonable basis, even if the agency has no standard security practices in that regard.

If the agency does not have an established security program, one problem will be what program to use: DOD's, DOE's, CIA's? If I worked for an agency that did not have its own security program, then I would not impose a clearance requirement until I had all the information I needed in order to decide how to go about it properly.

By AL on Friday, December 13, 2002 - 12:10 pm:

One thing that strikes me about this discussion is, wouldn't the solicitation and plans be available to pretty much anyone who asks for them pursuant to FOIA? If they are not classified, on what grounds could you refuse to provide them to a FOIA requester? I recognize that there is a potential problem with having building plans available to persons with evil intent, but long ago Congress opted for openness (generally) of government records and information in spite of the potential for abuse and security risks involved. Maybe I'm missing something, but I think you could waste a lot of time and energy trying to close this specific window of risk, while there is a wide-open door a few steps away for anyone who wants to walk through it and is savvy enough to ask.

By Anonymous on Friday, December 13, 2002 - 12:25 pm:

AL

A FOIA request does not automatically release everything that is not classified. If the Government can show the documents should not be released, classified or not, then they are not released. If the GAO sustained the protection of the information, I don't see how a FOIA request would override.

By Vern Edwards on Friday, December 13, 2002 - 12:42 pm:

AL:

I agree with Anonymous of 12:25. FOIA does not allow requesters to get anything they want. Check the Department of Justice's on-line FOIA guide and you'll see that it mentions the government's need to protect information related to homeland security after 9/11.

I believe that the GAO will support an agency's decision to require special clearance to gain access to proposal-related information of the kind mentioned by Homer if the agency uses a rational procedure make its decision. I also believe that the agency would be able to withhold such information sought pursuant to a FOIA request.

By AL on Friday, December 13, 2002 - 01:41 pm:

Vern and Anonymous:

I am fairly familiar with FOIA and its exemptions. I realize that not everything that is unclassified is automatically releasable. I am also not surprised that the Justice Department might be taking the position that an agency can refuse to disclose any information the release of which it believes would be a potential security risk. DOJ (and the government generally) historically likes to cite national security as a reason to do all sorts of things, not all of which are proper (or improper). DOJ can say what it wants, but the law is still the law.

I also know that FOIA has a limited number of exemptions, and I am generally familiar with their basics. I do not see how an unclassified solicitation and/or building plans would fit into any of the exemptions. It isn't classified, it isn't personal privacy information, it isn't internal agency rules, it isn't financial institution information, it isn't geologic survey information, it isn't trade secrets/confidential commercial information, it isn't law enforcement information (except maybe in special cases such as plans for prisons, police buildings & such). I may be missing another obscure exemption or two, but those are the major ones, and I just don't see how they fit. Law enforcement would probably be closest, but my recollection is that the law enforcement exemption is fairly narrow, and probably wouldn't fit, at least not for a solictation or building plan that is not part of a law enforcment project.

I also think that GAO may agree with a restriction to limiting bidding to companies with security clearances, but so what? One need not be a bidder to submit a FOIA request for records.

I'm not trying to be unnecessarily argumentative, and I think Homer (and others) has a point. I just think that if agencies are serious about protecting such information, they need to at least consider going through the pain of having it classified, or they may wind up being required to release the information after all.

By Anonymous on Friday, December 13, 2002 - 02:30 pm:

AL,

I hate to open another can of worms but with your comment "... if agencies are serious about protecting such information, they need to at least consider going through the pain of having it classified.....", it needs to be said. It takes a lot to classify information. If the agencies classified everything that requires some level of protection, the Government would not be very competative when it comes to outsourcing.

Let's look at it this way, where an airport communications hub is located may not in of itself be classified, but is it something that should be posted on the Internet in a construction solicitation?

It doesn't make business sense for the Government to make some things that should have a bit of protection classified. If competative outsourcing is going to hold us to the "fire", we should be able to make decisions based on what makes the best "business sense" and have the courts and GAO support.

Sounds like I opened something of a can of worms. But I appreciate the comments.