AGENCY:

Defense Acquisition Regulations System, Department of Defense (DoD).

ACTION:

Advance notice of proposed rulemaking.

SUMMARY:

DoD is seeking information that will assist in the development of a revision to the Defense Federal Acquisition Regulation Supplement (DFARS) to implement the data rights portions of the Small Business Innovation Research Program and Small Business Technology Transfer Program Policy Directives.

DATES:

Interested parties should submit written comments to the address shown below on or before October 30, 2020, to be considered in the formation of any proposed rule.

ADDRESSES:

Submit written comments identified by DFARS Case 2019-D043, using any of the following methods:

○ Federal eRulemaking Portal: http://www.regulations.gov. Search for “DFARS Case 2019-D043.” Select “Comment Now” and follow the instructions provided to submit a comment. Please include “DFARS Case 2019-D043” on any attached documents.

○ Email: osd.dfars@mail.mil. Include DFARS Case 2019-D043 in the subject line of the message.

○ Fax: 571-372-6094.

○ Mail: Defense Acquisition Regulations System, Attn: Ms. Jennifer D. Johnson, OUSD(A-S)DPC/DARS, Room 3B941, 3060 Defense Pentagon, Washington, DC 20301-3060.

Comments received generally will be posted without change to http://www.regulations.gov, including any personal information provided. To confirm receipt of your comment(s), please check www.regulations.gov, approximately two to three days after submission to verify posting (except allow 30 days for posting of comments submitted by mail).

FOR FURTHER INFORMATION CONTACT:

Ms. Jennifer D. Johnson, telephone 571-372-6100.

SUPPLEMENTARY INFORMATION:

I. Background

DoD is seeking information from experts and interested parties in Government and the private sector to assist in the development of a revision to the DFARS to implement the intellectual property (e.g., data rights) portions of the revised Small Business Innovation Research (SBIR) Program and Small Business Technology Transfer (STTR) Program Policy Directives. The Small Business Administration (SBA) issued a notice of proposed amendments to the SBIR Program and STTR Program policy directives, which included combining the two directives in a single document, on April 7, 2016, at 81 FR 20483. The final combined SBIR/STTR Policy Directive was published on April 2, 2019, at 84 FR 12794, and became effective on May 2, 2019.

The final Policy Directive includes several revisions affecting the data rights coverage, which require corresponding revisions to the DFARS. For example, the new Policy Directive:

• Establishes a single, non-extendable, 20-year SBIR/STTR data protection period, rather than a 4-year period that can be extended indefinitely;
• Grants the Government licensed use for Government purposes after the expiration of the SBIR/STTR data protection period, rather than unlimited rights;
• Establishes or revises several important definitions to harmonize the terminology used in the Policy Directive and the Federal Acquisition Regulations (FAR) and DFARS implementations, while allowing for agency-specific requirements (e.g., agency-specific statutes).

In drafting these revisions, DoD also considered the recommendations of the Government-Industry Advisory Panel on Technical Data Rights (Section 813 Panel) established by section 813 of the National Defense Authorization Act for FY 2016. The Section 813 Panel addressed SBIR data rights issues in its final report at Paper 21, “Small Business Innovation Research (SBIR) (Flow-down to Suppliers; Inability to Share with Primes; Evaluation).”

DoD also hosted a public meeting on December 20, 2019, to obtain the views of interested parties in accordance with the notice published in the Federal Register on November 25, 2019, at 84 FR 64878.

II. Discussion and Analysis

An initial draft of the proposed revisions to the DFARS to implement the SBA's SBIR/STTR Policy Directive is available in the Federal eRulemaking Portal at http://www.regulations.gov, by searching for “DFARS Case 2019-D043”, selecting “Open Docket Folder” for RIN 0750-AK84, and viewing the “Supporting Documents”. The strawman is also available at https://www.acq.osd.mil/​dpap/​dars/​change_​notices.html under the publication notice for DFARS Case 2019-D043. The following is a summary of DoD's proposed approach and the feedback DoD is seeking from industry and the public.

The SBIR and STTR programs are governed by 15 U.S.C. 638, which includes specialized coverage regarding intellectual property developed under those programs. More specifically, the law requires that the SBIR and STTR program policy directives allow a small business concern to “[retain] the rights to data generated by the concern in the performance of an SBIR [or STTR] award for a period of not less than 4 years” (see 15 U.S.C. 638, paragraphs (j)(1)(B)(v), (j)(2)(A), and (p)(2)(B)(v)). This retention of rights applies even in cases when the development work is being paid for entirely at Government expense to meet the needs of the SBIR/STTR contract.

In contrast, the DoD statutory and regulatory approach to allocating data rights in non-SBIR/STTR contracts is based primarily on the source of development funding for the technology (i.e., development of the item or process to which the technical data pertains; or development of the computer software). When the technology is developed entirely at Government expense, the Government is granted an “unlimited rights” license; for development exclusively at private expense, the Government is granted “limited rights” in technical data, and “restricted rights” in computer software; and for development with a mix of private and Governments funds, the Government receives “Government purpose rights.” However, for certain types of data that generally do not contain detailed proprietary information that require greater protection, the Government receives unlimited rights regardless of the development funding (e.g., form, fit, or function data; data necessary for operation, maintenance, installation, or training (OMIT data); and computer software documentation).

Accordingly, the implementation of the SBIR/STTR approach to allowing the small business to retain rights in SBIR/STTR data must generally function as an exception to the otherwise applicable DFARS approach based on development funding (see, e.g., 10 U.S.C. 2320(a)(2)(A)). In general, this means that the small business SBIR/STTR contractor retains greater rights (during the SBIR/STTR data protection period) than it otherwise would retain for technology developed even entirely at Government expense under the contract. The specific nature and scope of the retention of rights (e.g., what license is granted to the Government), the duration of the SBIR/STTR data protection period, and the Government's license rights after the expiration of the protection period have evolved over time, including important revisions in the final SBIR/STTR policy directive.

A. SBIR/STTR Data Protection Period

The new Policy Directive revises the SBIR/STTR protection period to start at the award of a SBIR or STTR contract and end 20 years thereafter. This period cannot be extended. Previously, the policy directives specified that the protection period for each SBIR or STTR contract was 4 years. However, if any SBIR/STTR data generated under such a contract was also referenced and protected under a subsequent SBIR/STTR contract awarded prior to the expiration of the protection period from the earlier contract, then the protection period for that data was extended for an additional 4 years. There was no limit to the number of times the protection period could be extended under these circumstances, but in each case the extension only covered the portion of the data that was referenced and protected in the subsequent award. This process, whereby a SBIR or STTR award could extend the protection period for data originally generated under a prior SBIR or STTR contract, is commonly referred to as “daisy-chaining” the individual protection periods.

The current DFARS implementation for the SBIR program provides a 5-year protection period for SBIR data, with the protection starting at contract award and ending 5 years “after the completion of the project.” To implement the daisy-chaining idea allowing for extension of the protection period, the term “end of the project” is interpreted to mean the end of the last contract in which the relevant SBIR data is referenced and protected.

The draft revisions to the DFARS implement the new protection period in a manner analogous to that used in the new Policy Directive by defining a new term, “SBIR/STTR data protection period,” (see 252.227-7018(a)(22)). The new definition performs two primary functions. It describes the nature of the protection (i.e., the protection against unauthorized use and disclosure as more specifically set forth in the defined term “SBIR/STTR data rights”). In addition, the new definition identifies when those protections start and stop (i.e., starting at contract award and ending 20 years after that). In anticipation of potential confusion regarding whether this new 20-year period can be extended, the draft DFARS revisions also add clarifying statements that “[t]his protection period is not extended by any subsequent SBIR/STTR contracts under which any portion of that SBIR/STTR data are used or delivered,” and “[t]he SBIR/STTR data protection period of any such subsequent SBIR/STTR contract applies only to the SBIR/STTR data that are developed or generated under that subsequent contract.”

B. U.S. Government Rights at Expiration of SBIR/STTR Data Protection Period

The new Policy Directive provides that after the end of the SBIR/STTR data protection period, the Government receives a license authorizing use and disclose of the SBIR/STTR data for U.S. Government purposes, but not for commercial purposes. Previously, the Government received unlimited rights upon expiration of the protection period. The draft DFARS amendments implement this change by granting the Government the existing defined license of “Government purpose rights” at the end of the SBIR/STTR data protection period (see draft revisions at 252.227-7018(a)(16), (c)(2)(i)(B), and (c)(2)(ii)(B)). Additional revisions cover the situation in which the Government received Government purpose rights in non-SBIR/STTR data that was developed with mixed funding (see draft revisions at 252.227-7018(c)(2)(i)(A) and (c)(2)(ii)(A)).

C. Definitions

The new Policy Directive added or revised definitions for several data rights terms, including the following: computer database, computer programs, computer software, computer software documentation, data, form fit and function data, operations maintenance installation or training (OMIT) data, prototype, SBIR/STTR computer software rights, SBIR/STTR data, SBIR/STTR data rights, SBIR/STTR protection period, SBIR/STTR technical data rights, technical data, and unlimited rights. In doing so, the SBA sought to harmonize the definitions used in the Policy Directive and the FAR and DFARS, while allowing the implementation in the FAR and DFARS to be tailored as necessary to incorporate agency-specific requirements (e.g., required by agency-specific statutes). For example, the FAR and DFARS both use the defined terms “limited rights” and “restricted rights” to describe the Government's license in technical data and computer software, respectively, related to technology developed exclusively at private expense. However, due in part to DoD-unique requirements contained in the DoD technical data statutes at 10 U.S.C. 2320 and 2321, the DFARS defines these terms differently than the FAR. To recognize such differences, the Policy Directive does not use or define those terms, instead creating new terms that attempt to capture the features that are common to both the FAR and DFARS definitions, but allowing for agency-specific tailoring in appropriate circumstances.

For example, the SBA's new defined term “SBIR/STTR Technical Data Rights” includes the authority for the Government to make a use or release of the data that is “[n]ecessary to support certain narrowly-tailored essential Government activities for which law or regulation permits access of a non-Government entity to a contractor's data developed exclusively at private expense, non-SBIR/STTR Data, such as for emergency repair and overhaul.” (Policy Directive Section 3, definition (ii), paragraph (2)(i); see also the definition of “SBIR/STTR Computer Software Rights” at paragraph (ee)(2)(ii)(B)). This approach allows the DFARS implementation to continue to rely on its existing definitions of limited rights and restricted rights, including in the definition of “SBIR/STTR data rights” at draft 252.227-7018(a)(23).

D. Omission of Required Restrictive Markings

The SBIR/STTR Policy Directive reinforces the absolute requirement to place restrictive markings on SBIR/STTR data delivered with SBIR/STTR data rights. When data is delivered without the required restrictive markings, it is presumed to have been delivered with unlimited rights. However, the Government has, for decades, provided a procedure for correction of inadvertently unmarked data, at 227.7103-10(c) and 227.7203-10(c). The draft revisions include these procedures in new paragraph (g)(2) in the clause at 252.227-7018.

E. Applicability and Flowdown of SBIR/STTR Clauses

A key issue that is discussed in the Section 813 Panel's SBIR Paper, and reinforced in the new Policy Directive, is the need to clarify the applicability of the SBIR/STTR rules to all phases of those programs. In particular, there is concern that the appropriate SBIR/STTR clause(s) may not be used consistently when the contracted activity to be covered by the SBIR or STTR rules is only occurring in performance of a lower-tier subcontract. In this case, the activity at the prime contract or higher-tier subcontract levels would not otherwise be treated as a SBIR or STTR project, and those contracts or subcontracts likely would not typically include the required SBIR/STTR clause(s) for flowdown purposes.

To clarify and address the applicability and flowdown of the necessary SBIR/STTR clauses, the draft revisions include changes to—

(i) Relocate and clarify the prescription for the relevant SBIR/STTR clauses at new 227.7104-2;

(ii) Clarify the applicability and flowdown of the data rights clauses at draft revised 252.227-7013(l), 252.227-7014(l), 252.227-7015(f), and 252.227-7018(l); and

(iii) Add a new paragraph (b), “Applicability,” to each of the primary data rights clauses to describe the scope of coverage of each clause at 252.227-7013(b), 252.227-7014(b), 252.227-7015(b), and 252.227-7018(b).

The overall intended operation of these draft revisions is to reinforce that contracts and subcontracts should include all of the appropriate data rights clauses that are necessary to allocate rights in all types of technical data and computer software relevant to the overall scope of work, and that when multiple such clauses are used, each clause governs only the appropriate type of technical data or computer software that is within scope of that clause. This approach, which may be referred to as “apportionment” of the applicable clause(s), is modeled after such an approach already implemented in the DFARS to address the applicability of the clauses at 252.227-7013 and 252.227-7015 to technical data pertaining to commercial items for which the Government has paid for any portion of the development (e.g., 227.7102-4(b) and 227.7103-6(a)).

DoD also considered an alternative approach to addressing the scope and applicability of the SBIR/STTR clauses, and seeks public comment on this alternative. Specifically, the alternative approach would be to revise the scope of the primary SBIR/STTR clause at 252.227-7018 so that it applies ONLY to SBIR/STTR data, and does not include allocations of rights for any non-SBIR/STTR data. This would significantly streamline the clause at 252.227-7018. However, it would also require the incorporation and flowdown of all other clauses that are necessary to govern any non-SBIR/STTR data that may be delivered under the contract or subcontract. This approach would depart from the long-standing DFARS text for implementing the SBIR program rules, in which the primary SBIR clause is designed to cover all forms of data to be delivered, including non-SBIR data (e.g., data not generated under the SBIR contract).

F. STTR-Specific Coverage

As noted, one element of the new Policy Directive is that it now covers the combination of both the SBIR Program and STTR Program. The DFARS coverage at 227.7104 has traditionally referenced only the SBIR program, and does not currently include any STTR-specific coverage. The draft revisions expand this coverage to address both programs by: (1) Adding references to STTR for coverage that applies both to SBIR and STTR (e.g., revising “SBIR” to “SBIR/STTR”); and (2) adding new coverage for STTR-unique requirements. For example, the STTR Program requires additional activities, both preaward and postaward, for STTR contractors to submit information to confirm that the allocation of intellectual property rights between the STTR offeror/contractor and its partnering research institution do not conflict with the STTR solicitation or contract. New STTR-only definitions, regulatory, and provision/clause coverage is provided in the draft revisions at 227.7104-1(c); 227.7104-2(e); new provision at 252.227-70XX; and new clause at 252.227-70YY.

G. Prototypes

The new Policy Directive provides for special considerations regarding the handling (e.g., disclosure, reverse engineering) of prototypes generated under SBIR and STTR awards, to avoid effects that may appear to be inconsistent with the SBIR and STTR program objectives. The draft DFARS revisions recognize and reference this guidance in new 227.7104-1(e).

H. Additional Administrative or Technical Revisions

In the course of making the foregoing revisions, additional edits are made to address administrative issues (e.g., citations and cross-references) and make technical corrections, including the following:

(1) Organization. The overall coverage for the SBIR/STTR programs in 227.7104 was reorganized into two subjections: 227.7104-1 for rights in SBIR or STTR data; and 227.7104-2 for the prescriptions for provisions and clauses.

(2) Unlimited rights categories. The list of data types for which the Government receives unlimited rights in the SBIR/STTR clause at 252.227-7014 was corrected to harmonize with the description of those categories throughout the DFARS (see revisions at 252.227-7018(c)(1)(v)-(vii); compare 252.227-7013(c)(1)(vii)-(ix), 252.227-7014(c)(1)(ii)).

(3) Markings. The restrictive markings for SBIR/STTR data rights and Government purpose rights were revised to reflect the substantive changes.

I. Prohibition on Preaward Negotiation

Another specialized policy exception for the SBIR/STTR programs is that negotiation of specialized license agreements is prohibited as a condition of award, and thus is generally permitted only after award (see Policy Directive section 8(b)(6)). The implementation of this limitation was included in the draft revisions published for public comment as an advance notice of proposed rulemaking for DFARS case 2018-D071, Negotiation of Price for Technical Data and Preference for Specially Negotiated Licenses (84 FR 60988).

J. Comments Sought Regarding any Increase or Decrease in Burden and Costs

In addition to seeking public comment on the substance of the draft DFARS revisions, DoD is also seeking information regarding any corresponding change in the burden, including associated costs or savings, resulting from contractors and subcontractors complying with the draft revised DFARS implementation. More specifically, DoD is seeking information regarding any anticipated increase or decrease in such burden and costs relative to the burden and costs associated with complying with the current DFARS implementing language.

List of Subjects in 48 CFR Parts 227 and 252

• Government procurement