When the terms of a solicitation run contrary to the regulations, challenging the solicitation in a pre-award protest may provide contractors the chance to shift the tide in their favor before bids are submitted and an award is made. In January 2020, the Government Accountability Office (GAO) sustained a pre-award bid protest brought by Noble Supply & Logistics, Inc. that challenged the terms of a General Services Administration (GSA) solicitation. Noble Supply & Logistics, Inc., B-418141, 2020 WL 289546 (Jan. 16, 2020). Noble Supply argued the RFQ’s price evaluation methodology, as written, failed to provide for an evaluation of which offeror presented the best value and the lowest overall cost alternative, in violation of FAR part 8.
On December 2, 2019, the Office of the U.S. Trade Representative (USTR) issued a Section 301 Investigation Report on France’s Digital Services Tax (DST), concluding that France’s DST discriminates against U.S. companies, is inconsistent with prevailing principles of tax policy, and is unusually burdensome for affected U.S. companies. In response, the USTR proposed up to 100 percent tariff on French products. Members of our International Trade Team explain these developments in our recent client alert.
On September 9, 2019, the Ninth Circuit Court of Appeals rejected LinkedIn’s privacy argument in hiQ Labs, Inc. v. LinkedIn Corp., declaring that selectively banning potential competitors from accessing and using public data “may well be considered unfair competition under California law.” The Ninth Circuit also cautioned Big Tech companies against anticompetitive practices when it comes to user data. Our Antitrust and IP, Tech & Data teams describe the implications in our recent alert.
Cybersecurity attacks targeting government information have drastically increased, and both the federal government and private industry have struggled to implement effective means of protecting this information. Federal agencies continue to strive for a unified approach to protect critical data; however, the various regulations leave contractors without a clear set of requirements that are applicable to all government contracts. Contractors can easily get lost in the alphabet soup of cybersecurity requirements, whether they be in the Federal Acquisition Regulation (FAR), Defense Federal Acquisition Regulation Supplement (DFARS), National Institute of Standards and Technology (NIST) publications, or the upcoming Cybersecurity Maturity Model Certification (CMMC). To aid some of that confusion, in this post we address: (a) the current cybersecurity regulations applicable to defense contractors, (b) the tentative cybersecurity certification program proposed by the Department of Defense (DoD) and new regulations imposed by the Department of Navy (DoN), and (c) what contractors can do now to ensure compliance with the ever-changing regulatory framework. Notwithstanding the implementation of these regulatory requirements, cybersecurity attacks and breaches continue to be a reality. Consequently, the search for ways to increase cybersecurity measures continues to be a priority.
In late July 2019, the Securities Commission Malaysia announced that it will be implementing an anti-corruption action plan (the Action Plan). The Action Plan will seek to improve the standards of corporate governance in Malaysia “to prevent corruption, misconduct, and fraud.”
Read our full client alert here.
On May 28 2019, the French data protection authority Commission nationale de l’informatique et des libertés (CNIL) imposed a €400,000 fine on French property management company Sergic for neglecting to maintain the security of and to limit the storage of personal data. This is the first sanction imposed on a French company under the General Data Protection Regulation (GDPR) and is also the most significant financial penalty imposed on a French company for data breaches to date, representing close to 1 percent of the yearly turnover of the fined company.
To learn more, please visit technologylawdispatch.com.
Following a recent data breach, Optical Center has been fined 250,000 euros by The Commission nationale de l’informatique et des libertés (CNIL). The website breach allowed public access to invoices, purchase orders, and personal data of customers. On appeal, the French Highest administrative Court (Council of State) lowered the penalty to 200,000 euros. The reduction of the fine, although slight, proves that the opportunity to file an appeal may be a strategic option for companies operating in France.
To read more on this recent update, please visit technologylawdispatch.com.
This year marks four years since significant statutory reforms regenerated the UK’s collective actions arena. Following a rocky start to this new regime, it appears that 2019 may finally bring some clarity to potential claimants navigating the first hurdle of competition class actions: the Collective Proceedings Order (‘CPO’) application. This is the first stage in the process whereby the Competition Appeals Tribunal (‘CAT’) considers whether to authorise the proposed class representative to bring the claim on behalf of the class. Read our team’s alert on how these recent key collective actions are shaping the UK’s new regime.
On March 8, 2019, the United States Department of Justice (the DOJ) announced a key revision to its Foreign Corrupt Practices Act (FCPA) Corporate Enforcement Policy (the Policy) regarding employees’ use of ephemeral messaging platforms. The original Policy required companies to prohibit employees’ use of such messaging platforms in order to receive full cooperation credit and demonstrate adequate remediation. The revised Policy permits such communications, so long as proper guidance and controls are put in place to ensure the appropriate retention of business records. This reflects the DOJ’s recognition that its prior position did not comport with modern business realities. Our team describes the updated Policy and what companies now need to mindful of in our recent alert.
Last week, the U.S. Supreme Court decided Lorenzo v. SEC, determining that a person who knowingly disseminates a misstatement about a security can be primarily liable under the antifraud provisions of the federal securities laws. This significant holding opens the door for the SEC and private plaintiffs to charge misstatement cases as scheme cases, and target all parties involved in disseminating the misstatement to the investing public. Our team explains what you need to know in our recent alert.