Protecting consumers online: FTC and CFPB team up with State AGs

Man using mobile online banking and payment, Digital marketing. Finance and banking networking. Online shopping and icon customer network connection, cyber security. Business technology.

The recent National Association of Attorneys General Presidential Summit marked a clear partnership between state AGs, the Federal Trade Commission (FTC) and the Consumer Financial Protection Bureau (CFPB) to accomplish Iowa AG Tom Miller’s “fight back” presidential initiative: Consumer Protection 2.0: Tech Threats and Tools. Given this, we expect to see enhanced coordination and enforcement between these regulators. Find out more in our latest Technology Law Dispatch Blog.

Mental Health Parity is Garnering Attention From State AGs – Is A Multistate Enforcement Effort On the Horizon?

Congress passed the Mental Health Parity and Addiction Equity Act (MHPAEA), which amended the Mental Health Parity Act of 2016 to fill in loopholes impacting the coverage of mental health care, in 2008. Several states have since passed similar legislation on the state level. The possibility of subsequent legislation to further update provisions in this area has been looming on the horizon. These types of changes may have an impact on commercial payors, especially in light of a report by the U.S. Department of Labor (DOL), which concluded that all payors audited in 2021 were not complying with MHPAEA.

This audit by DOL comes in the wake of an increasing history of enforcement actions by state insurance departments and a series of actions by the New York Attorney General. As a result, numerous state attorneys general (AGs) have shown an interest in this issue and may later choose to exercise their enforcement powers under MHPAEA, their own states’ parity laws, or under unfair and deceptive acts and practices (UDAP) laws, which are on the books in most states – or under all three.

The possibility of individual or multistate efforts in this area was recently discussed during a program sponsored by the National Association of Attorneys General (NAAG). This program, which was entitled “State and Federal Behavioral Health Coverage Parity Enforcement and the Role of Attorney General Offices,” was held on July 14, 2022. It was facilitated by NAAG’s National Attorneys General Training and Research Institute division via funding from the prior settlement of a multi-state litigation and legislative activity. The program speakers were from the American Psychiatric Association, the Colorado Coalition for the Homeless, and the Massachusetts AG’s office.

The American Psychiatric Association set forth the history of behavioral health parity over the years and the current regulatory and compliance environment, including the DOL report and a related study by the Department of Health and Human Services, which concludes that non-compliance with MHPAEA remains an issue. 

The Colorado speakers conveyed first-hand their experiences with the current system, including prior authorization requirements for urgent treatments that they contend are a barrier to treatment for those suffering from opioid and fentanyl addiction or otherwise from mental health conditions, leading to escalating rates of suicide arising out of the pandemic, all of which are top bi-partisan priorities for AGs.

The Massachusetts AG representative presented the findings of the office’s study on compliance with MHPAEA by payors operating in the Bay State. The representative identified the following areas in which compliance remains a challenge:

·         Accuracy of mental health provider directories;

·         Network adequacy;

·         Provider reimbursement; and

·         “Utilization management” practices (e.g., prior authorizations).

The presenter also emphasized that practices that violate MHPAEA may also violate the consumer protection laws of the Commonwealth under Massachusetts General Law chapter 93A, which provides for civil penalties as well as injunctive relief for violations. The results of the Massachusetts study have also led the office to consider more robust parity legislation in the Commonwealth – which could be replicated in other states ‒ as well as more stringent proposed insurance regulations.

It appeared that this video program was well-attended by representatives from other states. Questions to the panelists indicated a pointed interest in the topic.

A final question to the panel, and most notably to Massachusetts, was: “What is your top piece of advice?” It drew the response: “Dig in and understand.”

Oh the Places They’ll Go (and Come From): Exploring the Roles of State AGs, Where They Come From, Where They Go, and Why It Matters

There is a joke that NAAG, the acronym for the National Association of Attorneys General, also stands for the “National Association of Aspiring Governors.” State attorneys general (“AGs”) have been perceived as politically ambitious and “upwardly” mobile, with the intent of using their position as a launch pad for “higher office.” Time and time again, they have been referred to as the “farm team” for other offices, and the assumption is that they come from positions in state legislatures.

However, these generalizations often are not the case and discount the substantive importance and powerful role of a state AG in the United States, along with the talents and varied backgrounds of the individuals seeking the office. While partisan gridlock in the U.S. Congress and extreme public pressure and scrutiny on governors may hamstring their effectiveness in governing, the state-wide office of AG is imbued with highly potent powers – ranging from legislative and advisory to investigations and litigation – that can escape some of the road blocks encountered in other offices. Indeed, it has been state AGs who have effectively led big policy and legal changes in diverse areas such as in the realm of privacy and data security, opioid addiction and treatment, pharmaceutical sales and marketing, tobacco and vaping promotions, mortgage and student lending, human trafficking and in other key areas of consumer protection across the United States.

As a result, the office of AG has become extremely attractive to those who want to get things done – increasingly drawing individuals who have served in so-called “higher” offices or from other diverse professional backgrounds. Notable office holders drawn to the office of AG include former California Governor Jerry Brown, who served twice as Governor, separated by a term as AG. Another is Ohio Governor Mike DeWine, who previously served as AG, prior to which he served in the U.S. Senate.

At the same time, their track records while serving as AGs bear a close watch as they often are indicative of their priorities and positions after they leave office. Of particular note is the keen interest in privacy and consumer protection by US Senator Richard Blumenthal of Connecticut, who honed this interest during his long service as the AG of Connecticut.

This post explores the roles of state AGs before and after they serve as their state’s “top cop” to give some context to this important role and the individuals who serve in it – and also to encourage those who are or who may be touched by the activities of a state AG to pay attention their actions and interests as they serve in the role.

Justices of the Supreme Court of the United States

Several former state AGs have gone on to serve as a justice of the United States Supreme Court. Most recently, Associate Justice David Souter, who was nominated to the Supreme Court by President George W. Bush, previously served as the 20th AG of New Hampshire. Previously, Associate Justice Nathan Clifford, who is one of the few people to have served in all three branches of the U.S. Federal government, was the AG of Maine before his nomination to the Supreme Court by President James Buchanan. Also, Chief Justice Roger Taney was the AG of Maryland long before he was appointed by President Andrew Jackson.

President of the United States

The resumes of two U.S. Presidents include the role of AG. Most recently, Bill Clinton, the 42nd President, began his political career as the AG of Arkansas. He later went on to serve two terms as the Governor of Arkansas before defeating President George H.W. Bush. Martin Van Buren, the 8th President, served as the AG of New York. He had previously served in local office and then as a member of the New York Senate. Van Buren was elected to serve as AG while he was still serving as a state Senator, and he held both positions simultaneously for several years. After his tenure as AG, Van Buren went on to serve as a U.S. Senator, the Governor of New York, the U.S. Secretary of State, a U.S. Minister to the United Kingdom, Vice President to President Andrew Jackson, and then, finally, President.

Vice President of the United States

Ten percent of all Vice Presidents previously served as a state AG.[1] Martin Van Buren, noted above, served as Vice President before he became President. Other Vice Presidents who previously served as a state AG include: Aaron Burr (2nd AG of New York), George Dallas (17th AG of Pennsylvania), Walter Mondale (23rd AG of Minnesota), and now Kamala Harris (32nd AG of California), who may be the most prominent former AG to serve as Vice President to date. Vice President Harris served as a district attorney before she was elected as the California AG, where she made data privacy and security a key issue in California. After two terms, she went on to run for U.S. Senate, before becoming the Vice President of the United States.

Federal Agency Leadership Appointments

A number of former AGs have been appointed to serve in the federal government. Most recently, former California AG Xavier Becerra was appointed by President Joe Biden to lead the Department of Health and Human Services in 2021. Former Michigan AG and Governor Jennifer Granholm is now the Secretary of the Department of Energy. President Trump selected former Oklahoma AG Scott Pruitt to serve as the Administrator of the Environmental Protection Agency. Other examples are former Idaho AG Larry Echo Hawk, who was appointed by President Barack Obama in 2009 to serve as the Assistant Secretary of the Interior for Indian Affairs, as well as Gale Norton, former AG of Colorado and then US Secretary of Interior, appointed by President George W. Bush in 2001.

U.S. Congress – House Representatives and Senators

It is not uncommon for state AGs to later run for U.S. Congress, and there are several instances of AGs going on to serve as House Representatives and Senators. Currently, there are 8 members of Congress who are former state AGs: Representative Charlie Crist (35th AG of Florida and also a prior Florida Governor) and Senators Richard Blumenthal (23rd AG of Connecticut), John Cornyn (49th AG of Texas), Catherine Cortez Masto (32nd AG of Nevada), Josh Hawley (42nd AG of Missouri), Dan Sullivan (27th AG of Alaska), and Sheldon Whitehouse (71st AG of Rhode Island). On the flip side, there are three state AGs who previously served in Congress: Indiana AG Todd Rokita, Louisiana AG Jeff Landry, and Minnesota AG Keith Ellison, and there likely will be three more starting in January 2023 – Congressman Raul Labrador of Idaho, Former Congressman (and current Lt. Governor) Tim Griffin of Arkansas and Congressman Anthony Brown of Maryland.

Governor and Lieutenant Governor

Of course, as the joke goes, many AGs do in fact go on to serve as the governor of their state – the sitting Governors of Kentucky, Maine, North Carolina, Ohio, South Carolina and Texas each previously served as AG. The role of AG provides exposure to a statewide audience, and provides a bird’s eye view into nearly all the functions of state government. As a result, many state AGs are well-equipped to serve as governors of their states. Currently, the following sitting AGs are running to be the governor: Kansas AG Derek Schmidt; Daniel Cameron of Kentucky; and Massachusetts AG Maura Healey. Similarly, AG Leslie Rutledge is running to be the Lieutenant Governor of Arkansas.

*******

All in all, the office of State AG is a powerful one that draws a diverse and dynamic group of people who often take hard-hitting positions on key issues in their – and our – days. Watchers of politics and law – or those who are subject to state policy and law enforcement by AGs would do well to monitor ­­­­­­­­­­­­­­­­­­­­­­­­­­the activities and interests of AGs in their jurisdictions.


[1] Ryan Greenstein, NAAG, From Burr to Harris: AG to VP (Jan. 19, 2021), available at https://www.naag.org/attorney-general-journal/from-burr-to-harris-ag-to-vp/.

GAO dismisses post-award protest because protester is not an interested Party

The U.S. Government Accountability Office (“GAO”) recently dismissed a protest challenging the Department of Homeland Security’s evaluation of the Protester’s proposal and subsequent discussions with the Protester. The GAO found that the Protester’s arguments did not demonstrate that it was next in line for award, rendering the Protester a disinterested party with no standing to protest. This decision serves as a reminder that when challenging the government’s award decision, a contractor must be an interested party or the GAO will dismiss the protest, often times before even considering the merits. This decision also highlights how important it is for the Protestor to set forth timely arguments that demonstrate its interested party status in its initial protest filing.

Background

The Department of Homeland Security, U.S. Immigration and Customs Enforcement (ICE) issued a solicitation for “comprehensive detention services at the Port Isabel Detention Center (PIDC), in Los Fresnos, Texas. Importantly, the solicitation provided that offerors’ proposals would be evaluated based on price and non-price factors, with non-price factors being significantly more important than price. ICE received proposals from three offerors in response to the Solicitation: Ahtna (“Ahtna” or the “Protester”); AIP (“AIP” or the “Awardee”), and a third company (“Offeror 3”). The contracting officer, who also served as the source selection authority, assessed each proposal a “High Confidence” rating under the non-price evaluation factors. With respect to price, the Awardee proposed the lowest price, Offeror 3 proposed the second lowest price, and the Protester proposed the highest price.

ICE ultimately awarded the contract to AIP, and Ahtna timely protested. In the Protest, Ahtna alleged that:

  • The Awardee’s proposal should have been rated unacceptable under each evaluation factor, and therefore ineligible for award;
  • ICE engaged in misleading and disparate discussions with the Protester regarding price;
  • ICE relaxed solicitation requirements for the Awardee, thereby treating the Protester and Awardee disparately; and
  • ICE’s award decision was unreasonable because it was based on a flawed evaluation, it failed to document why the Protester’s proposal did not warrant a price premium, and it failed to document that the contracting officer and evaluators look behind the evaluation ratings.

In its Agency Report, ICE addressed the Protester’s arguments on the merits and requested the GAO dismiss the protest. Specifically, ICE claimed that the Protester lacked the status of an interested party because the contracting officer had assessed Offeror 3 a rating superior to the Protester’s under price and non-price factors, thereby making Offeror 3 the next in line for award. The Protester filed comments and supplemental protest grounds in response to the Agency Report, and the GAO required each party address specific questions it posed regarding the Protester’s interested party status. 

GAO’s Analysis

The GAO determined that the contemporaneous record did not demonstrate that the Protester’s proposal would be in line for award, even if the watchdog were to find the Protester’s challenges to the evaluation of AIP’s proposal meritorious. Accordingly, the GAO concluded that the Protestor was not an interested party to challenge the award and dismissed the protest.

First, in reaching this conclusion, the GAO focused on ICE’s ratings of all offerors under the non-price factors, and concluded that while all offerors were assessed a “High Confidence” rating for each non-price evaluation factor, ICE expressly identified advantages with respect to the Awardee’s and Offeror 3’s proposal in the Source Selection Decision Document (SSDD). The GAO noted though that that ICE did not expressly identify any advantages in the Protester’s proposal under any non-price factor. Additionally, the GAO noted that the advantages identified by ICE were for the most heavily weighted non-price factor, “technical capability/management approach.” Therefore, despite the Protester’s argument that ICE’s explanation of its evaluation record amounted to post-hoc justifications, GAO found that the contemporaneous record clearly indicated that ICE compared the offerors’ proposals and found both the Awardee’s and Offeror 3’s proposals to be superior to the Protester’s under the non-price factors. The GAO also considered the Protester’s arguments related to ICE’s evaluation of the Protester’s proposal under the price factor. The Protester complained that the Awardee’s and Offeror 3’s price proposals both reflected a lack of understanding of or a deviation from the solicitation requirements. The GAO dismissed this basis of protest and determined that the Protesters argument focused on what it alleged were flaws in ICE’s evaluation of the Awardee’s price proposal and not on any alleged flaws in its evaluation of Offeror 3’s proposal. Accordingly, the GAO held that the Protestor failed to demonstrate that ICE unreasonably evaluated Offeror 3’s proposal in any way and fail to clearly state legally sufficient grounds of protest.

Additionally, the Protester argued that during discussions, ICE misled the Protester to increasing its price. The Protester specifically complained that ICE’s discussion questions were misleading and unequal, and that ICE should not have led the Protester to increase its price through discussions. The GAO noted, however, that the Protester, did not argue in its protest or supplemental protest that it would have lowered its price during discussions below its initially proposed price of $222,859,412, which is higher than that of Offeror 3, even if ICE had not misled it into raising its price. Because the Protestor raised this argument only in response to questions from the GAO attorney regarding its interested party status, the GAO determined that this  argument was ultimately a “piecemeal presentation or development of protest issues” and noted that to the extent the Protester was seeking to raise an alternative argument as to why it believed ICE’s discussions were improperly conducted, the argument was untimely because it was not raised within 10 days of when the protester knew or should have known of its basis.”

Finally, the GAO addressed a protest allegation related to the debriefing that ICE provided which stated that the Agency did not develop a ranking of proposals during the source selection. The Protester asserted that this statement proved that ICE did not rank proposals for purposes of award, and accordingly that there can be no valid basis to conclude that Offeror 3’s proposal should be considered in line for award ahead of its own proposal. The GAO rejected this argument because it concluded that the contemporaneous record demonstrated that the contracting officer determined that Offeror 3’s technical proposal was superior to the Protestor’s. And, the GAO went on, because the Protester’s arguments failed to challenge the fact that Offeror 3’s proposed price was lower than the Protestor’s initial price, prior to discussions, this protest ground was dismissed because Protestor was not an interested party with standing to raise this issue with the GAO.

Key Takeaways

  • Standing takes precedent. To challenge an agency’s award decision, a protester must be an interested party. “Where there is an intervening offeror who would be in line for the award even if the protester’s challenges were sustained, the intervening offeror has a greater interest in the procurement than the protester, and [the GAO will] generally consider the protester’s interest to be too remote to qualify it as an interested party.
  • Present it all. The Bid Protest Regulations require protesters to “[s]et forth all information establishing that the protester is an interested party for the purpose of filing the protest.” 4 C.F.R. § 21.1(c)(5). This means that protestors should not present their bid protest arguments piecemeal. A protestor’s initial protest filing should set forth as many facts as possible that clearly demonstrate its interested party status.
  • Present it in a timely manner. Relatedly, when a protestor fails to present all the facts that demonstrate its interested party status, and instead raises these facts later in the course of the pending protest, the GAO may deem the related protest grounds untimely. If this happens, it is likely that these additional protests grounds will not be considered by the GAO.    

GAO Sustains Post-Award Protest Challenging The Navy’s Unreasonable Interpretation Of Its Own Solicitation Criteria

The U.S. Government Accountability Office (“GAO”) recently sustained a protest challenging the Department of the Navy’s (“Navy”) evaluation of the awardee’s proposed professional employee compensation plan, which was based on a flawed interpretation of the term “professional employee” in the Solicitation. This decision serves as a reminder that the GAO will interpret provisions, clauses, statutes, and regulations consistent with their plain meaning. Further, GAO will deem documented agency actions unobjectionable if they are in compliance with the solicitation criteria.

Background

The Navy issued a solicitation for “mission system software engineering development, integration, testing, and in-service support for U.S. Naval aircraft major defense acquisition programs” on October 2, 2020. This solicitation contemplated the award of an indefinite-delivery indefinite-quantity contract with a 5-year ordering period and cost-plus-fixed-fee and cost-reimbursement components. The Solicitation also provided that the Navy would make award on a best-value trade-off basis after evaluating proposals based the following three factors listed in descending order of importance: (1) technical; (2) past performance; and (3) price. There were three subfactors under the “technical” factor: (1) understanding of work; (2) workforce; and (3) management approach. The technical and past performance factors combined were significantly more important than price, with price becoming more important with the degree of equality amongst proposals.

Sabre Systems, Inc. (“Sabre” or the “Protester”), the incumbent, submitted a proposal in response to the subject Solicitation along with three other offerors, one being American Systems Corporation (“ASC” or the “Awardee”). The Navy made an initial award to ASC on July 30, 2021, Sabre timely protested the Navy’s evaluation and award decision, and the Navy took corrective action thereafter by reevaluating the proposals submitted in response to the Solicitation. Upon reevaluation, the Navy rated Sabre’s technical proposal slightly superior to ASC’s in the “workforce” technical subfactor. Otherwise, ASC and Sabre received equal technical ratings. However, Sabre’s Most Probable Cost (“MPC”) at $211,471,566 was roughly $21 million higher than ASC’s MPC at $190,126,983. The Navy awarded the contract to ASC a second time, noting that Sabre’s proposal’s slight superiority did not warrant a $21 million price premium. This timely protest followed.

The Protest Allegations and GAO’s Analysis

Sabre first argued that, because the Navy improperly excluded many labor categories from its professional compensation evaluation, it failed to meaningfully evaluate the Awardee’s total compensation plan and conducted a flawed cost realism analysis. Sabre also challenged the Navy’s evaluation of its proposal under both the technical and past performance factors. Specifically, Sabre complained that the Navy failed to recognize multiple strengths within its proposal and unreasonably equalized its superior past performance with that of the Awardee.

With respect to Sabre’s first argument, the GAO noted that the Solicitation required offerors to set forth their total compensation plan “for each proposed professional employee” consistent with Federal Acquisition Regulation (“FAR”) 52.222-46. According to the Solicitation, this plan was to include each professional employees’ direct labor rate, fringe benefits package, and data used to determine the compensation structure. In pertinent part, FAR 52.222-46 provides as follows:

Recompetition of service contract may in some cases result in lowering the compensation (salaries and benefits) paid or furnished professional employees. This lowering can be detrimental in obtaining the quality of professional services needed for adequate contract performance. It is therefore in the Government’s best interest that professional employees, as defined in 29 CFR 541, be properly and fairly compensated…This evaluation will include an assessment of the offeror’s ability to provide uninterrupted high-quality work. The professional compensation proposed will be considered in terms of its impact upon recruiting and retention, its realism, and its consistency with a total plan for compensation.

(Emphasis added). 29 CFR 541, Subpart D defines “professional employees” as follows:

(a) The term “employee employed in a bona fide professional capacity” in section 13(a)(1) of the Act shall mean any employee (1) Compensated on a salary or fee basis . . . at a rate of not less than $684 per week . . .; and (2) Whose primary duty is the performance of work (i) Requiring knowledge of an advanced type in a field of science or learning customarily acquired by a prolonged course of specialized intellectual instruction; or (ii) Requiring invention, imagination, originality or talent in a recognized field of artistic or creative endeavor.

Notwithstanding the language in FAR 52.222-46, and the definition of “professional employees” set forth in 29 CFR 541, the Navy evaluators determined that only a small subset of four labor categories required by the Solicitation constituted “professional employees” as defined by 29 CFR 541. According to the record, the Navy’s rationale for excluding the remaining labor categories was that while these labor categories may constitute professional services, they also fit other definitions for categories of employees under 29 CFR 541. Therefore, the Navy did not consider the remaining labor categories as “professional employees.”

The GAO disagreed with the Navy, and concluded “that the plain language of the applicable FAR provision unambiguously required the Navy to evaluate the compensation plan for all proposed employees meeting the definition of “professional employees” as defined in subpart D of part 541…regardless of whether [proposed employees also meet] another part 541 labor category definition…” By way of example, the GAO highlighted the “software developer” labor category, which the Navy found not to be a “professional employee” under 29 CFR 541. However, according to the statement of work, this labor category required “minimum levels of higher education in the specified field of science or learning related to the duties of the position” including a bachelor’s degree in computer science or computer engineering. The Navy failed to include several professional employees in its evaluation of the Awardee’s compensation plan inconsistent with the Solicitation criteria, which contained FAR 52.222-46 referencing 29 CFR 541’s definition of “professional employees.” Accordingly, GAO sustained the protest on this basis.

Sabre also argued that the Navy failed to reasonably evaluate its technical proposal by failing to recognize additional strengths within its proposal. The GAO ultimately disagreed and found that the Navy thoroughly reviewed Sabre’s proposal and assessed strengths where the proposal exceeded the solicitation requirements in a manner advantageous to the government. Sabre also challenged the evaluation of its past performance by arguing that its past performance was more relevant and of higher quality than that of the Awardee. GAO found the Agency evaluated Sabre’s past performance consistent with the solicitation criteria, which required offerors’ past performance to be evaluated based on recency, relevancy, and quality of work. The Solicitation did not, however, require a comparison of offerors’ past performance examples. Therefore, the GAO denied this protest ground as well.

Lastly the GAO addressed prejudice. The Navy argued that that Sabre suffered no prejudice because a change in its methodology to include additional labor categories in the analysis would not have changed the evaluative outcome. In response, Sabre argued that the improper exclusion of more than 80 percent of its proposed personnel from its compensation plan analysis resulted in the Navy’s failure to appreciate the risk posed by the Awardee’s lowered compensation levels. The GAO resolved these arguments in favor of Sabre, noting that a reasonable possibility of prejudice is a sufficient basis for sustaining a protest.

Key takeaways

  • When competing for government contracts, Contractors who are unsuccessful are advised to closely scrutinize solicitation requirements to ensure that the agency’s evaluation is in strict compliance therewith.
  • Contractors should always look to the solicitation criteria for guidance regarding how an Agency should conduct the source selection evaluation of proposals. If, for example, a solicitation does not contemplate Agency’s evaluation of proposals by comparison, Contractors should expect that the Agency will evaluate proposals in accordance with the stated solicitation criteria, and not in comparison to other proposals.
  • When considering the merits of a protest, the GAO will review provisions, clauses, statutes and regulations consistent with their plain meaning. To the extent that an Agency relies on a provision, clause, statute or regulation, and interprets that provision, clause, statute or regulation in a manner that is inconsistent with its plain meaning, and conducts its evaluation on a flawed interpretation, the GAO is likely to find this conduct objectionable and erroneous. If such has occurred, an unsuccessful bidder may have a very good chance at having the GAO recommend overturning that award decision.

Privacy Advocates, Business Community Voice Opinions on Privacy Law in the Centennial State: AG Provides Open Forum for Informal Comment on CPA Implementation and a New Curveball Emerges in the Privacy Arena as Recent Dobbs Portends Further Changes

Almost exactly one year ago, on July 7, 2021, Colorado Governor Jared Polis (D) signed the Colorado Privacy Act (“CPA”) into law. As we have previously highlighted, the Colorado Attorney General and the Department of Law (“Colorado AG”) have been a leading voice, both in Colorado and nationally, on privacy policy and enforcement. Consistent with that high level of engagement, the CPA specifically calls for the Colorado AG to implement the law by adopting new rules governing privacy, as well as by “adopting rules that detail the technical specifications for one or more universal opt-out mechanisms that clearly communicate a consumer’s affirmative, freely given, and unambiguous choice to opt out of the processing of personal data for purposes of targeted advertising or the sale of personal data.”[1]

Now, as the Colorado AG undertakes its mandated rulemaking and implementation, the U.S. Supreme Court’s recent decision in Dobbs raises new questions about how the CPA and other state privacy laws will be effectuated and enforced. While these specific issues were not raised in the course of the CPA listening sessions, Colorado could be a state where this issue emerges in the coming weeks and months. In the wake of Dobbs, which overturned Roe v. Wade, we expect that state AGs generally will be looking at how the decision impacts their states’ privacy regimes. The answers to this complex consideration will likely depend on the political makeup of each state and, relatedly, the political affiliation of the AG, but could reach to issues including how insurers and medical facilities collect, handle, and maintain (or produce in the course of investigations) private medical information. This is consistent with the recent increased focus state AGs have put on protecting sensitive medical-related information.

Last week, North Carolina AG Josh Stein launched an investigation into a digital tracking company that allegedly collects information from hospitals when patients try to make online appointments and then provides such information to large social media platforms for advertising purposes. Like AG Stein, state AGs around the country are actively exploring ways to better protect this especially sensitive category of personal data, both through engaging in their states’ legislative efforts and employing their far-reading state consumer protection laws to bring enforcement actions against those who allegedly misuse private medical information. With the Dobbs decision and its implications now at the top of many state AGs’ minds, issues around information sharing, data retention, and geolocation technology could all emerge as policy and litigation flashpoints.

As part of its implementation of the CPA, and in a nod to a transparent and fully-informed rulemaking process, the Colorado AG held CPA-related “Pre-Rulemaking Listening Sessions” on Wednesday, June 22nd and again on Tuesday, June 28th. The listening sessions were designed to be public fora for anyone to provide feedback, suggestions, and comments to the Colorado AG prior to the CPA’s implementation later this year. The informal comment period is set to conclude in August. The Colorado AG plans to release proposed draft rules for formal notice and comment sometime in the fall. Final rules will then be promulgated in late 2022 or early 2023, and CPA enforcement will commence on July 1, 2023. While these sessions were led by various Colorado AG staff, it was made clear at the outset that the Colorado AG would not provide substantive comments or answers to any questions during these sessions.

While the Colorado AG emphasized that they were open to comments about any parts of or issues related to the CPA, they also noted that they were specifically focusing on a few specific areas, including: (1) universal opt out; (2) consent; (3) dark patterns (typically understood as deceptive or misleading digital practices effectuated by algorithms and consumer interface designs); (4) data protection assessments; (5) profiling; (6) opinion letters; (7) offline data (referring to data collected in person (e.g., via a magazine subscription) that may later be stored online and, specifically, issues associated with consumers exercising their preferences with the future treatment of such data); and (8) interoperability.

The Colorado AG kicked off both sessions with a brief overview of the CPA. First, they discussed the CPA’s provisions on consumer rights, noting that these include abilities, such as:

  • Telling businesses not to sell or use your personal data for certain purposes;
  • Agreeing to (or deny) the collection and use of your sensitive personal information;
  • Accessing the personal data that businesses have collected about you;
  • Having businesses correct errors in certain pieces of your personal data;
  • Using one single signal to opt out of the sale of your personal information or targeted advertising;
  • Having businesses delete certain pieces of your personal data;
  • Having businesses provide a portable copy of your personal data to you; and
  • Understanding what personal data businesses collect about you.

The Colorado AG then highlighted businesses’ obligations under the CPA, including:

  • Provide a privacy notice telling you how your information is collected and used and how you can exercise your CPA rights;
  • State a purpose for the collection and use of your personal data, and only collect the amount and type of personal data necessary for that purpose;
  • Take reasonable measures to protect your personal data; and
  • Obtain your consent before collecting and using your sensitive personal information.

The June 22nd session, which was both in-person and virtual, was sparsely attended, with only two commenters participating. The June 28th was far better attended, with commenters from a wide variety of organizations and institutions.

Many of the comments focused on the opt out mechanism set forth in the CPA and how it will be applied in varying contexts, subject to the Colorado AG’s rules on such. Both the privacy advocates and business community representatives called for the Colorado AG to take every step possible to ensure that the CPA is implemented in a way that coherently interacts with other states’ privacy laws, such that both consumers and businesses have clarity and a degree of uniform applicability nationwide.


[1] https://coag.gov/resources/colorado-privacy-act/#:~:text=On%20July%207%2C%202021%2C%20Governor,of%20Colorado’s%20Consumer%20Protection%20Act.

Mid-season election update: Where AG elections stand post Dobbs decision and updates on AG races in D.C., Idaho, Nebraska, New Mexico, Oklahoma, South Dakota, Vermont, and the other 30 states up for grabs this election cycle

In this post, we build upon the electoral analysis provided in an earlier blog posted on February 10, 2022, entitled “New AGs Take the Reins in Key States with Largest AG Election Cycle in Years on the Horizon.” You can access that post, which provides interim developments on attorney general appointments in North Dakota and New Jersey and the upcoming election cycle, here.

Introduction

The 2022 election cycle is well underway, with many primary elections having taken place over the past few months. While Congressional and gubernatorial elections have always been of high interest to the public, state attorney general (AG) elections are garnering more attention than ever.

In their roles as the chief legal officers of their jurisdictions, AGs are uniquely situated at the cross-section of law, politics, and public policy. While each state assigns different powers and duties to its AG, AGs work individually and together to confront a wide variety of issues that impact businesses from every industry sector. Additionally, the AG role has continued to expand over time as new issues arise and new technologies emerge. For example, AGs have taken an increasingly active role in the oversight of data privacy laws in an effort to protect consumers.

Most significantly, AGs have been put in the spotlight in the wake of the U.S. Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization and their overturning of Roe v. Wade and Planned Parenthood v. Casey. AGs across the political spectrum have announced their stances on the reversal of a woman’s constitutional right to an abortion, as previously established in Roe. In more progressive states, some AGs have been making assurances that abortions are still legal in their states or have committed to not enforcing laws restricting abortion. Conversely, in more conservative states, some AGs have framed the decision as an historic victory. States where the stance of the AG conflicts with current and likely state law on abortion inevitably will experience increased attention in the coming days and weeks.

More than 30 AG seats may change as a result of the 2022 cycle. Below are highlights of recent events impacting AGs in advance of election day on Tuesday, November 8, 2022.

What state AG seats are up in 2022?

Over half of the state AG seats are up for election this year. Twenty-two of those seats are currently held by incumbents, eight are open seats, and six are in states where the AGs are not elected, but the new AG may change.

Recent happenings: AG primaries in D.C., Idaho, Nebraska, New Mexico, and Oklahoma; new interim AG appointed in South Dakota after removal of sitting AG from office; and Vermont AG resigns

On Tuesday, June 21, the District of Columbia held a number of primary elections, including for AG. Brian Schwalb won the Democratic primary nomination with 45.6 percent of the vote and the support of six out of eight wards. At this time, Schwalb does not have any challengers in the general election.

Republican incumbent Idaho AG Lawrence Wasden lost his primary on May 17, 2022. AG Wasden was defeated by former Idaho and U.S. Congressman Raúl Labrador by over 13 points. Congressman Labrador, who is a former chair of the Idaho Republican Party, will face Democrat Steven Scanlin.

In Nebraska, incumbent Republican AG Doug Peterson announced that he would not run for reelection. Primary elections for AG were held on May 10, 2022. Mike Hilgers, the speaker of the Nebraska legislature, won the Republican primary and no Democratic primary was held. Speaker Hilgers will face off against Larry Bolinger, who is running on behalf of the Legal Marijuana NOW Party.

 New Mexico held its 2022 primaries, including one for the Democratic nominee for AG, on June 7, 2022. Raul Torrez, who currently serves as the Bernalillo county district attorney, secured the Democratic nomination. Torrez will face Republican Jeremy Gay, who is a litigator and Marine, in the general election for New Mexico AG.

 On Tuesday 28, 2022, incumbent Republican Oklahoma AG John O’Connor was defeated by challenger Gentner Drummond by a slim margin. AG O’Connor was appointed by Oklahoma Governor Kevin Stitt last year and had never run for statewide office before. If a recount yields the same results, Drummond will be the next AG of Oklahoma, as no Democrats filed to run in the 2022 AG election.

Last week, the South Dakota Senate removed South Dakota AG Jason Ravnsborg from office. AG Ravnsborg is the first statewide official in South Dakota to be impeached, removed from office, and barred from holding a future office in the state. AG Ravnsborg will be replaced for the next full four-year term by Republican Marty Jackley. Jackley won his nomination at the South Dakota State GOP primary last week and will run uncontested in the general election. However, Republican South Dakota Governor Kristi Noem appointed Pennington County’s state attorney, Mark Vargo, as AG Ravnsborg’s interim replacement. Vargo, who was the lead prosecutor in the South Dakota Senate’s impeachment of AG Ravnsborg, will serve until Jackley is sworn in for the next term.

 Finally, Vermont AG T.J. Donovan announced that he would not seek reelection. He left office on June 20, 2022. AG Donovan announced that Chief Deputy AG Joshua Diamond will assume the duties of AG and will fill that role until Vermont Governor Phil Scott appoints Susanne Young to fill out Donovan’s six-month term. Young is a 40-year veteran in state government and is a former deputy AG. Most recently, she served as Governor Scott’s administration secretary.

****

Our Attorney General Team will continue to report on things as they change leading up to the general elections, which will be held on Tuesday, November 8, 2022.

GAO sustains pre-award protest challenging a solicitation as unduly restrictive.

In a recent U.S. Government Accountability Office (GAO) decision, the watchdog sustained a pre-award protest filed by an offeror alleging that the government’s solicitation requirements associated with certain certifications were unduly restrictive of competition. This decision is a reminder that an agency will not withstand a protest of its solicitation terms when it does not have a reasonable basis to support requirements may ultimately limit competition.

The solicitation

On December 21, 2021, the Department of Homeland Security, U.S. Immigration and Customs Enforcement (ICE or the Agency) solicited bids in connection with call center services to support the Agency’s student and exchange visitor program. The request for proposal (RFP) was issued as a two-phase procurement. In phase 1, interested offerors were required to affirmatively respond that they wished to participate in phase 2 of the procurement by October 22, 2021. Offerors that failed to affirmatively respond by that deadline were advised that they would not be allowed to participate in phase 2. With regard to phase 2, the RFP informed offerors that ICE would conduct an initial evaluation of the proposals based on two factors: (i) certifications and (ii) experience. From there, the RFP provided that the Agency would perform a “down-select” to a maximum of four “best-suited” proposals that would be considered further by the Agency in phase 3 for the award.

Notably, after the RFP had been amended by the Agency, it required offerors to demonstrate that they possessed Capability Maturity Model Integration (CMMI) Level 3 or greater certification at the time of proposal submission. Specifically, the RFP stated that the Agency would evaluate proposals under the certifications prong on an acceptable/unacceptable basis, and those deemed unacceptable would not be further evaluated or considered for the award.

Protest grounds

On January 18, 2022, Insight Technology Solutions, Inc. (Insight) filed an agency-level protest challenging the CMMI certification requirements as unduly restrictive of competition. Before the Agency, Insight complained that offerors were not given a reasonable opportunity to respond to the amended solicitation that now imposed the CMMI requirement. ICE ultimately denied Insight’s agency-level protest, and on February 18, 2022, Insight filed a timely protest based on the same grounds with the GAO.

In its protest, Insight asserted that (1) ICE lacked a reasonable basis to require a CMMI level 3 or greater certification; and (2) the RFP requirement for each offeror to demonstrate its CMMI certification at the time of proposal submission exceeded the Agency’s needs. Insight challenged ICE’s determination that the CMMI certification levels required by the RFP were necessary, criticized the Agency’s previously expressed rationale for the certification requirements as “vague and unsupported,” and accused the Agency of failing to conduct any actual analysis that would support the need for the CMMI level 3 certification. 

The Agency’s response

The Agency responded by asserting that its CMMI certification requirement was not unduly restrictive of competition because the requirement reflected ICE’s actual needs. The Agency further argued that CMMI level 3 or greater certification was required because the call center requirement was constantly evolving and the PWS required the contractor to recommend and participate in process improvements and system upgrades. According to the Agency, in order for an offeror to meet the Agency’s call center requirements, it would need to possess the ability to identify and resolve process issues at CMMI level 3 or higher, rather than level 1 or level 2.

Additionally, the Agency argued that requiring offerors to possess CMMI level 3 or greater certification at the time of proposal submission was necessary because ICE needed to verify compliance with this material requirement and could not risk an awardee not having the required certification at award. The Agency also argued that not verifying certifications at the time of proposal submission would put ICE “at the mercy of a certification process” and further stated, without explanation, that this might create uncertainty due to the uncertain timing for obtaining certification.

GAO analysis and decision

In sustaining the protest, the GAO first concluded that ICE had provided ample evidence that justified the subject certification requirements. The GAO pointed out that Insight even agreed with ICE that requiring CMMI level 3 certification or higher would lead to improved identification and process resolution as compared to requiring certification at CMMI levels 1 or 2.  Accordingly, because Insight failed to explain why the process-based justification offered by the Agency was unsupported, the GAO denied this protest ground.

However, the GAO went on to find that the Agency had not demonstrated that it was necessary for an offeror to prove it possessed CMMI level 3 certification or higher at proposal submission. In fact, the GAO held that nothing in the record supported a finding that “the mere possession of CMMI level 3 or greater was relevant before the start of performance, much less before award.” 

In defense of the requirement, ICE cited the GAO’s decision in KPaul Properties, LLC, B‑419893, B‑419893.6, Sep. 15, 2021, 2021 CPD, paragraph 317,arguing that the decision there accepts the notion that certification requirements – at the submission stage – are acceptable where the Agency uses them “as part of its evaluation of the offeror’s ability to provide high quality services.” But, in rejecting that argument, the GAO explained that ICE had incorrectly deduced a broad and general conclusion from the fact-specific holding in KPaul, and that nothing in the decision supported the proposition that a procuring agency could justify submission stage certification requirements “merely [by] stating that they are being used as an objective evaluation requirement.” 

Accordingly, because ICE failed to offer fact-specific justifications, such as the supply chain concerns cited in the KPaul decision, the Agency had not provided a reasonable basis to support requiring CMMI level 3 or greater certification at the time of proposal submission, and the GAO sustained the protest. The GAO went on to recommend that ICE review its needs and amend the solicitation to allow offerors to provide CMMI level 3 or greater certification at the time of award or performance. In addition, the GAO held that ICE must reopen the competition and allow offerors to submit new or revised proposals.

Key takeaways

  • Contractors may face an uphill battle if they wish to lodge a pre-award protest challenging an agency’s decision to impose certain requirements that it has determined reflect its needs. The GAO will be reluctant to sustain a protest based on this ground when the agency’s rationale has been documented and considered reasonable.
  • Contractors may find the GAO more willing to sustain a protest, however, when an agency claims that certifications are necessary at the time of proposal submission (so an agency can perform its evaluation of the offeror’s ability to provide high-quality services), but the agency has not explained why its objective evaluation of this certification on an acceptable/unacceptable basis would need to happen before award.
  • Those seeking to do business with the government are advised to closely scrutinize solicitation requirements to identify any that are unduly restrictive or unreasonable in light of the procuring agency’s needs.

GAO dismisses pre-award bid protest as untimely

On April 25, 2022, the Government Accountability Office (“GAO”) dismissed a protest that Defense Solutions Group, LLC (“DSG”) had filed which challenged the Defense Information Systems Agency’s (“Agency” or “DISA”) decision to exclude DSG’s proposal from the competition. DSG argued that its exclusion from the competition for non-compliance with two administrative solicitation requirements was unreasonable. The Agency countered that dismissal was warranted because unequivocal administrative requirements in the solicitation are requirements nonetheless, and DSG’s proposal did not comply with these requirements. DISA also argued that DSG’s protest was untimely. In dismissing the protest, the GAO declined to opine on the merits, and instead found that the protest was untimely because it contained a challenge to a solicitation term. This dismissal serves as a cautionary reminder to contractors that strict compliance with the GAO timeliness rules is paramount and that challenges to solicitation terms must be raised prior to the date proposals are due.

Background

On June 22, 2021, DISA released a solicitation as a multiple award, indefinite-delivery, indefinite-quantity (“IDIQ”) small-business set aside contemplating a fixed price/cost-reimbursement task order for sustainment support (“Solicitation”). According to the Solicitation, DISA planned to award these task orders on a best-value, trade-off basis considering price and non-price factors. Proposals in response to this Solicitation were due on October 25, 2021.

The Solicitation contained a number of administrative requirements. These included requiring offerors to, among other things: (1) submit the DD Form 254, which is used to convey security requirements when contract performance requires access to classified information, using the original Government-provided form; and (2) include in its Representations and Certifications submission a response to “Additional DITCO Instruction G1, Points of Contact.” Notably, at two places within the Solicitation, DISA informed offerors that if their proposal fails to meet or adhere to any part of the Solicitation’s administrative requirements, it would not be further evaluated or considered for award.

On November 1, 2021, after finding that DSG’s proposal failed to meet both administrative requirements above, DISA notified DSG that its proposal had been excluded from the competition. DSG then requested and received a debriefing, and filed a pre-award bid protest thereafter contending that “DISA’s exclusion of its proposal from the competition for failing to submit the DD Form 254 as a PDF file was improper because this requirement was immaterial and not rationally related to any legitimate agency need.” In response, DISA argued that: (1) the Solicitation unequivocally required compliance with the Solicitation’s administrative requirements; (2) the Solicitation explicitly stated that an offeror’s proposal that fails to comply with any administrative requirements would be excluded from competition; and (3) to the extent that the DSG is contending that certain submission requirements in the Solicitation are not material, and therefore should not provide a basis for rejection of its proposal, DSG’s contention amounts to an untimely pre-award protest and should be dismissed. DISA also noted a number of reasons why it mandated compliance with the administrative requirements at issue.

The GAO’s findings

The GAO did not opine on the materiality of the Solicitation’s administrative requirements, nor the validity of DISA’s rationale for including certain administrative requirements at the outset. The GAO found that DSG’s complaint about the agency’s enforcement of a threshold administrative requirement is, “in essence, an assertion that the solicitation’s requirement was unreasonable…” [and under GAO’s] Bid Protest Regulations, protests based upon alleged improprieties in a solicitation, which are apparent prior to the time set for receipt of initial proposals, must be filed prior to that time. 4 C.F.R. § 21.2(a)(1).” Therefore, the GAO dismissed the protest.

Takeaways

  • Assumptions. Federal contractors should not assume the materiality of a solicitation provision.
  • Compliance. When submitting a proposal in response to a solicitation, contractors must be sure to comply with all solicitation requirements not withstanding whether they are administrative or substantive in nature.
  • Timelines. To the extent that some administrative or substantive requirements are for example, ambiguous, unduly restrictive, or immaterial on the face of the solicitation, offerors should timely challenge these requirements prior to the time set for the receipt of proposals. Failing to do so may prevent the GAO entertaining any requests for relief associated with a protest.

GAO sustains protest where agency fails to establish a competitive range and engages in unequal discussions only with the awardee

On April 25, 2022, the Government Accountability Office (GAO) sustained a protest filed by Rice Solutions LLC, challenging the award of a Department of Health and Human Services Indian Health Service (IHS) contract to SOPOR LLC. Rice Solutions alleged that IHS improperly engaged in discussions with only SOPOR, and not the other offerors, as required by the Federal Acquisition Regulations (FAR). The GAO agreed with Rice Solutions, finding that IHS had improperly engaged only the awardee in discussions and sustained the protest, recommending that the agency take corrective action. This decision serves a reminder that an agency may not engage in unequal discussions, and if it does so, the procurement may be overturned by the GAO, if it is challenged.

Background

On Dec. 10, 2021, IHS issued a solicitation for certified registered nurse anesthetist services at the Pine Ridge Service Unit health care facility in South Dakota, under FAR Part 12 procedures.  The solicitation contemplated the award of a contract that would consist of a one-year base period and four one-year options. The solicitation provided that award would be made to the responsible offeror whose offer was considered to be most advantageous to the government, with price and other factors being considered.

The technical evaluation factors were listed as: problem and approach; past performance; and key personnel. However, the solicitation contained conflicting descriptions of the weight that IHS would give to the technical factors. As well, the solicitation was silent regarding the importance of price relative to the technical factors. Finally, the solicitation informed offerors that IHS intended to award the contract without conducting discussions, but that the agency reserved the right to conduct discussions.

The significant dates and events leading up to the filing of the protest were as follows:

  • Rice Solutions, SOPOR, and one other company timely submitted proposals in response to the solicitation.  
  • On Jan. 6, 2022, IHS’ technical evaluation team determined that Rice Solutions was the second highest rated proposal and was its second choice for the award. Importantly, IHS evaluators determined that both Rice Solutions and the third offeror had technically unacceptable proposals.
  • IHS evaluators did not eliminate Rice Solutions from the competition, and they did not establish a competitive range.
  • On Jan. 6, 2022, IHS entered into discussions only with SOPOR.
  • On Jan. 11, 2022, IHS requested a final proposal revision only from SOPOR, and SOPOR provided this to the agency on that same day.
  • On Jan. 12, 2022, the IHS contracting officer selected SOPOR for award.

After Rice Solutions received notice that it was an unsuccessful offeror, it filed the instant protest arguing that IHS unfairly conducted discussions with only SOPOR, thereby denying Rice Solutions an opportunity to also submit a revised proposal.   

The GAO’s findings

The GAO first concluded that the agency’s assertion that Rice Solutions’ proposal was technically unacceptable was not supported by the record, which indicated that the evaluators had differing opinions regarding the strength of the offeror’s technical approach. The GAO determined that it was unclear whether Rice Solutions’ proposal should have ultimately been found technically unacceptable in the first place, particularly in light of the conflicting solicitation provisions related to the relative weight of the price and non-price factors.

But the GAO ultimately sustained the protest specifically on the grounds that IHS had failed to properly establish a competitive range of offerors that it wished to enter into discussions with. The GAO opined that even though an agency has broad discretion in establishing a competitive range and is not required to memorialize its competitive range determination expressly in a formal document, it is required to provide sufficient information to adequately support its rationale. The GAO noted in this case that the contemporaneous record did not contain any documentation or support for IHS’ contention that a competitive range had been established before entering into discussions with SOPOR.

In fact, the GAO noted that the record indicated the opposite, because in response to the GAO’s request for additional information during the protest, IHS provided a declaration from the technical evaluation team chair, in which he admitted that prior to the protest, he was unfamiliar with the terms ‘competitive range’ and ‘competitive range determination’ and had only come to understand what those terms meant through this protest process. This admission, via this declaration, for the GAO confirmed that IHS had not established, or even intended to establish, a competitive range before the agency entered into discussions with SOPOR. The GAO concluded that once the agency chose to conduct discussions, it was required to so with all offerors in the competitive range, and that because no competitive range had been established, the agency was required to conduct discussions with all offerors.

Takeaways

  • An agency, if it decides to conduct discussions, must establish a competitive range and conduct discussions with all offerors in the competitive range. If it fails to do this, the GAO will sustain a protest challenge based upon this conduct.
  • Further, an agency may not engage in discussions with any offerors when a competitive range has not been established. The GAO has opined that a de facto competitive range of one is not created when an agency finds all offerors except for one technically unacceptable. 
LexBlog