CANCELLED BY PN 04-13

02-11

Procurement Information Circular

June 24,2002

CLASS DEVIATION TO THE MAJOR BREACH OF SAFETY OR SECURITY CLAUSE FOR CONTRACTS WITH EDUCATIONAL OR OTHER NONPROFIT INSTITUTIONS AND COMMERCIAL ITEM CONTRACTS

AND

MAJOR BREACH OF SAFETY OR SECURITY CLAUSE GUIDANCE

 

PURPOSE:

   1.  To provide a class deviation that adds an Alternate I to 1852.223-75, Major Breach of Safety or Security, for use in contracts with educational or other nonprofit institutions and contracts for commercial items; and

   2.  To provide guidance on the Major Breach of Safety or Security Clause.

 

BACKGROUND:  Since July 13, 2000, the Major Breach of Safety or Security clause, 1852.223-75, has been required in new solicitations and contracts with an estimated value over $500,000.  A concern was recently expressed about the use of the clause in contracts with educational or nonprofit institutions and in contracts for commercial items.  The Major Breach of Safety or Security clause states in part:

 

“A major breach of safety may constitute a breach of contract that entitles the Government to exercise any of its rights and remedies applicable to material parts of this contract, including termination for default;” and

 

“A major breach of security may constitute a breach of contract that entitles the Government to exercise any of its rights and remedies applicable to material parts of this contract, including termination for default.”

 

Contracts with educational or other nonprofit institutions and contracts for commercial items do not include a “termination for default” clause.  Rather, these contracts include a termination for convenience or termination for cause clause respectively.   Under contracts with educational or other nonprofit institutions and contracts for commercial items, these termination clauses provide rights and remedies should a major breach of safety or security occur.  However, to avoid any misinterpretations, a class deviation has been developed that removes the word default from the Major Breach of Safety or Security Clause in contracts with educational or other nonprofit institutions and contracts to acquire commercial items.

 

Other questions and comments concerning the Major Breach of Safety or Security clause have also been received.  Responses to these additional questions and comments are being provided as agency-wide guidance.

 

GUIDANCE:

   1.  A class deviation to the NASA FAR Supplement is granted to revise paragraph (d) of 1823.7001, NASA solicitation provisions and contract clauses, to read as follows:

 

   (d)(i) The contracting officer shall insert the clause at 1852.223-75, Major Breach of Safety or Security, in all solicitations and contracts with estimated values of $500,000 or more,   unless waived at a level above the contracting officer with the concurrence of the project manager and the installation official(s) responsible for matters of security, export control, safety, and occupational health.

       (ii) If the solicitation or contract is with an educational or other nonprofit institution or is for the acquisition of commercial items, insert the clause with its Alternate I, unless waived at a level above the contracting officer with the concurrence of the project manager and the installation official(s) responsible for matters of security, export control, safety, and occupational health.

       (iii) For contracts with estimated values below $500,000, use of the clause is optional.  

 

   2.  A class deviation to the NASA FAR Supplement is granted to provide for an Alternate I to 1852.223-75 to read as follows:

 

ALTERNATE I

(MAY 2002)

 

   As prescribed in 1823.7001(d), substitute the following paragraphs (a) and (b) for paragraphs (a) and (b) of the basic clause:

 

   (a) Safety is the freedom from those conditions that can cause death, injury, occupational illness, damage to or loss of equipment or property, or damage to the environment.  Safety is essential to NASA and is a material part of this contract.  NASA’s safety priority is to protect: (1) the public; (2) astronauts and pilots; (3) the NASA workforce (including contractor employees working on NASA contracts); and (4) high-value equipment and property. A major breach of safety may constitute a breach of contract that entitles the Government to exercise any of its rights and remedies applicable to material parts of this contract, including termination.  A major breach of safety must be related directly to the work on the contract. A major breach of safety is an act or omission of the Contractor that consists of an accident, incident, or exposure resulting in a fatality or mission failure; or in damage to equipment or property equal to or greater than $1 million; or in any "willful" or "repeat" violation cited by the Occupational Safety and Health Administration (OSHA) or by a state agency operating under an OSHA approved plan. 

 

   (b) Security is the condition of safeguarding against espionage, sabotage, crime (including computer crime), or attack.  A major breach of security may constitute a breach of contract that entitles the Government to exercise any of its rights and remedies applicable to material parts of this contract, including termination.  A major breach of security may occur on or off Government installations, but must be related directly to the work on the contract.  A major breach of security is an act or omission by the Contractor that results in compromise of classified information, illegal technology transfer, workplace violence resulting in criminal conviction, sabotage, compromise or denial of information technology services, equipment or property damage from vandalism greater than $250,000, or theft greater than $250,000.

(End of Substitution)

 

   3.  Guidance on the applicability and implementation of the requirements of 1852.223-75, Major Breach of Safety or Security is provided below in the form of questions/comments received and responses provided.

 

   (a) Safety comments - Damage to equipment or property equal to or greater than $1M:

 

       (1)     Assume this applies only to government owned property accountable under the contract.

       (2)     Is the dollar amount calculated as the sum of all “Damage” during an award fee period, or per individual incident during an award fee period?

       (3)     Is the dollar amount in base dollars or burdened dollars?

 

   Reply:

 

       (1) The Major Breach of Safety or Security clause does not only apply to government owned property accountable under the contract.  It applies to any equipment or property that the contractor may damage while performing work directly related to the work on the contract.

       (2) The $1 million amount is calculated per individual incident.

       (3) The dollar amount would be the repair or replacement cost.

 

   (b)     Security comments - Compromise of classified information:

 

       (1) Since there is no “classified” information applicable to this contract our assumption is this does not apply to us.  In addition, what constitutes “compromised?” 

 

   Reply:

 

       (1) This only applies if the contract includes FAR 52.204-2, Security Requirements, which is required when the contract may require access to classified information.  FAR 52.204-2 requires that the contractor comply with the Security Agreement (DD Form 441), including the National Industrial Security Program (NISP) Operating Manual (DOD 5220.22-M); and any revisions to that manual, notice of which has been furnished to the Contractor. 

 

A compromise of classified information is any unauthorized disclosure, release, or transmittal of classified national security information that violates NISP regulations.

 

   (c) Security comment – Illegal technology transfer:

 

       (1) Please define illegal technology transfer.

   Reply:

 

       (1) Technology transfer is addressed by various statutes and is enforced by the Bureau of Export Administration (BXA) under the Department of Commerce.  The BXA also administers the Export Administration Regulation (EAR).  BXA activities include regulating the export of sensitive goods and technologies in an effective and efficient manner; enforcing export control, anti-boycott, and public safety laws; cooperating with and assisting other countries on export control and strategic trade issues; assisting U.S. industry to comply with international arms control agreements; monitoring the viability of the U.S. defense industrial base; and promoting federal initiatives and public-private partnerships across industry sectors to protect the nation’s critical infrastructures.

 

The EAR and the various statutes that BXA enforces address technology transfer.  There are 10 general prohibitions listed in the EAR; if you violate any of the 10 general prohibitions, or engage in other conduct contrary to the Export Administration Act, or any order, license, License Exception, or authorization issued there under, you will be subject to the sanctions described in that part.

 

   (d)     Security comment - Workplace violence resulting in criminal conviction:

 

       (1) How do you define “violence”?  Is it physical (hitting, striking, fighting) mental harassment, verbal abuse or sexual harassment, all of the above?

 

   Reply:

 

       (1) The Occupational Safety and Health Administration defines workplace violence as “Any physical assault, threatening behavior, or verbal abuse occurring in the work setting.  A workplace may be any location either permanent or temporary where an employee performs any work-related duty.”

 

   (e) Security comments – Sabotage:

 

       (1) Our assumption is that this is program specific.

       (2) How and when do you determine sabotage has taken place?

       (3) Does one have to be convicted in a US Court of Law?

 

   Reply:

 

       (1) It is not program specific.  

       (2) The determination as to whether sabotage has occurred would depend on the circumstances of the individual case, and after investigation of the appropriate authorities.  As stated in paragraph (c) of the clause, “In the event of a major breach of safety or security, the Contractor shall report the breach to the Contracting Officer.  If directed by the Contracting Officer, the Contractor shall conduct its own investigation and report the results to the Government. The Contractor shall cooperate with the Government investigation, if conducted.”

       (3) No person need be convicted, or even identified; it is only necessary that investigation determines that sabotage was committed by someone.  However, the investigation would also have to determine that adequate security countermeasures were not in place or that contractor negligence facilitated the sabotage.

 

   (f) Security comments - Compromise or denial of Information Technology Services:

 

       (1) Please define what compromise or denial is.

 

   Reply:

 

       (1) The Information Technology Laboratory, National Institute of Standards and Technology, which develops Federal computer system standards and guidelines for the Department of Commerce to promulgate as required by 40 U.S.C. 1441, Computer Security Act of 1987, defines compromise as: “the unauthorized disclosure, modification, substitution or use of sensitive data.”

 

       The Information Technology Laboratory also states that denial of service is an IT security threat where an IT system is rendered unusable for legitimate users by “hogging” a resource or damaging or destroying resources so that they cannot be used. 

 

   (g) Security comments - Equipment or property damage from vandalism greater than $250K:

 

       (1) Does manufacturing scrap fall into this category?

       (2) Is the dollar amount in base dollars or in burdened dollars?

 

   Reply:

 

       (1)     The circumstances of the individual case would determine what constitutes the damage or loss to the government.  It is sufficient for the clause that investigation determines that the damage greater than $250K to the government occurred and that negligence or a lack of prudent security contributed to the damage or loss.

       (2) The damage to the government would be based on actual replacement or repair cost to the Government.  The Federal Acquisition Regulation defines scrap in Part 45.501 as personal property that has no value except for its basic material content.  If the scrap has a basic material content value that is greater than $250K and damage greater than $250K associated with the material content occurs, then a Material Breach may have occurred.

 

   (h) Security comment – Theft: 

 

       (1) The assumption is that this applies to Government owned property accountable under the contract.

 

   Reply: 

 

       (1) This applies to any property, whether it is Government or other contractors.

 

EFFECTIVE DATE: This PIC is effective as dated and shall remain in effect until canceled or superceded.

 

HEADQUARTERS CONTACT: Jeff Cullen, Code HK, (202) 358-1784, e-mail: jcullen@hq.nasa.gov.

 

 

Tom Luedtke

Assistant Administrator for Procurement