§3334e — Title 50 War and National Defense | U.S. Code

Summary

Lets leaders of US intelligence agencies (not parts of the Department of Defense) use special contracting steps to reduce supply chain risk when buying certain information technology for national security systems. They may take actions like using supply-chain-focused rules, excluding suppliers, or limiting what they tell others about why they acted. Covered agency: an intelligence community part, excluding the Department of Defense. Covered item of supply: information technology bought for a covered system whose corruption could cause a supply chain risk. Covered procurement: a purchase or selection process that uses supply-chain rules or clauses. Covered procurement action: steps like excluding a source, rejecting a proposal for supply-chain reasons, or blocking a subcontractor. Covered system: a national security system. Supply chain risk: the chance an enemy could tamper with or weaken a system to spy on, block, or damage it. Before using this power, the agency head must consult procurement officials and the Director of National Intelligence, make a written (possibly classified) finding that the step is necessary, that no less intrusive option exists, and that secrecy (if used) does more good than harm. They must tell the DNI (unless the DNI made the decision) and give a classified or unclassified notice to the congressional intelligence committees explaining the basis. The head cannot delegate this authority below the service acquisition executive. The authority adds to other laws and took effect 180 days after January 3, 2012 for contracts awarded on or after that date.

Title 50, §3334e

War and National Defense — Source: USLM XML via OLRC

(a)In this section:

(1)The term “covered agency” means any element of the intelligence community other than an element within the Department of Defense.

(2)The term “covered item of supply” means an item of information technology (as that term is defined in section 11101 of title 40) that is purchased for inclusion in a covered system, and the loss of integrity of which could result in a supply chain risk for a covered system.

(3)The term “covered procurement” means—

(A)a source selection for a covered system or a covered item of supply involving either a performance specification, as provided in section 3306(a)(3)(B) of title 41, or an evaluation factor, as provided in section 3306(b)(1) of such title, relating to supply chain risk;

(B)the consideration of proposals for and issuance of a task or delivery order for a covered system or a covered item of supply, as provided in section 4106(d)(3) of title 41, where the task or delivery order contract concerned includes a contract clause establishing a requirement relating to supply chain risk; or

(C)any contract action involving a contract for a covered system or a covered item of supply where such contract includes a clause establishing requirements relating to supply chain risk.

(4)The term “covered procurement action” means any of the following actions, if the action takes place in the course of conducting a covered procurement:

(A)The exclusion of a source that fails to meet qualifications standards established in accordance with the requirements of section 3311 of title 41 for the purpose of reducing supply chain risk in the acquisition of covered systems.

(B)The exclusion of a source that fails to achieve an acceptable rating with regard to an evaluation factor providing for the consideration of supply chain risk in the evaluation of proposals for the award of a contract or the issuance of a task or delivery order.

(C)The decision to withhold consent for a contractor to subcontract with a particular source or to direct a contractor for a covered system to exclude a particular source from consideration for a subcontract under the contract.

(5)The term “covered system” means a national security system, as that term is defined in section 3552 of title 44.

(6)The term “supply chain risk” means the risk that an adversary may sabotage, maliciously introduce unwanted function, or otherwise subvert the design, integrity, manufacturing, production, distribution, installation, operation, or maintenance of a covered system so as to surveil, deny, disrupt, or otherwise degrade the function, use, or operation of such system.

(b)Subject to subsection (c) and in consultation with the Director of National Intelligence, the head of a covered agency may, in conducting intelligence and intelligence-related activities—

(1)carry out a covered procurement action; and

(2)limit, notwithstanding any other provision of law, in whole or in part, the disclosure of information relating to the basis for carrying out a covered procurement action.

(c)The head of a covered agency may exercise the authority provided in subsection (b) only after—

(1)any appropriate consultation with procurement or other relevant officials of the covered agency;

(2)making a determination in writing, which may be in classified form, that—

(A)use of the authority in subsection (b)(1) is necessary to protect national security by reducing supply chain risk;

(B)less intrusive measures are not reasonably available to reduce such supply chain risk; and

(C)in a case where the head of the covered agency plans to limit disclosure of information under subsection (b)(2), the risk to national security due to the disclosure of such information outweighs the risk due to not disclosing such information;

(3)notifying the Director of National Intelligence that there is a significant supply chain risk to the covered system concerned, unless the head of the covered agency making the determination is the Director of National Intelligence; and

(4)providing a notice, which may be in classified form, of the determination made under paragraph (2) to the congressional intelligence committees that includes a summary of the basis for the determination, including a discussion of less intrusive measures that were considered and why they were not reasonably available to reduce supply chain risk.

(d)The head of a covered agency may not delegate the authority provided in subsection (b) or the responsibility to make a determination under subsection (c) to an official below the level of the service acquisition executive for the agency concerned.

(e)The authority under this section is in addition to any other authority under any other provision of law. The authority under this section shall not be construed to alter or effect the exercise of any other provision of law.

(f)The requirements of this section shall take effect on the date that is 180 days after January 3, 2012, and shall apply to contracts that are awarded on or after such date.

Notes & Related Subsidiaries

Editorial Notes

Codification Section was formerly set out as a note under section 3329 of this title.

Amendments

2022—Subsec. (a)(5). Pub. L. 117–263 substituted “section 3552” for “section 3542(b)”. 2019—Subsec. (g). Pub. L. 116–92 struck out subsec. (g). Prior to amendment, text read as follows: “The authority provided in this section shall expire on the date that section 806 of the Ike Skelton National Defense Authorization Act for Fiscal Year 2011 (Public Law 111–383; 10 U.S.C. 2304 note) expires.”

Statutory Notes and Related Subsidiaries

Definitions For definitions of “intelligence community” and “congressional intelligence committees” as used in this section, see section 2 of Pub. L. 112–87, set out as a note under section 3003 of this title.

§3334e Enhanced procurement authority to manage supply chain risk