Defense Federal Acquisition Regulation Supplement: Small Business Innovation Research Program Data Rights (DFARS Case 2019-D043), 53758-53761 [2020-18641]

Agencies

• Defense Acquisition Regulations System
• DEPARTMENT OF DEFENSE

[Federal Register Volume 85, Number 169 (Monday, August 31, 2020)]
[Proposed Rules]
[Pages 53758-53761]
From the Federal Register Online via the Government Publishing Office [www.gpo.gov]
[FR Doc No: 2020-18641]


-----------------------------------------------------------------------

DEPARTMENT OF DEFENSE

Defense Acquisition Regulations System

48 CFR Parts 227 and 252

[Docket DARS-2019-0043]
RIN 0750-AK84


Defense Federal Acquisition Regulation Supplement: Small Business 
Innovation Research Program Data Rights (DFARS Case 2019-D043)

AGENCY: Defense Acquisition Regulations System, Department of Defense 
(DoD).

ACTION: Advance notice of proposed rulemaking.

-----------------------------------------------------------------------

SUMMARY: DoD is seeking information that will assist in the development 
of a revision to the Defense Federal Acquisition Regulation Supplement 
(DFARS) to implement the data rights portions of the Small Business 
Innovation Research Program and Small Business Technology Transfer 
Program Policy Directives.

DATES: Interested parties should submit written comments to the address 
shown below on or before October 30, 2020, to be considered in the 
formation of any proposed rule.

ADDRESSES: Submit written comments identified by DFARS Case 2019-D043, 
using any of the following methods:
    [cir] Federal eRulemaking Portal: https://www.regulations.gov. 
Search for ``DFARS Case 2019-D043.'' Select ``Comment Now'' and follow 
the instructions provided to submit a comment. Please include ``DFARS 
Case 2019-D043'' on any attached documents.
    [cir] Email: [email protected]. Include DFARS Case 2019-D043 in 
the subject line of the message.
    [cir] Fax: 571-372-6094.
    [cir] Mail: Defense Acquisition Regulations System, Attn: Ms. 
Jennifer D. Johnson, OUSD(A-S)DPC/DARS, Room 3B941, 3060 Defense 
Pentagon, Washington, DC 20301-3060.
    Comments received generally will be posted without change to https://www.regulations.gov, including any personal information provided. To 
confirm receipt of your comment(s), please check www.regulations.gov, 
approximately two to three days after submission to verify posting 
(except allow 30 days for posting of comments submitted by mail).

FOR FURTHER INFORMATION CONTACT: Ms. Jennifer D. Johnson, telephone 
571-372-6100.

SUPPLEMENTARY INFORMATION:

I. Background

    DoD is seeking information from experts and interested parties in 
Government and the private sector to assist in the development of a 
revision to the DFARS to implement the intellectual property (e.g., 
data rights) portions of the revised Small Business Innovation Research 
(SBIR) Program and Small Business Technology Transfer (STTR) Program 
Policy Directives. The Small Business Administration (SBA) issued a 
notice of proposed amendments to the SBIR Program and STTR Program 
policy directives, which included combining the two directives in a 
single document, on April 7, 2016, at 81 FR 20483. The final combined 
SBIR/STTR Policy Directive was published on April 2, 2019, at 84 FR 
12794, and became effective on May 2, 2019.
    The final Policy Directive includes several revisions affecting the 
data rights coverage, which require corresponding revisions to the 
DFARS. For example, the new Policy Directive:
     Establishes a single, non-extendable, 20-year SBIR/STTR 
data protection period, rather than a 4-year period that can be 
extended indefinitely;
     Grants the Government licensed use for Government purposes 
after the expiration of the SBIR/STTR data protection period, rather 
than unlimited rights;
     Establishes or revises several important definitions to 
harmonize the terminology used in the Policy Directive and the Federal 
Acquisition Regulations (FAR) and DFARS implementations, while allowing 
for agency-specific requirements (e.g., agency-specific statutes).
    In drafting these revisions, DoD also considered the 
recommendations of the Government-Industry Advisory Panel on Technical 
Data Rights (Section 813 Panel) established by section 813 of the 
National Defense Authorization Act for FY 2016. The Section 813 Panel 
addressed SBIR data rights issues in its final report at Paper 21, 
``Small Business Innovation Research (SBIR) (Flow-down to Suppliers; 
Inability to Share with Primes; Evaluation).''
    DoD also hosted a public meeting on December 20, 2019, to obtain 
the views of interested parties in accordance with the notice published 
in the Federal Register on November 25, 2019, at 84 FR 64878.

II. Discussion and Analysis

    An initial draft of the proposed revisions to the DFARS to 
implement

[[Page 53759]]

the SBA's SBIR/STTR Policy Directive is available in the Federal 
eRulemaking Portal at https://www.regulations.gov, by searching for 
``DFARS Case 2019-D043'', selecting ``Open Docket Folder'' for RIN 
0750-AK84, and viewing the ``Supporting Documents''. The strawman is 
also available at https://www.acq.osd.mil/dpap/dars/change_notices.html 
under the publication notice for DFARS Case 2019-D043. The following is 
a summary of DoD's proposed approach and the feedback DoD is seeking 
from industry and the public.
    The SBIR and STTR programs are governed by 15 U.S.C. 638, which 
includes specialized coverage regarding intellectual property developed 
under those programs. More specifically, the law requires that the SBIR 
and STTR program policy directives allow a small business concern to 
``[retain] the rights to data generated by the concern in the 
performance of an SBIR [or STTR] award for a period of not less than 4 
years'' (see 15 U.S.C. 638, paragraphs (j)(1)(B)(v), (j)(2)(A), and 
(p)(2)(B)(v)). This retention of rights applies even in cases when the 
development work is being paid for entirely at Government expense to 
meet the needs of the SBIR/STTR contract.
    In contrast, the DoD statutory and regulatory approach to 
allocating data rights in non-SBIR/STTR contracts is based primarily on 
the source of development funding for the technology (i.e., development 
of the item or process to which the technical data pertains; or 
development of the computer software). When the technology is developed 
entirely at Government expense, the Government is granted an 
``unlimited rights'' license; for development exclusively at private 
expense, the Government is granted ``limited rights'' in technical 
data, and ``restricted rights'' in computer software; and for 
development with a mix of private and Governments funds, the Government 
receives ``Government purpose rights.'' However, for certain types of 
data that generally do not contain detailed proprietary information 
that require greater protection, the Government receives unlimited 
rights regardless of the development funding (e.g., form, fit, or 
function data; data necessary for operation, maintenance, installation, 
or training (OMIT data); and computer software documentation).
    Accordingly, the implementation of the SBIR/STTR approach to 
allowing the small business to retain rights in SBIR/STTR data must 
generally function as an exception to the otherwise applicable DFARS 
approach based on development funding (see, e.g., 10 U.S.C. 
2320(a)(2)(A)). In general, this means that the small business SBIR/
STTR contractor retains greater rights (during the SBIR/STTR data 
protection period) than it otherwise would retain for technology 
developed even entirely at Government expense under the contract. The 
specific nature and scope of the retention of rights (e.g., what 
license is granted to the Government), the duration of the SBIR/STTR 
data protection period, and the Government's license rights after the 
expiration of the protection period have evolved over time, including 
important revisions in the final SBIR/STTR policy directive.

A. SBIR/STTR Data Protection Period

    The new Policy Directive revises the SBIR/STTR protection period to 
start at the award of a SBIR or STTR contract and end 20 years 
thereafter. This period cannot be extended. Previously, the policy 
directives specified that the protection period for each SBIR or STTR 
contract was 4 years. However, if any SBIR/STTR data generated under 
such a contract was also referenced and protected under a subsequent 
SBIR/STTR contract awarded prior to the expiration of the protection 
period from the earlier contract, then the protection period for that 
data was extended for an additional 4 years. There was no limit to the 
number of times the protection period could be extended under these 
circumstances, but in each case the extension only covered the portion 
of the data that was referenced and protected in the subsequent award. 
This process, whereby a SBIR or STTR award could extend the protection 
period for data originally generated under a prior SBIR or STTR 
contract, is commonly referred to as ``daisy-chaining'' the individual 
protection periods.
    The current DFARS implementation for the SBIR program provides a 5-
year protection period for SBIR data, with the protection starting at 
contract award and ending 5 years ``after the completion of the 
project.'' To implement the daisy-chaining idea allowing for extension 
of the protection period, the term ``end of the project'' is 
interpreted to mean the end of the last contract in which the relevant 
SBIR data is referenced and protected.
    The draft revisions to the DFARS implement the new protection 
period in a manner analogous to that used in the new Policy Directive 
by defining a new term, ``SBIR/STTR data protection period,'' (see 
252.227-7018(a)(22)). The new definition performs two primary 
functions. It describes the nature of the protection (i.e., the 
protection against unauthorized use and disclosure as more specifically 
set forth in the defined term ``SBIR/STTR data rights''). In addition, 
the new definition identifies when those protections start and stop 
(i.e., starting at contract award and ending 20 years after that). In 
anticipation of potential confusion regarding whether this new 20-year 
period can be extended, the draft DFARS revisions also add clarifying 
statements that ``[t]his protection period is not extended by any 
subsequent SBIR/STTR contracts under which any portion of that SBIR/
STTR data are used or delivered,'' and ``[t]he SBIR/STTR data 
protection period of any such subsequent SBIR/STTR contract applies 
only to the SBIR/STTR data that are developed or generated under that 
subsequent contract.''

B. U.S. Government Rights at Expiration of SBIR/STTR Data Protection 
Period

    The new Policy Directive provides that after the end of the SBIR/
STTR data protection period, the Government receives a license 
authorizing use and disclose of the SBIR/STTR data for U.S. Government 
purposes, but not for commercial purposes. Previously, the Government 
received unlimited rights upon expiration of the protection period. The 
draft DFARS amendments implement this change by granting the Government 
the existing defined license of ``Government purpose rights'' at the 
end of the SBIR/STTR data protection period (see draft revisions at 
252.227-7018(a)(16), (c)(2)(i)(B), and (c)(2)(ii)(B)). Additional 
revisions cover the situation in which the Government received 
Government purpose rights in non-SBIR/STTR data that was developed with 
mixed funding (see draft revisions at 252.227-7018(c)(2)(i)(A) and 
(c)(2)(ii)(A)).

C. Definitions

    The new Policy Directive added or revised definitions for several 
data rights terms, including the following: computer database, computer 
programs, computer software, computer software documentation, data, 
form fit and function data, operations maintenance installation or 
training (OMIT) data, prototype, SBIR/STTR computer software rights, 
SBIR/STTR data, SBIR/STTR data rights, SBIR/STTR protection period, 
SBIR/STTR technical data rights, technical data, and unlimited rights. 
In doing so, the SBA sought to harmonize the definitions used in the 
Policy Directive and the FAR and DFARS, while allowing the 
implementation in the FAR and DFARS to be tailored as necessary to 
incorporate agency-specific requirements (e.g., required by agency-
specific statutes). For example, the FAR

[[Page 53760]]

and DFARS both use the defined terms ``limited rights'' and 
``restricted rights'' to describe the Government's license in technical 
data and computer software, respectively, related to technology 
developed exclusively at private expense. However, due in part to DoD-
unique requirements contained in the DoD technical data statutes at 10 
U.S.C. 2320 and 2321, the DFARS defines these terms differently than 
the FAR. To recognize such differences, the Policy Directive does not 
use or define those terms, instead creating new terms that attempt to 
capture the features that are common to both the FAR and DFARS 
definitions, but allowing for agency-specific tailoring in appropriate 
circumstances.
    For example, the SBA's new defined term ``SBIR/STTR Technical Data 
Rights'' includes the authority for the Government to make a use or 
release of the data that is ``[n]ecessary to support certain narrowly-
tailored essential Government activities for which law or regulation 
permits access of a non-Government entity to a contractor's data 
developed exclusively at private expense, non-SBIR/STTR Data, such as 
for emergency repair and overhaul.'' (Policy Directive Section 3, 
definition (ii), paragraph (2)(i); see also the definition of ``SBIR/
STTR Computer Software Rights'' at paragraph (ee)(2)(ii)(B)). This 
approach allows the DFARS implementation to continue to rely on its 
existing definitions of limited rights and restricted rights, including 
in the definition of ``SBIR/STTR data rights'' at draft 252.227-
7018(a)(23).

D. Omission of Required Restrictive Markings

    The SBIR/STTR Policy Directive reinforces the absolute requirement 
to place restrictive markings on SBIR/STTR data delivered with SBIR/
STTR data rights. When data is delivered without the required 
restrictive markings, it is presumed to have been delivered with 
unlimited rights. However, the Government has, for decades, provided a 
procedure for correction of inadvertently unmarked data, at 227.7103-
10(c) and 227.7203-10(c). The draft revisions include these procedures 
in new paragraph (g)(2) in the clause at 252.227-7018.

E. Applicability and Flowdown of SBIR/STTR Clauses

    A key issue that is discussed in the Section 813 Panel's SBIR 
Paper, and reinforced in the new Policy Directive, is the need to 
clarify the applicability of the SBIR/STTR rules to all phases of those 
programs. In particular, there is concern that the appropriate SBIR/
STTR clause(s) may not be used consistently when the contracted 
activity to be covered by the SBIR or STTR rules is only occurring in 
performance of a lower-tier subcontract. In this case, the activity at 
the prime contract or higher-tier subcontract levels would not 
otherwise be treated as a SBIR or STTR project, and those contracts or 
subcontracts likely would not typically include the required SBIR/STTR 
clause(s) for flowdown purposes.
    To clarify and address the applicability and flowdown of the 
necessary SBIR/STTR clauses, the draft revisions include changes to--
    (i) Relocate and clarify the prescription for the relevant SBIR/
STTR clauses at new 227.7104-2;
    (ii) Clarify the applicability and flowdown of the data rights 
clauses at draft revised 252.227-7013(l), 252.227-7014(l), 252.227-
7015(f), and 252.227-7018(l); and
    (iii) Add a new paragraph (b), ``Applicability,'' to each of the 
primary data rights clauses to describe the scope of coverage of each 
clause at 252.227-7013(b), 252.227-7014(b), 252.227-7015(b), and 
252.227-7018(b).
    The overall intended operation of these draft revisions is to 
reinforce that contracts and subcontracts should include all of the 
appropriate data rights clauses that are necessary to allocate rights 
in all types of technical data and computer software relevant to the 
overall scope of work, and that when multiple such clauses are used, 
each clause governs only the appropriate type of technical data or 
computer software that is within scope of that clause. This approach, 
which may be referred to as ``apportionment'' of the applicable 
clause(s), is modeled after such an approach already implemented in the 
DFARS to address the applicability of the clauses at 252.227-7013 and 
252.227-7015 to technical data pertaining to commercial items for which 
the Government has paid for any portion of the development (e.g., 
227.7102-4(b) and 227.7103-6(a)).
    DoD also considered an alternative approach to addressing the scope 
and applicability of the SBIR/STTR clauses, and seeks public comment on 
this alternative. Specifically, the alternative approach would be to 
revise the scope of the primary SBIR/STTR clause at 252.227-7018 so 
that it applies ONLY to SBIR/STTR data, and does not include 
allocations of rights for any non-SBIR/STTR data. This would 
significantly streamline the clause at 252.227-7018. However, it would 
also require the incorporation and flowdown of all other clauses that 
are necessary to govern any non-SBIR/STTR data that may be delivered 
under the contract or subcontract. This approach would depart from the 
long-standing DFARS text for implementing the SBIR program rules, in 
which the primary SBIR clause is designed to cover all forms of data to 
be delivered, including non-SBIR data (e.g., data not generated under 
the SBIR contract).

F. STTR-Specific Coverage

    As noted, one element of the new Policy Directive is that it now 
covers the combination of both the SBIR Program and STTR Program. The 
DFARS coverage at 227.7104 has traditionally referenced only the SBIR 
program, and does not currently include any STTR-specific coverage. The 
draft revisions expand this coverage to address both programs by: (1) 
Adding references to STTR for coverage that applies both to SBIR and 
STTR (e.g., revising ``SBIR'' to ``SBIR/STTR''); and (2) adding new 
coverage for STTR-unique requirements. For example, the STTR Program 
requires additional activities, both preaward and postaward, for STTR 
contractors to submit information to confirm that the allocation of 
intellectual property rights between the STTR offeror/contractor and 
its partnering research institution do not conflict with the STTR 
solicitation or contract. New STTR-only definitions, regulatory, and 
provision/clause coverage is provided in the draft revisions at 
227.7104-1(c); 227.7104-2(e); new provision at 252.227-70XX; and new 
clause at 252.227-70YY.

G. Prototypes

    The new Policy Directive provides for special considerations 
regarding the handling (e.g., disclosure, reverse engineering) of 
prototypes generated under SBIR and STTR awards, to avoid effects that 
may appear to be inconsistent with the SBIR and STTR program 
objectives. The draft DFARS revisions recognize and reference this 
guidance in new 227.7104-1(e).

H. Additional Administrative or Technical Revisions

    In the course of making the foregoing revisions, additional edits 
are made to address administrative issues (e.g., citations and cross-
references) and make technical corrections, including the following:
    (1) Organization. The overall coverage for the SBIR/STTR programs 
in 227.7104 was reorganized into two subjections: 227.7104-1 for rights 
in SBIR or STTR data; and 227.7104-2 for the prescriptions for 
provisions and clauses.

[[Page 53761]]

    (2) Unlimited rights categories. The list of data types for which 
the Government receives unlimited rights in the SBIR/STTR clause at 
252.227-7014 was corrected to harmonize with the description of those 
categories throughout the DFARS (see revisions at 252.227-
7018(c)(1)(v)-(vii); compare 252.227-7013(c)(1)(vii)-(ix), 252.227-
7014(c)(1)(ii)).
    (3) Markings. The restrictive markings for SBIR/STTR data rights 
and Government purpose rights were revised to reflect the substantive 
changes.

I. Prohibition on Preaward Negotiation

    Another specialized policy exception for the SBIR/STTR programs is 
that negotiation of specialized license agreements is prohibited as a 
condition of award, and thus is generally permitted only after award 
(see Policy Directive section 8(b)(6)). The implementation of this 
limitation was included in the draft revisions published for public 
comment as an advance notice of proposed rulemaking for DFARS case 
2018-D071, Negotiation of Price for Technical Data and Preference for 
Specially Negotiated Licenses (84 FR 60988).

J. Comments Sought Regarding any Increase or Decrease in Burden and 
Costs

    In addition to seeking public comment on the substance of the draft 
DFARS revisions, DoD is also seeking information regarding any 
corresponding change in the burden, including associated costs or 
savings, resulting from contractors and subcontractors complying with 
the draft revised DFARS implementation. More specifically, DoD is 
seeking information regarding any anticipated increase or decrease in 
such burden and costs relative to the burden and costs associated with 
complying with the current DFARS implementing language.

List of Subjects in 48 CFR Parts 227 and 252

    Government procurement.

Jennifer Lee Hawes,
Regulatory Control Officer, Defense Acquisition Regulations System.
[FR Doc. 2020-18641 Filed 8-28-20; 8:45 am]
BILLING CODE 5001-06-P