On Friday, November 22, 2019, the Federal Acquisition Regulatory (FAR) Council published a long-awaited final rule expanding the requirement to report counterfeit electronic parts in their supply chains. This requirement, previously applicable to defense contractors, will now apply to all U.S. federal contractors and require them to report to the Government-Industry Data Exchange Program (GIDEP) any counterfeit or potentially counterfeit parts used in “complex items with critical applications,” as well as nonconforming parts that do not meet contractual specifications. GIDEP is a widely available federal database, and the FAR Council believes that this mandatory reporting to the GIDEP will allow contractors to share knowledge of counterfeits and critical nonconformance. This, in turn, should reduce the risk of counterfeits from penetrating procurement supply chains.
Cybersecurity, Privacy, & AI
Trending Now
Agriculture Department Kicks Off $300M Palantir Deal on IT, National Security Work • Vercel Attack Fallout Expands to More Customers and Third-Party Systems • Seeing the Cyber in Economic Statecraft • Responding to a Data Breach: How to Preserve the Attorney-Client Privilege • NIST Cyber Center to Launch OT ‘Visibility’ Project
Fake Parts Remain in Focus: FAR Council Expands Counterfeit Reporting Rules
Stay compliant and protected with daily updates on cybersecurity, data privacy, and federal oversight with our Cyber & Privacy newsletter, delivering up-to-the-minute intelligence Monday–Saturday — Subscribe here.