Skip to Content

Rule

Federal Acquisition Regulation; Use of Products and Services of Kaspersky Lab

Comments on this document are being accepted at Regulations.gov. Submit a formal comment

Document Details

Information about this document as published in the Federal Register.

Published Document

This document has been published in the Federal Register. Use the PDF linked in the document sidebar for the official electronic format.

Start Preamble Start Printed Page 28141

AGENCY:

Department of Defense (DoD), General Services Administration (GSA), and National Aeronautics and Space Administration (NASA).

ACTION:

Interim rule.

SUMMARY:

DoD, GSA, and NASA are issuing an interim rule amending the Federal Acquisition Regulation (FAR) to implement a section of the National Defense Authorization Act for Fiscal Year 2018.

DATES:

Effective Date: July 16, 2018.

Applicability Dates:

• Contracting officers shall include the clause at FAR 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab or Other Covered Entities—

• In solicitations issued on or after July 16, 2018, and resultant contracts; and

• In solicitations issued before July 16, 2018, provided award of the resulting contract(s) occurs on or after July 16, 2018.

  • Contracting officers shall modify, in accordance with FAR 1.108(d)(3), existing indefinite-delivery contracts to include the FAR clause for future orders, prior to placing any further orders on or after July 16, 2018.
  • If modifying an existing contract to extend the period of performance by more than 6 months, contracting officers should include the clause in accordance with 1.108(d).

Comment Date: Interested parties should submit written comments to the Regulatory Secretariat on or before August 14, 2018 to be considered in the formulation of a final rule.

ADDRESSES:

Submit comments identified by FAC 2005-99, FAR Case 2018-010, by any of the following methods:

  • Regulations.gov: http://www.regulations.gov. Submit comments via the Federal eRulemaking portal by searching for “FAR Case 2018-010”. Select the link “Submit a Comment” that corresponds with “FAR Case 2018-010.” Follow the instructions provided at the “Submit a Comment” screen. Please include your name, company name (if any), and “FAR Case 2018-010” on your attached document.
  • Mail: General Services Administration, Regulatory Secretariat (MVCB), ATTN: Lois Mandell, 1800 F Street NW, 2nd Floor, Washington, DC 20405-0001.

Instructions: Please submit comments only and cite FAC 2005-99, FAR Case 2018-010, in all correspondence related to this case. All comments received will be posted without change to http://www.regulations.gov, including any personal and/or business confidential information provided.

Start Further Info

FOR FURTHER INFORMATION CONTACT:

Ms. Camara Francis, Procurement Analyst, at 202-550-0935, for clarification of content. For information pertaining to status or publication schedules, contact the Regulatory Secretariat at 202-501-4755. Please cite FAC 2005-99, FAR Case 2018-010.

End Further Info End Preamble Start Supplemental Information

SUPPLEMENTARY INFORMATION:

I. Background

This interim rule revises the FAR to implement section 1634 of Division A of the National Defense Authorization Act (NDAA) for Fiscal Year (FY) 2018 (Pub. L. 115-91). Section 1634 of this law prohibits the use of hardware, software, and services of Kaspersky Lab and its related entities by the Federal Government on or after October 1, 2018.

Implementation of this rule in the FAR should not impact or impair any other planned or ongoing efforts agencies may undertake to implement section 1634 of Division A of the NDAA for FY 2018, including consideration by agencies of the presence of hardware, software, or services developed or provided by Kaspersky Lab as a technical evaluation factor in the source selection process.

II. Discussion and Analysis

This rule amends FAR part 4, adding a new subpart 4.20, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab, with a corresponding new contract clause at 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities. The rule also adds text in subpart 13.2, Actions at or Below the Micro-Purchase Threshold, to address section 1634 with regard to micro-purchases.

To implement section 1634, the clause at 52.204-23 prohibits contractors from providing any hardware, software, or services developed or provided by Kaspersky Lab or its related entities, or using any such hardware, software, or services in the development of data or deliverables first produced in the performance of the contract. The contractor must also report any such hardware, software, or services discovered during contract performance; this requirement flows down to subcontractors. For clarity, the rule defines “covered entity” and “covered article.” A covered entity includes the entities described in section 1634. A covered article includes hardware, software, or services that the Federal Government will use on or after October 1, 2018.

As the Government considers additional actions to implement section 1634, DoD, GSA, and NASA especially welcome input on steps that the Government could take to better identify and reduce the burden on contractors related to identifying covered articles. For example:

  • Is the prohibition scoped appropriately to protect the Government by including situations in which covered articles may be used in the development of data or deliverables first produced during contract performance, for example, under a systems development contract?
  • Are the Government's analysis and estimates in sections VI and VII, including the estimate that 5 percent of contractors would be required to submit reports in accordance with the clause, reasonable? How could these estimates be improved?
  • If the Government were to consider establishing a list to publicly share information regarding products identified as meeting the definition of a covered article (i.e., excluded products), including those offered by third parties:

• What protocols should the Government apply prior to placing a product on the excluded list (e.g., who should be reaching out, and to whom)?

• Should different protocols apply depending on whether the product is made by the original equipment manufacturer, sold by a reseller, or customized by a firm?

• When is it appropriate to leave a product on the excluded list indefinitely (e.g., to provide notice for those who have previously acquired the product)?

• Are there steps that the Government can take to avoid inappropriately affecting the producer's interests (e.g., allowing the firm to demonstrate that there is a new version Start Printed Page 28142of the product that is free from concern and annotating the list accordingly)?

III. Applicability to Contracts at or Below the Simplified Acquisition Threshold and for Commercial Items, Including Commercially Available Off-the-Shelf Items

This rule adds a new contract clause at 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities, in order to implement section 1634 of the NDAA for FY 2018. Section 1634 of this law prohibits the use of hardware, software, and services developed or provided by Kaspersky Lab and related entities by the Federal Government on or after October 1, 2018.

A. Applicability to Contracts at or Below the Simplified Acquisition Threshold

41 U.S.C. 1905 governs the applicability of laws to acquisitions at or below the simplified acquisition threshold (SAT). Section 1905 generally limits the applicability of new laws when agencies are making acquisitions at or below the SAT, but provides that such acquisitions will not be exempt from a provision of law if: (i) The law contains criminal or civil penalties; (ii) the law specifically refers to 41 U.S.C. 1905 and states that the law applies to contracts and subcontracts in amounts not greater than the SAT; or (iii) the FAR Council makes a written determination and finding that it would not be in the best interest of the Federal Government to exempt contracts and subcontracts in amounts not greater than the SAT from the provision of law.

B. Applicability to Contracts for the Acquisition of Commercial Items, Including Commercially Available Off-the-Shelf Items

41 U.S.C. 1906 governs the applicability of laws to contracts for the acquisition of commercial items, and is intended to limit the applicability of laws to contracts for the acquisition of commercial items. Section 1906 provides that if a provision of law contains criminal or civil penalties, or if the FAR Council makes a written determination that it is not in the best interest of the Federal Government to exempt commercial item contracts, the provision of law will apply to contracts for the acquisition of commercial items.

Finally, 41 U.S.C. 1907 states that acquisitions of commercially available off-the-shelf (COTS) items will be exempt from a provision of law unless the law (i) contains criminal or civil penalties; (ii) specifically refers to 41 U.S.C. 1907 and states that the law applies to acquisitions of COTS items; (iii) concerns authorities or responsibilities under the Small Business Act (15 U.S.C. 644) or bid protest procedures developed under the authority of 31 U.S.C. 3551 et seq., 10 U.S.C. 2305(e) and (f), or 41 U.S.C. 3706 and 3707; or (iv) the Administrator for Federal Procurement Policy makes a written determination and finding that it would not be in the best interest of the Federal Government to exempt contracts for the procurement of COTS items from the provision of law.

C. Determinations

The FAR Council has determined that it is in the best interest of the Government to apply the rule to contracts at or below the SAT and for the acquisition of commercial items. The Administrator for Federal Procurement Policy has determined that it is in the best interest of the Government to apply this rule to contracts for the acquisition of COTS items.

While the law does not specifically address acquisitions of commercial items, including COTS items, there is an unacceptable level of risk for the Government in buying hardware, software, or services developed or provided in whole or in part by Kaspersky Lab. This level of risk is not alleviated by the fact that the item being acquired has been sold or offered for sale to the general public, either in the same form or a modified form as sold to the Government (i.e., that it is a commercial item or COTS item), nor by the small size of the purchase (i.e., at or below the SAT). As a result, agencies may face increased exposure for violating the law and unknowingly acquiring a covered article absent coverage of these types of acquisitions by this rule.

IV. Executive Orders 12866 and 13563

Executive Orders (E.O.s) 12866 and 13563 direct agencies to assess all costs and benefits of available regulatory alternatives and, if regulation is necessary, to select regulatory approaches that maximize net benefits (including potential economic, environmental, public health and safety effects, distributive impacts, and equity). E.O. 13563 emphasizes the importance of quantifying both costs and benefits, of reducing costs, of harmonizing rules, and of promoting flexibility. This rule has been designated a “significant regulatory action” under Executive Order 12866. Accordingly, the Office of Management and Budget (OMB) has reviewed this rule. This rule is not a major rule under 5 U.S.C. 804.

V. Executive Order 13771

This rule is not subject to the requirements of E.O. 13771 because the rule is issued with respect to a national security function of the United States.

VI. Regulatory Flexibility Act

The change may have a significant economic impact on a substantial number of small entities within the meaning of the Regulatory Flexibility Act 5 U.S.C. 601 et seq. The Initial Regulatory Flexibility Analysis (IRFA) is summarized as follows:

The objective of the rule is to prescribe appropriate policies and procedures to enable agencies to determine and ensure that they are not purchasing products and services of Kaspersky Lab and its related entities for use by the Government on or after October 1, 2018. The legal basis for the rule is section 1634 of the NDAA for FY 2018, which prohibits Government use of such products on or after that date.

Data from the Federal Procurement Data System (FPDS) for FY 2017 has been used as the basis for estimating the number of contractors that may be affected by this rule. Approximately 97,632 unique entities received new awards in Fiscal Year (FY) 2017. Of these entities, 72,447 (74 percent) unique small entities received awards during 2017. It is estimated that the reports required by this rule will be submitted by 5 percent of contractors, or 3,623 small entities.

The rule requires contractors and subcontractors that are subject to the clause to report to the contracting officer, or for DoD, to the website listed in the clause, any discovery of a covered article during the course of contract performance.

The rule does not duplicate, overlap, or conflict with any other Federal rules.

Because of the nature of the prohibition enacted by section 1634, it is not possible to establish different compliance or reporting requirements or timetables that take into account the resources available to small entities or to exempt small entities from coverage of the rule, or any part thereof. DoD, GSA, and NASA were unable to identify any alternatives that would reduce the burden on small entities and still meet the objectives of section 1634.

The Regulatory Secretariat has submitted a copy of the IRFA to the Chief Counsel for Advocacy of the Small Business Administration. A copy of the IRFA may be obtained from the Regulatory Secretariat. DoD, GSA, and NASA invite comments from small business concerns and other interested parties on the expected impact of this rule on small entities.

DoD, GSA, and NASA will also consider comments from small entities concerning the existing regulations in subparts affected by this rule in accordance with 5 U.S.C. 610. Interested Start Printed Page 28143parties must submit such comments separately and should cite 5 U.S.C. 610 (FAR Case 2018-010) in correspondence.

VII. Paperwork Reduction Act

The Paperwork Reduction Act of 1995 (44 U.S.C. 3501 et seq.) (PRA) provides that an agency generally cannot conduct or sponsor a collection of information, and no person is required to respond to nor be subject to a penalty for failure to comply with a collection of information, unless that collection has obtained Office of Management and Budget (OMB) approval and displays a currently valid OMB Control Number.

DoD, GSA, and NASA requested and OMB authorized emergency processing of an information collection involved in this rule, as OMB Control Number 9000-0197, consistent with 5 CFR 1320.13. DoD, GSA, and NASA have determined the following conditions have been met:

a. The collection of information is needed prior to the expiration of time periods normally associated with a routine submission for review under the provisions of the Paperwork Reduction Act, in view of the deadline for this provision of the NDAA which was signed into law in December 2017 and requires action before the prohibition goes into effect on October 1, 2018.

b. The collection of information is essential to the mission of the agencies to ensure the Federal Government does not purchase prohibited articles, and can respond appropriately if any such articles are not identified until after delivery or use.

c. The use of normal clearance procedures would prevent the collection of information from contractors, for national security purposes, as discussed in section VIII of this preamble.

Passage of the omnibus appropriations bill and the availability of additional funding for FY 18 has increased agency purchasing activity, and the information to be collected is necessary to ensure that this purchasing is done responsibly and consistent with national security.

Moreover, DoD, GSA, and NASA cannot comply with the normal clearance procedures because public harm is reasonably likely to result if current clearance procedures are followed. Not only would agencies be more likely to purchase and install prohibited items, but even if such items were identified prior to the October 1 date, agencies would incur substantial additional costs replacing such items, as well as additional administrative costs for reprocurement.

DoD, GSA, and NASA intend to provide separate 60-day notice in the Federal Register requesting public comment on the information collection contained within this rule.

Agency: DoD, GSA, and NASA.

Type of Information Collection: New Collection.

Title of Collection: Use of Products and Services of Kaspersky Lab.

Affected Public: Private Sector—Business.

Total Estimated Number of Respondents: 4,882.

Average Responses per Respondents: 5.

Total Estimated Number of Responses: 24,410.

Average Time per Response: 1.5 hour.

Total Annual Time Burden: 36,615.

OMB Control Number: 9000-0197.

The public reporting burden for this collection of information consists of reports of identified covered articles during contract performance as required by 52.204-23. Reports are estimated to average 1.5 hour per response, including the time for reviewing definitions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the report.

The subsequent 60-day notice published by DoD, GSA, and NASA will invite public comments.

VIII. Determination To Issue an Interim Rule

A determination has been made under the authority of the Secretary of Defense (DoD), Administrator of General Services (GSA), and the Administrator of the National Aeronautics and Space Administration (NASA) that urgent and compelling reasons exist to promulgate this interim rule without prior opportunity for public comment. It is critical that the FAR is immediately revised to include the requirements of the law, which prohibits the Federal Government from using hardware, software, or services of Kaspersky Lab and its related entities on or after October 1, 2018.

Although this prohibition does not apply until October 1, 2018, agencies and contractors must begin to take steps immediately to meet this deadline. In this regard, covered articles include hardware, software, and services acquired before October 1, 2018, that the Federal Government will use on or after October 1, 2018. Because so many IT products and services are used for more than a few months, it is critical that contractors be placed on notice as soon as possible of this prohibition so that agencies can ensure that they comply with the law and avoid acquisitions of covered articles that the Government will continue to use on or after October 1, 2018. Pursuant to 41 U.S.C. 1707 and FAR 1.501-3(b), DoD, GSA, and NASA will consider public comments received in response to this interim rule in the formation of the final rule.

Start List of Subjects

List of Subject in 48 CFR Parts 1, 4, 13, 39, and 52

  • Government procurement
End List of Subjects Start Signature

Dated: June 7, 2018.

William F. Clark,

Director, Office of Governmentwide Acquisition Policy, Office of Acquisition Policy, Office of Governmentwide Policy.

End Signature

Therefore, DoD, GSA, and NASA amend 48 CFR parts 1, 4, 13, 39, and 52 as set forth below:

Start Amendment Part

1. The authority citation for 48 CFR parts 1, 4, 13, 39, and 52 continues to read as follows:

End Amendment Part Start Authority

Authority: 40 U.S.C. 121(c); 10 U.S.C. chapter 137; and 51 U.S.C. 20113.

End Authority Start Part

PART 1—FEDERAL ACQUISITION REGULATIONS SYSTEM

[Amended]
End Part Start Amendment Part

2. Amend section 1.106 by adding to the table, in numerical sequence, FAR segment “52.204-23” and its corresponding OMB control number “9000-0197”.

End Amendment Part Start Part

PART 4—ADMINISTRATIVE MATTERS

End Part Start Amendment Part

3. Add subpart 4.20 to read as follows:

End Amendment Part

SUBPART 4.20—PROHIBITION ON CONTRACTING FOR HARDWARE, SOFTWARE, AND SERVICES DEVELOPED OR PROVIDED BY KASPERSKY LAB

4.2001
Definitions.
4.2002
Prohibition.
4.2003
Notification.
4.2004
Contract clause.

SUBPART 4.20—PROHIBITION ON CONTRACTING FOR HARDWARE, SOFTWARE, AND SERVICES DEVELOPED OR PROVIDED BY KASPERSKY LAB

Definitions

As used in this subpart—

Covered article means any hardware, software, or service that—

(1) Is developed or provided by a covered entity;

(2) Includes any hardware, software, or service developed or provided in whole or in part by a covered entity; or

(3) Contains components using any hardware or software developed in whole or in part by a covered entity.

Covered entity means—Start Printed Page 28144

(1) Kaspersky Lab;

(2) Any successor entity to Kaspersky Lab;

(3) Any entity that controls, is controlled by, or is under common control with Kaspersky Lab; or

(4) Any entity of which Kaspersky Lab has a majority ownership.

Prohibition.

Section 1634 of Division A of the National Defense Authorization Act for Fiscal Year 2018 (Pub. L. 115-91) prohibits Government use on or after October 1, 2018, of any hardware, software, or services developed or provided, in whole or in part, by a covered entity. Contractors are prohibited from—

(a) Providing any covered article that the Government will use on or after October 1, 2018; and

(b) Using any covered article on or after October 1, 2018, in the development of data or deliverables first produced in the performance of the contract.

Notification.

When a contractor provides notification pursuant to 52.204-23, follow agency procedures.

Contract clause.

The contracting officer shall insert the clause at 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities, in all solicitations and contracts.

Start Part

PART 13—SIMPLIFIED ACQUISITION PROCEDURES

End Part Start Amendment Part

4. Amend section 13.201 by adding paragraph (i) to read as follows:

End Amendment Part
General.
* * * * *

(i) Do not purchase any hardware, software, or services developed or provided by Kaspersky Lab that the Government will use on or after October 1, 2018. (See 4.2002.)

Start Part

PART 39—ACQUISITION OF INFORMATION TECHNOLOGY

End Part Start Amendment Part

5. Amend section 39.101 by adding paragraph (e) to read as follows:

End Amendment Part
Policy.
* * * * *

(e) Contracting officers shall not purchase any hardware, software, or services developed or provided by Kaspersky Lab that the Government will use on or after October 1, 2018. (See 4.2002.)

Start Part

PART 52—SOLICITATION PROVISIONS AND CONTRACT CLAUSES

End Part Start Amendment Part

6. Add section 52.204-23 to read as follows:

End Amendment Part
Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities.

As prescribed in 4.2004, insert the following clause:

Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities (Jul 2018)

(a) Definitions. As used in this clause—

Covered article means any hardware, software, or service that—

(1) Is developed or provided by a covered entity;

(2) Includes any hardware, software, or service developed or provided in whole or in part by a covered entity; or

(3) Contains components using any hardware or software developed in whole or in part by a covered entity.

Covered entity means—

(1) Kaspersky Lab;

(2) Any successor entity to Kaspersky Lab;

(3) Any entity that controls, is controlled by, or is under common control with Kaspersky Lab; or

(4) Any entity of which Kaspersky Lab has a majority ownership.

(b) Prohibition. Section 1634 of Division A of the National Defense Authorization Act for Fiscal Year 2018 (Pub. L. 115-91) prohibits Government use of any covered article. The Contractor is prohibited from—

(1) Providing any covered article that the Government will use on or after October 1, 2018; and

(2) Using any covered article on or after October 1, 2018, in the development of data or deliverables first produced in the performance of the contract.

(c) Reporting requirement. (1) In the event the Contractor identifies a covered article provided to the Government during contract performance, or the Contractor is notified of such by a subcontractor at any tier or any other source, the Contractor shall report, in writing, to the Contracting Officer or, in the case of the Department of Defense, to the website at https://dibnet.dod.mil. For indefinite delivery contracts, the Contractor shall report to the Contracting Officer for the indefinite delivery contract and the Contracting Officer(s) for any affected order or, in the case of the Department of Defense, identify both the indefinite delivery contract and any affected orders in the report provided at https://dibnet.dod.mil.

(2) The Contractor shall report the following information pursuant to paragraph (c)(1) of this clause:

(i) Within 1 business day from the date of such identification or notification: The contract number; the order number(s), if applicable; supplier name; brand; model number (Original Equipment Manufacturer (OEM) number, manufacturer part number, or wholesaler number); item description; and any readily available information about mitigation actions undertaken or recommended.

(ii) Within 10 business days of submitting the report pursuant to paragraph (c)(1) of this clause: Any further available information about mitigation actions undertaken or recommended. In addition, the Contractor shall describe the efforts it undertook to prevent use or submission of a covered article, any reasons that led to the use or submission of the covered article, and any additional efforts that will be incorporated to prevent future use or submission of covered articles.

(d) Subcontracts. The Contractor shall insert the substance of this clause, including this paragraph (d), in all subcontracts, including subcontracts for the acquisition of commercial items.

(End of clause)

Start Amendment Part

7. Amend section 52.212-5 by—

End Amendment Part Start Amendment Part

a. Revising the date of the clause;

End Amendment Part Start Amendment Part

b. Redesignating paragraphs (a)(2) through (4) as paragraphs (a)(3) through (5), respectively, and adding a new paragraph (a)(2);

End Amendment Part Start Amendment Part

c. Redesignating paragraphs (e)(1)(iii) through (xxi) as paragraphs (e)(1)(iv) through (xxii), respectively, and adding a new paragraph (e)(1)(iii); and

End Amendment Part Start Amendment Part

d. In Alternate II:

End Amendment Part Start Amendment Part

i. Revising the date of the alternate; and

End Amendment Part Start Amendment Part

ii. Redesignating paragraphs (e)(1)(ii)(C) through (S) as paragraphs (e)(1)(ii)(D) through (T), respectively, and adding a new paragraph (e)(1)(ii)(C).

End Amendment Part

The revisions and additions read as follows:

Contract Terms and Conditions Required To Implement Statutes or Executive Orders—Commercial Items.
* * * * *

Contract Terms and Conditions Required To Implement Statutes or Executive Orders—Commercial Items (Jul 2018)

* * * * *

(a) * * *

____ (2) 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities (Jul 2018) (Section 1634 of Pub. L. 115-91).

* * * * *

(e)(1) * * *

(iii) 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities (Jul 2018) (Section 1634 of Pub. L. 115-91).

* * * * *

Alternate II (Jul 2018). * * *

* * * * *

(e)(1) * * *

(ii) * * *

(C) 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Start Printed Page 28145Developed or Provided by Kaspersky Lab and Other Covered Entities (Jul 2018) (Section 1634 of Pub. L. 115-91).

* * * * *
Start Amendment Part

8. Amend section 52.213-4 by—

End Amendment Part Start Amendment Part

a. Revising the date of the clause; and

End Amendment Part Start Amendment Part

b. Redesignating paragraphs (a)(1)(ii) through (vii) as paragraphs (a)(1)(iii) through (viii), respectively, and adding a new paragraph (a)(1)(ii).

End Amendment Part

The revision and addition read as follows:

Terms and Conditions—Simplified Acquisitions (Other Than Commercial Items).
* * * * *

Terms and Conditions—Simplified Acquisitions (Other than Commercial Items) (Jul 2018)

(a) * * *

(1) * * *

(ii) 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities (Jul 2018) (Section 1634 of Pub. L. 115-91).

* * * * *
Start Amendment Part

9. Amend section 52.244-6 by—

End Amendment Part Start Amendment Part

a. Revising the date of the clause;

End Amendment Part Start Amendment Part

b. Redesignating paragraphs (c)(1)(iv) through (xviii) as paragraphs (c)(1)(v) through (xix), respectively, and adding a new paragraph (c)(1)(iv).

End Amendment Part

The revision and addition read as follows:

Subcontracts for Commercial Items.
* * * * *

Subcontracts for Commercial Items (Jul 2018)

* * * * *

(c)(1) * * *

(iv) 52.204-23, Prohibition on Contracting for Hardware, Software, and Services Developed or Provided by Kaspersky Lab and Other Covered Entities (Jul 2018) (Section 1634 of Pub. L. 115-91).

* * * * *
End Supplemental Information

[FR Doc. 2018-12847 Filed 6-14-18; 8:45 am]

BILLING CODE 6820-EP-P