4.2001
Definitions
FAR 4.2001 defines what constitutes a Kaspersky Lab covered article and entity, forming the foundation for compliance with the government-wide prohibition on contracting for such products or services.
Overview
FAR 4.2001 provides definitions critical to understanding and complying with the prohibition on contracting for hardware, software, and services developed or provided by Kaspersky Lab and related entities. This section clarifies what constitutes a "Kaspersky Lab covered article" and a "Kaspersky Lab covered entity," forming the basis for compliance with Subpart 4.20. These definitions are essential for determining whether a product or service is subject to the prohibition, ensuring that government contractors and contracting officers avoid procurement of restricted items.
Key Rules
- Kaspersky Lab Covered Article
- Any hardware, software, or service developed or provided by Kaspersky Lab or related entities, including items that contain components from such entities, is considered a covered article and is subject to prohibition.
- Kaspersky Lab Covered Entity
- This includes Kaspersky Lab itself, any successor or renamed entity, entities controlling or controlled by Kaspersky Lab, and entities in which Kaspersky Lab has majority ownership.
Responsibilities
- Contracting Officers: Must ensure that no contracts are awarded for covered articles as defined, and must verify the origin of hardware, software, and services.
- Contractors: Must review supply chains and certify that no covered articles or components are included in deliverables.
- Agencies: Should provide oversight and guidance to ensure compliance with the prohibition.
Practical Implications
- This section exists to prevent the introduction of potentially compromised technology into government systems.
- Contractors must conduct due diligence on their products and supply chains to avoid prohibited items.
- Failure to comply can result in contract termination, penalties, or debarment.