Infotech and the law: DHS eases rules on using foreign nationals
The Homeland Security Department has revised its rules on whether contractors can use foreign nationals on its contracts. The new rules clarify the situations in which foreign nationals are precluded from working on DHS contracts, but they also create challenges for many contractors.
The Homeland Security Department has revised its rules on whether contractors can use foreign nationals on its contracts. The new rules clarify the situations in which foreign nationals are precluded from working on DHS contracts, but they also create challenges for many contractors.
DHS originally issued rules on contractor employment of foreign nationals in December 2003. The rules were criticized by industry as overly broad, because they included a ban on foreign nationals that could apply to an extraordinarily wide range of service providers.
The original rules also required each employee of a contractor to be a U.S. citizen or permanent resident, regardless of whether the employee was working on the DHS contract. Finally, the rules did not let DHS waive the ban on a case-by-case basis.
Responding to these concerns, DHS issued a "class deviation" to its acquisition rules Nov. 12. The class deviation, which is an interim change to the agency's procurement regulations, makes significant changes to the agency's contract clauses on employing foreign nationals.
The two affected clauses in the Homeland Security Acquisition Regulation are 3052.237-70 Qualification of Contractor Employees, and 3052.237-71 Information Technology Systems Access for Contractors. DHS said it was changing the clauses to ensure that U.S. allies have the opportunity to support homeland security initiatives.
The revised clauses fix the principal problems cited by industry in the original rules. For instance, it is now clear that the ban on foreign employees applies only to specific employees and contracts, and waiver procedures have been added to offer some flexibility for particular circumstances.
Under the new rules 3052.237-71, there is a mandatory ban on "non-U.S. citizens" accessing or assisting in development, operation, management or maintenance of DHS IT systems unless a waiver has been granted. Thus, if contractors are performing work related to DHS IT systems or have access to such systems, they cannot use non-U.S. citizens to do the work unless specifically approved through a waiver.
In addition, 3052.237-70 is a discretionary ban to be implemented on a contract-by-contract basis when DHS determines that access to sensitive information or government facilities must be limited for security reasons. If this is the case, the agency will use the alternate version of 3052.237-70, which requires "each individual employed under the contract" to be either a U.S. citizen or a permanent resident alien.
The mandatory ban on access to DHS IT systems is stricter in that it allows only U.S. citizens -- as opposed to both U.S. citizens and permanent resident aliens -- to work on the covered contract. Also, while both clauses now provide for exceptions, the waiver process for access to DHS IT systems is more rigorous and must be approved at a higher level within the agency.
Waivers for access to DHS IT systems are available only to legal permanent residents of the United States and to citizens of Ireland, Israel, the Philippines and other allied nations. There also must be a compelling reason for using a foreign national instead of a U.S. citizen, the waiver must be in the best interest of the government, and the foreign national must pass a background check.
Overall, the new clauses are an improvement from industry's perspective, because they limit the situations in which foreign nationals may be kept from working on DHS contracts. Nonetheless, as an apparently permanent part of the post-Sept. 11 landscape, they are a continuing concern for many contractors.
Eliza Nagle is an associate in the government contracts practice of DLA Piper Rudnick Gray Cary LLP in Washington. Her e-mail address is eliza.nagle@ dlapiper.com.
NEXT STORY: Parks want incident management