Last week, it was reported that the Central Intelligence Agency (CIA) is planning a new procurement vehicle that would significantly expand its cloud infrastructure. Known as the Commercial Cloud Enterprise, or C2E, the new vehicle will leverage a multi-vendor strategy to provide tens of billions of dollars in enterprise-wide support to the intelligence community. A Request for Information (RFI) for the new vehicle is expected to be released by May 2019, with awards anticipated by no later than July 2021.
The C2E vehicle is a game changer. Indeed, the CIA’s decision to adapt a multiple-award strategy for its new cloud computing vehicle affords the intelligence community an excellent opportunity to increase its access to innovative solutions, to maximize competition, and to reduce performance and national security risks. In addition, the approach brings increased contract flexibility that will help the CIA meet its mission requirements with best-value solutions.
Interestingly, the CIA’s decision stands in sharp contrast to the Department of Defense’s (DoD) decision to pursue a single-award strategy for its $10 billion Joint Enterprise Defense Initiative (JEDI) cloud vehicle. As many of you may recall, the JEDI procurement has been the subject of significant controversy. Indeed, last year, the Coalition, among others, raised many significant concerns with DoD’s approach to cloud as described under the JEDI vehicle, including, but not limited to:
- The lack of guidance provided by DoD as part of its evaluation criteria related to how it will assess and value technical capabilities;
- The long-term, negative impact associated with a single-award strategy as it relates to agency access to competition and innovation from the commercial market place; and
- The creation of barriers to entry for new, emerging technologies and/or capabilities.
In addition, since that time, litigation and investigation have dogged the JEDI procurement, both of which, have included concerns about the use of single award and allegations of possible conflicts of interest that may have improperly influenced DoD’s overall approach to the procurement. Putting aside the allegations of conflict of interest, the Coalition believes the reported approach of the CIA justifies reconsideration of the policy concerns articulated around a single-award cloud solution. Indeed, one might argue that such reconsideration is mandated by the fact that the CIA is considering this approach after having lived with a single cloud environment.
10 U.S.C. 2304a authorizes the Department to award single or multiple task or delivery contracts and provides that the implementing regulations must, “establish a preference for awarding, to the maximum extent practicable, multiple task or delivery order contracts…and establish criteria for determining when award of multiple task or delivery order contracts would not be in the best interest of the Federal Government.”[1] We believe that the balance struck by the statute is appropriate. By allowing a modicum of flexibility to make a single award, it recognizes that agency missions may dictate a single award approach, but it articulates a preference for multiple awards, consistent with commercial practices.
The Coalition continues to believe that a single award approach is asynchronous to normal commercial/organizational buying practice and, because it represents a single channel of attack, raises concerns about potential risks to national security. Further, given the nature of cloud technology innovation and its rapid evolution, a virtually monopolistic award could lock the government market for cloud services. In this regard, we are reminded of DoD CIO Dana Deasy’s testimony last year that, “In a cloud world, there is no such thing as one solution that’s going to solve for all.” Moreover, rather than expediting access to innovative technology, reduced competition ultimately could impede the Government’s access to that technology
The CIA’s reported approach is an interesting development, for that agency and for DoD. Under these circumstances, and in light of the atmospherics surrounding the JEDI procurement, the Coalition believes now might be the time for DoD to institute a pause on the current JEDI acquisition strategy, to reach out to stakeholders in government and industry, and to assess the viability of its current path to enterprise cloud. Further, the Department should consider reviewing the CIA’s new C2E vehicle to identify strategies that embrace continuous competition, transparency, and innovation. To this end, the Coalition and its members stand ready to work with DoD on this important and vital effort.
[1] It should be noted that 10 USC 2304a was amended by Section 816 of the John S. McCain FY2019 National Defense Authorization Act. The purportedly clarifying language states that award to a single source in contracts over $100M could not be made without a written determination that the task and delivery orders are so integrally related that only a single source could “efficiently,” instead of “reasonably” (in the original statute), perform the work. It is not clear exactly what this language change achieves, and the legislative history provides little guidance, but it does not detract from the point that a single award determination is not one to be considered lightly.