Procurement contracts are increasingly used in both Canada and the United States (US), particularly with respect to technological services. Federal procurement expenditures for Canada amount to an average of $22 billion CDN in goods and services annually. Further, the US typically awards $500 US billion in contracts annually, with Canadian companies actively participating in that market.

Government contracting with respect to technological services, such as cloud computing, provide a unique situation with respect to how proposals are submitted and structured for cloud services. It is important to consider what additional risks may be present even at this early stage when it comes to cloud computing services.

Canadian cloud strategy 

Canada has taken active steps as a digital services leader towards improving the procurement criteria for government use of cloud computing. The Government of Canada has adopted a cloud-first strategy in which the preferred option for delivering IT services is through cloud services and the preferred choice for cloud deployment is the public cloud.

Canadian government procurement, including technology procurement, is governed by the Standard Acquisition Clauses and Conditions (SACC) Manual which sets out the Government of Canada's standard procurement clauses and contractual provisions. A federal government request for proposal (RFP) can further incorporate by reference specific provisions forming part of the SACC Manual. Similarly, in the US, the Federal Acquisition Regulation System, consisting of the Federal Acquisition Regulation (FAR) and agency regulations that supplement the FAR, are applicable to procurements by US government agencies. FAR clauses are similarly incorporated by reference into RFPs and related documents. 

Technology vendors will want to be especially mindful about provisions related to intellectual property ownership which are oftentimes incorporated by reference into RFP documents. In addition, as cloud service security is a key concern, the RFP and related documents will often impose standards that vendors must abide by. The Canadian approach to security currently mirrors key standards set by the United States. For example, current information technology security risk management guidance has been taken through the Communication Security Establishment and the United States National Institute of Standards and Technology (NIST).  

In addition, a number of government agencies both in Canada and the US are adopting agile procurement processes. Previously, pricing for the whole project was typically set at the outset, subject only to scope change. In contrast, agile procurements follow a less documented process whereby the government agency's needs, rather than being known upfront (e.g., through a detailed specification), are generally explored and updated as the process progresses through iterative cycles.   

While there is a clear desire for increased participation for cloud computing services, it is clear the technical requirements and complexity of the work can present challenges to ensuring a successful bid.

Competitive risks in the technology procurement process

The complexity of the work involved requires that vendors scrutinize both the procedural and technical aspects of the contracting relationship. An emerging risk, given the large dollar value of government technology contracts and the shift to agile (and faster) contracting processes, is that an unsuccessful bidder disputes the competitiveness of the successful bidder in the bid process.

  • Fair and equal treatment. Vendors in the Canadian landscape can benefit from a history of jurisprudence governing procurement which promotes competition. Canada's approach to procurement clarifies that Canadian suppliers have the right to demand equal and fair treatment through the procurement process. This does not mean operational requirements must be reduced or altered, but the law does ensure that if there is a competition for services, the requirements for the service must ensure competition can take place and the process is fair.
  • Flexible terms. While this landscape can provide comfort amongst competitors, technology contracting does carry added burdens in terms of the flexibility of the bidding language and parameters. Both vendors and customers need to ensure a contract clearly stipulates the parameters around which the work is to be done, particularly when dealing with the feasibility of a cloud or other technology service in respect of a price scenario.
  • Operational feasibility. As the security requirements for handling government data are significant, for vendors this means that a cloud processing service, whether through software, platforms or infrastructure, needs to meet and maintain security settings throughout at any given price which would affect the level of liability a vendor takes on. This may also present a risk of future claims or challenges in the event that operational feasibility is overstated. 

From the government customer's perspective, it needs to ensure a bid is compliant and thoroughly vetted. It also needs to ensure its own requirements for a service are clearly stated. If this is not ensured, Canada's legal landscape for procurement may present risks of claims or challenges that competition was not properly established and non-compliant bids were overlooked.

In an arena of equal treatment for bidders and standardized requirements for cloud computing services, substantive detail in the early bidding stages does not only affect the competitiveness of a bid. Vendors need to ensure specificity and accuracy dominate their pricing and feasibility scenarios even at the early stage. Not doing so risks presenting a vendor's bid as inferior (and therefore subject to an easier challenge) and a customer as offside the common law requirement of fair competition. 

Originally published June 12, 2020


About Norton Rose Fulbright Canada LLP

Norton Rose Fulbright is a global law firm. We provide the world's preeminent corporations and financial institutions with a full business law service. We have 3800 lawyers and other legal staff based in more than 50 cities across Europe, the United States, Canada, Latin America, Asia, Australia, Africa, the Middle East and Central Asia.

Recognized for our industry focus, we are strong across all the key industry sectors: financial institutions; energy; infrastructure, mining and commodities; transport; technology and innovation; and life sciences and healthcare.

Wherever we are, we operate in accordance with our global business principles of quality, unity and integrity. We aim to provide the highest possible standard of legal service in each of our offices and to maintain that level of quality at every point of contact.

For more information about Norton Rose Fulbright, see nortonrosefulbright.com/legal-notices.

Law around the world
nortonrosefulbright.com

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.