United States ex rel. Markus v. Aerojet Rocketdyne Holdings, Inc.
United States District Court for the Eastern District of California
May 8, 2019, Decided; May 8, 2019, Filed
No. 2:15-cv-2245 WBS AC
[*1243] MEMORANDUM & ORDER RE: DEFENDANTS' MOTION TO DISMISS RELATOR'S SECOND AMENDED COMPLAINT, STAY PROCEEDINGS, and COMPEL ARBITRATION
Plaintiff-relator Brian Markus brings this action against defendants Aerojet Rocketdyne Holdings, Inc. ("ARH") and Aerojet Rocketdyne, Inc. ("AR"), arising from defendants' allegedly wrongful conduct in violation of the False Claims Act ("FCA"), 31 U.S.C. §§ 3729 et seq., and relating to defendants' termination of relator's employment. Defendants now move to (1) dismiss the Second Amended Complaint ("SAC") in part for the failure to state upon which can be granted under Federal Rule of Civil Procedure 12(b)(6), (2) stay proceedings, and (3) compel arbitration.
Relator Brian Markus is resident of the State of California. (SAC ¶ 6 (Docket No. 42).) He worked for defendants [**2] as the senior director of Cyber Security, Compliance, and Controls from June 2014 to September 2015. (Id.) Defendants ARH and AR develop and manufacture products for the aerospace and defense industry. (Id. ¶ 7.) Defendants' primary aerospace and defense customers include the Department of Defense ("DoD") and the National Aeronautics & Space Administration ("NASA"), who purchase defendants' products pursuant to government contracts. (See id.) Defendant AR is a wholly-owned subsidiary of ARH, and ARH uses AR to perform its contractual obligations. (Id. ¶ 8.)
Government contracts are subject to Federal Acquisition Regulations and are supplemented by agency specific regulations. On November 18, 2013, the DoD issued a final rule, which imposed requirements on defense contractors to safeguard unclassified controlled technical information from cybersecurity threats. 48 C.F.R. § 252.204-7012 (2013). The rule required defense contractors to implement specific controls covering many different areas of cybersecurity, though it did allow contractors to submit an explanation to federal officers explaining how the company had alternative methods for achieving adequate cybersecurity protection, or why standards were [**3] inapplicable. See id. In August 2015, the DoD issued an interim rule, modifying the government's cybersecurity requirements for contractor and subcontractor information systems. 48 C.F.R. § 252.204-7012 (Aug. 2015). The interim rule incorporated more cybersecurity controls and required [*1244] that any alternative measures be "approved in writing prior by an authorized representative of the DoD [Chief Information Officer] prior to contract award." Id. at 252.204-7012(b)(2)(ii)(B). The DoD amended the interim rule in December 2015 to allow contractors until December 31, 2017 to have compliant or equally effective alternative controls in place. See 48 C.F.R. § 252.204-7012(b)(2)(ii)(A) (Dec. 2015). Each version of this regulation defines adequate security as "protective measures that are commensurate with the consequences and probability of loss, misuse, or unauthorized access to, or modification of information." 48 C.F.R. § 252.204-7012(a).
Contractors awarded contracts from NASA must comply with relevant NASA acquisition regulations. 48 C.F.R. § 1852.204-76 lists the relevant security requirements where a contractor stores sensitive but unclassified information belonging to the federal government. Unlike the relevant DoD regulation, this NASA regulation makes no allowance for the contractor to use alternative [**4] controls or protective measures. A NASA contractor is required to "protect the confidentiality, integrity, and availability of NASA Electronic Information and IT resources and protect NASA Electronic Information from unauthorized disclosure." 48 C.F.R. § 1852.204-76(a).Read The Full CaseNot a Lexis Advance subscriber? Try it out for free.
Full case includes Shepard's, Headnotes, Legal Analytics from Lex Machina, and more.
381 F. Supp. 3d 1240 *; 2019 U.S. Dist. LEXIS 78018 **; 2019 WL 2024595
UNITED STATES OF AMERICA ex rel. BRIAN MARKUS, Plaintiff, v. AEROJET ROCKETDYNE HOLDINGS, INC., a corporation and AEROJET ROCKETDYNE, INC., a corporation, Defendants.
contracts, alleges, regulations, compliance, noncompliance, defendants', misrepresentations, cybersecurity, contractor, arbitration, conspiracy, fraudulent, motion to dismiss, false certificate, judicial notice, stay of proceedings, promissory fraud, conspired, controls, compel arbitration, compliant, government's decision, false claim, acquisition, intervene, entities, measures