DoD Updates Guidance on Acquisition of Contractor Technical Data and Associated Data Rights

Article

On November 21, 2025, the Department of Defense (“DoD”)[1] updated DoD Manual (“DoDM”) 5010.12, Acquisition and Management of Contractor-Prepared Data.  The manual is DoD’s unified playbook for the acquisition and management of contractor technical data.  It replaces the legacy DoD 5010.12-M, Procedures for the Acquisition and Management of Technical Data (May 1993) and falls in line with DoD’s broader “Acquisition Transformation Strategy” announced in early November.

DoDM 5010.12 is written for DoD acquisition professionals and applies to both traditional FAR / DFARS-based contracts as well as Other Transaction Agreements (“OTAs”).  The updated manual complements DoD’s October 2019 publication of DoD Instruction (“DoDI”) 5010.44, Intellectual Property Acquisition and Licensing, and the DoD IP Cadre’s[2] April 2025 publication of the Intellectual Property Guidebook for DoD Acquisition

These publications emphasize DoD’s focus on the modular open systems approach (“MOSA”) in formulating its intellectual property (“IP”) acquisition strategies—which means contractors can expect DoD to push for greater IP rights while increasing contractors’ data delivery obligations.   

Emphasis on Modular Open Systems Approaches

The updated DoDM 5010.12 assigns responsibilities and provides procedures for the acquisition, delivery, receipt, inspection, acceptance, and management of contractor-prepared data and associated data rights.  The manual requires DoD contracting professionals to adopt a “lifecycle” approach to developing a program’s IP strategy, focusing on key tasks from pre-solicitation through contract closeout. 

In particular, the manual requires consideration of “modularity in approaches to data delivery and licensing,” including support for the use of MOSA.  What is MOSA?  Essentially, MOSA is a design philosophy that emphasizes the use of modular, segregable components that can be upgraded or replaced without affecting the entire system (think: plug-and-play).[3]  An effective MOSA strategy, however, requires the government to consider its data delivery requirements and licensing needs as early as possible. 

Updated DoDM 5010.12 – or the “CDRL Guidance Manual”

DoDM 5010.12 (and DoD’s IP Guidebook) draws a distinction between data access (remote government access to data stored in a contractor-controlled repository) and data delivery (physical or electronic transfer of data into USG custody).  Further, it differentiates between data deliverables (delivery / access to the data or software in which the government has use rights) and data rights (the scope of the government’s rights to use contractor-prepared data or software).

DoD needs delivery of (or access to) contractor-prepared data or software pursuant to a Contractor Data Requirements List (“CDRL”) to exercise its license rights: “USG license rights articulated through a contract are of little value unless and until the data or software in which the USG has license rights are delivered.”[4]  Thus, the updated manual includes content revisions designed to provide practical insights for DoD acquisition officials when ordering IP deliverables and best practices on preparing CDRLs.

A CDRL, included as an exhibit to a solicitation and incorporated into the resultant contract, lists the technical data to be delivered on a contract with DoD, prepared using DD Form 1423.  The purpose of a CDRL is to identify, in a single document, all technical data to be delivered under a contract and the requirements for the data’s approval, marking, inspection and acceptance, delivery location, etc. 

The manual reinforces the directive to contracting officers that, consistent with DFARS 215.470, a CDRL should be developed and included in the solicitation with references to the appropriate contract tasking (i.e., PWS, SOO, or SOW section / paragraph), when the USG requires data to be delivered under a contract. 

What does this mean for contractors? 

Historically, contracting officers have not consistently specified data deliverables in solicitations and contracts—often believing (incorrectly) that the FAR / DFARS data rights clauses require delivery of the data or software for which they define rights.  The updated manual, together with DoDI 5010.44 and the IP Guidebook, aim to do away with this misconception.  Contractors should expect to see, with increasing frequency, clearer specification of DoD’s data delivery requirements in solicitations. 

Contractors (and their subcontractors) should review these requirements carefully in preparing proposals and take the following initial steps:

  1. Understand the data or software deliverable requirements (listed in the CDRL) and how they map to the contract tasking (in the PWS, SOO, or SOW).
  2. Map the level of license rights against the data or software deliverables to which the license pertains. Be sure to identify any technical data or computer software to be delivered with less than unlimited rights per DFARS 252.227-7017. 
  3. Tie the deliverables and associated license rights to a specific Contract Line Item Number (“CLIN”).
  4. Be prepared to negotiate terms, including specially negotiated licenses and pricing.    
Conclusion

The updated DoDM 5010.12 is a foundational enabler of DoD’s “Acquisition Transformation” agenda, which seeks to shorten delivery timelines and expand competition.  The Acquisition Transformation Strategy specifically calls for implementation of MOSA and the use of “common components and standards so all companies can compete to integrate components” on DoD weapon systems—and so the government can avoid “vendor lock.” 

Thus, expect a renewed focus from DoD on the delivery of contractor technical data or computer software (e.g., technical manuals, source code) and a push for greater license rights (e.g., Unlimited Rights or Government Purpose Rights)—and prepare accordingly.   

Please contact the authors with questions.     

______________________________________________________

[1] Renamed the “Department of War” by Executive Order. 

[2] Established pursuant to Section 838 of the NDAA FY 2020 for the purpose of ensuring a consistent, strategic, and highly knowledgeable approach to acquiring or licensing IP.  See 10 U.S.C. § 1707.  

[3] As defined in DoDM 5010.12, “MOSA” is “[a]n integrated business and technical strategy that consists of a technical architecture that uses system interfaces compliant with widely supported and consensus-based standards (if available and suitable).  The strategy supports a modular, loosely coupled and highly cohesive system structure that allows severable system components at the appropriate level to be incrementally added, removed, or replaced throughout the life cycle of a system platform to afford opportunities for enhanced competition and innovation.” 

[4] DoDM 5010.12 at 20; see also DoDI 5010.44, Intellectual Property Acquisition and Licensing (Oct. 16, 2019). 

Related Professionals

Related Capabilities

Burr
Jump to Page
Arrow icon Top

Contact Us

Cookie Preference Center

Necessary Cookies

Always Active

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.

Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.