Emails to nowhere
Look, we've all been there. Someone gives you their email address and tells you to send them an email. You dutifully copy the address and send them an email. Usually, this all just works and they receive the email! But sometimes it doesn't because there's a typo in the address and the email bounces back.
Bounce backs are expected! That’s how email systems work!
Imagine, though, a system where the email doesn't bounce back. Instead, it does two totally unexpected things: (1) it sends you a confirmation email that your email has actually been received by the system even if no one knows that, and (2) in 7 days, the server deletes your email.
Also imagine that this system is used to receive proposals for a contract worth over $37 million. And, finally, imagine that you were a government contractor employee who sent your proposal to this inbox to nowhere, and because you did, your proposal was never even reviewed.
You'd totally sue, right?
That's basically what happened in The Morganti Group, Inc., which the GAO decided on Monday. But I hate to tell you this: according to the GAO, you'd lose.
I say "basically what happened" because it's actually even a little worse than that. If it was just email, that'd be pretty annoying. Instead, the Army Corps of Engineers required offerors to use a technology system called "SAFE", which should terrify anyone who's ever dealt with a government technology system called something like "SAFE". You just know it just has to be a nightmare:
Offerors were required to submit their proposals electronically through the Department of Defense’s Secure Access File Exchange (SAFE) site. To submit a proposal through SAFE, an offeror first needed to email the contracting officer and contract specialist at least four days before the due date for proposals to request a SAFE code. The agency explains that it would then send the offeror an email with a link that contained a unique twelve-character code that directed them to the SAFE site. Once on the SAFE site, the offeror would enter the code provided by the agency; SAFE would then open a drop-off form wherein the offeror would upload its file, and enter the names and emails of the intended agency recipients. After the submission, SAFE would notify the listed agency recipients, that a file had been dropped off and provide them a link, claim ID, and passcode that granted them access to view and download the electronic file with the proposal. The agency explains that SAFE, by default, would notify the offeror when the agency had opened and downloaded its proposal. After seven days, regardless of whether the agency had opened and downloaded the firm’s proposal, the agency represents that SAFE would automatically and irretrievably delete the file.
Sounds pretty awful and tragically unsurprising to me. But, on the bright side, you might think: "if you just follow these steps, I'll be good to go."
Again, no. Because not only did you get the wrong email address; everyone got the wrong email address. That's because SAFE auto-populated the proposal response to go to the wrong person. And because the agency never received the proposal, they never reviewed it.
How did anyone win, you might ask? Well, it turns out that even though the RFP required offerors to use SAFE, the RFP also required the offeror to add both the contracting officer and the contracting specialist to the recipient list in the form in SAFE.
Unfortunately for Morganti, it was one of 4 companies to assume that the email address in SAFE was correct. And, according to GAO, this was a fatal error:
Here, although the solicitation required offerors to submit their proposals through SAFE, it further directed that “[s]ubmissions will be made to” the contracting officer and the contract specialist. The solicitation provided that the words “will,” “shall,” and “must” indicated a “mandatory requirement,” and that failure to comply with that requirement could result in disqualification from the competition. In other words, the RFP required offerors to submit their proposals to the contracting officer and the contract specialist via SAFE. Here, the record reflects that SAFE auto-populated an incorrect email address for the contract specialist and Morganti failed to add the email address for the contracting officer. Consequently, neither the contracting officer nor the contract specialist received the protester’s proposal.
Sad trombone for Morganti.
Now, technically, even though only one company out of fourteen actually followed the rules to the letter, most of the companies got it mostly right. Most of the companies managed to get the proposal to either the contracting officer or contracting specialist by specifying their email addresses correctly in the form. And even though Morganti wasn't alone (four companies, including Morganti, had their proposals rejected for failing to comply with the dual-submission requirement), the agency ultimately reviewed 11 of the 14 proposals submitted.
So, one moral of the story here might be to pay close attention to the submission instructions and have a healthy skepticism for government (auto-populated) data.
An uninitiated reader might think that another moral of the story is to for the government to maybe not create a system that involves something called SAFE, give people you ostensibly want to work with to the tune of $37 million the wrong email address, and then be like "new phone, who dis" because you gave them the typo in the first place. Hahahaha. Sorry, uninitiated reader; this is government contracting! Of course that's not the moral of this story.
But, there's another less-fulsome moral, which I will now share with you.
As I mentioned, Morganti was one of 4 companies who relied on SAFE to auto-populate the addresses and therefore had their proposals rejected. Why, then, did the government review all but 3 proposals? How did one of those company's proposals get reviewed even though they screwed up the mandatory submission requirements?
Well, as it turns out one of those offerors "contacted the agency two days after the due date for proposals, and the agency was thus able to retrieve the proposal from SAFE prior to its deletion." What prompted the offeror to contact the agency? Here's more from the GAO:
On March 10, an offeror (other than Morganti) emailed the contracting officer and the contract specialist because it had not received a notification from SAFE that the agency opened and downloaded its proposal. In its email, the offeror attached a screenshot of the confirmation email generated by SAFE following the offeror’s submission of its proposal.
Is it too thirsty to contact the contracting officer and contract specialist with a screenshot of a confirmation email and ask why the agency hasn't opened its proposal yet? Unfortunately, I'm not entirely sure if my readers are of an age where a reference to the cult-classic 1996 movie Swingers will resonate, but here I'm reminded of the following scene:
Mike: So how long do I wait to call?
Trent: A day.
Mike: Tomorrow.
Sue: Tomorrow, then a day.
Trent: Yeah.
Mike: So two days?
Trent: Yeah, I guess you could call it that, two days.
Sue: Definitely, two days is like industry standard.
Trent: You know I used to wait two days to call anybody, but now it's like everyone in town waits two days. So I think three days is kind of money. What do you think?
Sue: Yeah, but two's enough not to look anxious.
Trent: But I think three days is kind of money. You know because you...
Mike: Yeah, but you know what, maybe I'll wait 3 weeks. How's that? And tell her I was cleaning out my wallet and I just happened to run into her number.
The less-fulsome moral? In a world full of offerors, be a Sue. Two days is sometimes enough not to look anxious. If you waited 3 weeks, SAFE would have already automatically deleted your proposal! But if you, like the offeror in question, just wait the obligatory two days before blowing up the inbox of the CO or CS? You're money, baby!
Sorry for your inbox, acquisition professionals… Look, I don't feel good about it, either. But at least it's pretty funny.