Common use of Use and release of recipient attributional/proprietary information not created by or for DoD Clause in Contracts

Use and release of recipient attributional/proprietary information not created by or for DoD. Information that is obtained from the recipient (or derived from information obtained from the recipient) under this article that is not created by or for DoD is authorized to be released outside of DoD – (1) To entities with missions that may be affected by such information; (2) To entities that may be called upon to assist in the diagnosis, detection, or mitigation of cyber incidents; (3) To Government entities that conduct counterintelligence or law enforcement investigations; (4) For national security purposes, including cyber situational awareness and defense purposes (including with Defense Industrial Base (DIB) participants in the program at 32 CFR part 236); or (5) To a support services contractor (“recipient”) that is directly supporting Government activities under a contract/agreement that includes 48 CFR §252.204-7009, Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information.

Use and release of recipient attributional/proprietary information not created by or for DoD. Information that is obtained from the recipient (or derived from information obtained from the recipient) under this article that is not created by or for DoD is authorized to be released outside of DoD – (1) To entities with missions that may be affected by such information; (2) To entities that may be called upon to assist in the diagnosis, detection, or mitigation of cyber incidents; (3) To Government entities that conduct counterintelligence or law enforcement investigations; (4) For national security purposes, including cyber situational awareness and defense purposes (including with Defense Industrial Base (DIB) participants in the program at 32 CFR part 236); oror ​ ​ (5) To a support services contractor (“recipient”) that is directly supporting Government activities under a contract/agreement that includes 48 CFR §252.204-7009, Limitations on the Use or Disclosure of Third-Party Contractor Reported Cyber Incident Information.