Comment on FR Doc # 2011-16399

We are very concerned that the new regulations will have a major negative effect on both small defense contractors in general, and on software developers in particular. 1. The regulations create yet another class of information that is not classified, but requires special handling. We have seen plenty of examples of over-use of markings such as FOUO on material that does not need any form of special handling - it is simply too easy for a contracting officer to insert a clause stating "everything is to be treated as FOUO" - if this rule is enacted it is quite likely that many contracts will contain language stating "everything is to be treated as critical program information." 2. The rule will require contractors to implement new security mechanisms and procedures - with potentially serious costs and administrative burdens to be born. While not particularly onerous to large defense contractors, these could be overwhelming for smaller companies, and create a serious barrier to entry. 3. Small software developers, particularly those who pursue SBIR funding, often work in a world of "open source" software – where handling restrictions on technical data have serious impact on getting work done, and then on commercializing or otherwise making work products available. The proposed regulations could both make much work impossible, and lead to innovative firms ceasing to perform work for the Defense Department. Classification and ITAR already present serious burdens. As a small R&D firm, currently performing on an SBIR contract for the US Army, the proposed regulations could have a catastrophic impact on our ability to do business. We urge AGAINST adding new costs and administrative burdens, in an environment where existing mechanisms (e.g., classification, ITAR, FOUS) already provide significant protections. Miles Fidelman, Principal Protocol Technologies Group, LLC