Request for Proposal for OTF Secure Usability and Accessibility Lab

The Open Technology Fund (OTF) is soliciting proposals from service providers, organizations and individuals interested to provide services to OTF’s Secure Usability and Accessibility Lab (SUA Lab) (formerly Usability Lab). OTF renamed this lab in order to reflect an increased focus on secure accessibility.

OTF is an independent 501(c) non-profit corporation registered in the District of Columbia. OTF is fully funded by the U.S. Government.

OTF supports technology-centric projects and research which empower world citizens to have access to modern communication channels free of restrictions, and allow them to communicate without fear of repressive censorship or surveillance.

History

In November 2015, the Open Technology Fund in partnership with Simply Secure started to offer usability audits to FLOSS circumvention and digital security tools, to help them recognise and solve usability challenges that hampered the adoption of those tools where they are needed the most. In March of 2018, after consultation with the OTF community and a public RFP, the Usability Lab was expanded with additional partnerships with Okthanks, Torchbox, and Ura design, as well as continuing the ongoing collaboration with Simply Secure. The lab also expanded its services to provide more types of usability support to tools.

OTF is really proud of the progress the community has made in those six years, which is demonstrated both by increased adoption of digital security and circumvention tools around the globe, as well as the adoption of usability best practices within major and relatively well resourced tools. With that in mind, and in recognition of the many but not insurmountable challenges ahead, OTF is requesting proposals for the following set of services.

Scope of Services Requested

Service providers awarded contracts under the SUA Lab will provide internet freedom projects with usability and accessibility consulting services based on the scope of services below. OTF intends to award indefinite deliverable, indefinite quantity (IDIQ) contracts to multiple vendors with a performance period of two years, with the option to extend for two additional years. The maximum ceiling for an awarded IDIQ agreement will be $200,000 for the first two years and another $200,000 for the optional two years, should OTF choose to exercise the option. Following the award of IDIQ contracts to selected vendors, work will be ordered on a per-work-order basis as needed, and OTF does not guarantee that the full ceiling value of the IDIQ contract will be used.

Those vendors are expected to provide at least one of the Primary Services listed below ( not necessarily every service under the category) in addition to providing the Support Activities.

Applicants should specify in their application which primary services they want to provide, and the price for each primary service. The pricing should be in the form of a fully-burdened hourly rate for each service inclusive of the support activities. OTF will also consider the cost of any conference attendance that may be necessary as part of the services to be provided, so long as the costs follow the requirements of the U.S. Federal Travel Regulations and per diem lodging and M&IE rates as set by the U.S. General Services Administration and/or U.S. Department of State.

Primary Services

Service #1: Secure Usability/Accessibility Coaching

Service providers should be able to provide secure usability and/or accessibility coaching on demand to OTF-approved Internet freedom projects to help improve their usability/accessibility capacity.

Service #2: Secure Usability/Accessibility Consultation

The service provider should be able to provide secure usability and/or accessibility consultations to OTF-approved Internet freedom projects to help supplement their capacity to address the most difficult usability and accessibility problems they face in a secure and privacy-preserving manner. These services can be broken down into research, design, and implementation. Partners will be able to provide a combination of these services themselves, or in collaboration with other usability lab partners. Partners will consult with OTF before starting one of these consultations. The outputs of each consultation must be publicly documented upon its completion for the benefit of the community.

Service #3: Secure Usability/Accessibility Audits

The service provider should be able to provide secure usability and/or accessibility audits of OTF-approved Internet freedom tools and provide an assessment of the state of usability/accessibility of the tool in relation to standards and best practices, highlight problems that need to be fixed and suggest areas of improvement.

Support Activities

In addition to one or more of these services, the vendor will be expected to carry out the following support activities:

– Intake, scoping and liaising with OTF Program Manager: The vendors will be solely responsible for identifying suitable SUA Lab engagements and opportunities, scoping out the engagements, and getting approval from the responsible OTF program manager. In contrast to previous years, the intake form on the OTF website will be retired, and in its stead, there will be profiles of available vendors and contact details

– Promotion and Outreach: The vendor will be expected to reach out to the internet freedom community, and make relevant stakeholders aware of SUA Lab and its services

– Reporting: The vendor will be expected to submit a short monthly report on activities, as well as provide a report on completed usability lab engagements to share acquired knowledge for the benefit of the community.

In addition to the services and pricing, Please include your relevant qualifications on the following:

1. Network and Community: Describe the organizations and individuals you aim to focus on as a SUA Lab partner, and list relevant experience working with activists, human rights defenders, journalists, and the wider internet freedom community.
2. Promotion and Outreach Strategy: Describe your outreach strategy to the relevant network and community you’ve described above. How would they learn about the OTF SUA Lab and the services you provide?
3. Institutional Capacity and Record: Provide information on your capacity to provide Secure Usability and/or Accessibility services.
   4. Security Protocol: Please elaborate on your experience in handling sensitive data and the procedures you/your organisation has in place to protect the privacy and security of the applicants you work with.

Proposal Submission

Send by August 30th, 2021 at [email protected].

Information to be submitted in your Proposal must include:

1. An overview of your organization, company or individual expertise;
2. Specify the Primary Services which you will provide as a Service Partner, along with fully burdened hourly rates and estimated costs for necessary conference attendance
3. Confirm your understanding of, and ability to provide, the listed Support Services in addition to Primary Services;
4. Vendor’s relevant qualifications including your responses to 1) Network and community 2) Promotion and outreach strategy 3) Institutional Capacity and Record 4) Security Protocol.
5. Biographical sketches or CVs of the key employee(s) and staff who would be assigned to this project;
6. Other relevant services you provide, if any;
7. Two (2) letters of support from groups you worked with and who are part of the community you aim to serve.
8. Acknowledgement that the vendor accepts the Standard Provisions in Appendix A.

Pricing

Provide a fully-burdened hourly rate for providing services to Open Technology Fund on a per-work-order basis. If you are providing a discount on your regular commercial rates, please also provide those commercial rates for comparison. OTF will not be separately covering materials or incidental costs, so please ensure your hourly rate will cover all costs associated with the services to be provided.

Individuals have until August 22nd, 2021 to send [email protected] with questions regarding this RFP. The questions will be collected and answers will be published publicly on the OTF website. If it becomes necessary to revise any part of this RFP, an Addendum will be published on the OTF website.

Restrictions on the use of data contained within a proposal must be clearly stated. Due to OTF’s evaluation process for RFPs, it cannot sign non-disclosure agreements with any bidder. All material submitted regarding this RFP becomes the property of OTF and will only be returned to the bidder at OTF’s option.

All costs incurred in the preparation of the proposal response to this RFP will be the responsibility of the responding vendors and will not be reimbursed by OTF.

Schedule of Activities

July 30th, 2021 RFP announced

August 22nd, 2021 Deadline for Questions

August 30th, 2021 Proposal submission due

October 1st, 2021 Anticipated start date

Selection Process

The criteria for selection of the successful proposal will include adequacy and completeness of the proposal, general experience, qualifications, and review of prior work.. Although the price will be an important factor, it will not be the only factor considered.

OTF reserves the right to accept or reject any or all bids, to take exceptions to the RFP specifications, and to waive any requirements stated herein.

OTF reserves the right to make an award based solely on the proposals or to negotiate with one or more vendors. Issuance of this RFP, preparation, submission, and evaluation of bidder responses does not commit OTF to award a contract to any vendor. The award of the IDIQ contract does not guarantee the award of work orders under that contract, which will vary based on need and availability. OTF reserves the right to cancel or modify this solicitation at any time for any reason within its sole discretion without liability.

Other Provisions

OTF, in its sole discretion, will make the final determination as to the acceptability of all work products due hereunder.

The vendor shall not issue, or permit to be issued, during the period covered by this contract or at any time thereafter, publicity in any form respecting the work hereunder or the fact of its participation herein, unless such publicity is first approved in writing by OTF.

In the event any portion of the cost of the services provided hereunder includes travel cost reimbursement, the vendor shall obtain advance approval of OTF and all travel expenditures must conform to the Standard Government Travel Regulations.

The vendor hereby agrees that all Work Product produced under the contract will be the sole property of OTF and the fees to be paid to the Vendor are full, fair and adequate compensation for Vendor’s conveyance to OTF of copyrights in all Work Product.

The awarded contract will be based on OTF’s standard contract terms, including a termination for convenience provision, and will also include the relevant U.S. Government provisions, which are attached here as Appendix A.

Appendix A: STANDARD PROVISIONS FOR USG-FUNDED AGREEMENTS

1. Debarment, Suspension, Ineligibility, and Voluntary Exclusion. The Consultant certifies that neither it nor any of its principals is presently debarred, suspended, proposed for debarment, declared ineligible, or voluntarily excluded from participation in this Agreement by any U. S. Government department or agency.
2. USG Funding Agency Non-liability. The USG Funding Agency does not assume liability for any third party claims for damages arising out of this Agreement.
3. Travel. The Consultant agrees to use U.S. flag carriers to the extent possible for all air travel and transportation arrangements funded by the U. S. Government under this Agreement. The Consultant must abide by the requirements set forth in the Fly America Act of 1974, which is incorporated by reference.
4. Rights to Invention. Contracts or agreements for the performance of experimental, developmental, or research work shall provide for the rights of the Federal Government and the recipient in any resulting invention in accordance with 37 CFR part 401, “Rights to Inventions Made by Nonprofit Organizations and Small Business Firms Under Government Grants, Contracts, and Cooperative Agreements,” and any implementing regulations issued by the awarding agency.
5. Equal Employment Opportunity. If the Agreement is to be performed in the U. S. or to be performed with employees recruited in the U. S., the Consultant agrees to comply with Executive Order 11246, entitled “Equal Employment Opportunity,” as amended, and as supplemented in Department of Labor Regulations (41 CFR Part 60).
6. Nondiscrimination. To the extent such laws apply to the Consultant; the Consultant agrees to abide by U.S. laws in regards to nondiscrimination of U.S. citizens or legal residents working under the Agreement.
7. Worker’s Compensation. For Agreements that require performance outside the United States, the Consultant agrees to provide Worker’s Compensation Insurance (42 U.S.C. 1651, et seq.). As a general rule, Department of Labor waivers will be obtained for persons employed outside the United States who are not United States citizens or residents provided adequate protection will be given such persons. It is the responsibility of the Consultant to obtain such waivers. The Consultant shall notify OTF of all requests for waivers.
8. Anti-Lobbying.  For Contracts of $100,000 or more, the Contractor certifies that no funds will be used to lobby, influence or attempt to influence any person or organization in connection with obtaining any Federal contract, grant or any other award covered by 31 USC 1352.
9. Prohibition on certain telecommunications and video surveillance services or equipment Where applicable, Contractor certifies that none of the funds payable under this contract will be used to procure or obtain the equipment, services, or systems that uses covered telecommunications equipment or services as a substantial or essential component of any system, or as critical technology as part of any system in compliance with the National Defense Authorization Act. Covered telecommunications equipment and services include the following:

– Telecommunications equipment produced by Huawei Technologies Company or ZTE Corporation (or any subsidiary or affiliate of such entities).

– For the purpose of public safety, security of government facilities, physical security surveillance of critical infrastructure, and other national security purposes, video surveillance and telecommunications equipment produced by Hytera Communications Corporation, Hangzhou Hikvision Digital Technology Company, or Dahua Technology Company (or any subsidiary or affiliate of such entities).

– Telecommunications or video surveillance services provided by such entities or using such equipment.

– Telecommunications or video surveillance equipment or services produced or provided by an entity that the Secretary of Defense, in consultation with the Director of the National Intelligence or the Director of the Federal Bureau of Investigation, reasonably believes to be an entity owned or controlled by, or otherwise connected to, the government of a covered foreign country.

1. Prioritization of certain enterprises. Where applicable, subcontracts awarded under this contract, Contractor will take all necessary affirmative steps to assure that minority businesses, women’s business enterprises, and labor surplus area firms are used when possible.

Update (2021-08-24): Answers to RFP Questions Received by OTF

• Under Service #2: Secure Usability/Accessibility Consultation – do you imagine that the ‘design’ services within that category would or could involve ‘promotion, distribution, and outreach’?
  
  They definitely could include those elements, but applicants need to make the case in their application that those services, or any others, would contribute to OTF and the SUA Lab mission and goals.
  
• Are there any expected formats for estimating costs for conference attendance? It feels a bit abstract, depending on the travel location and duration.
  
  We don’t have a required format, but estimated costs for conference attendance should include:-
  1) Estimated number of conferences
  2) Rough estimates of travel costs for each example conference based on anticipated location/duration.
  
  We are asking for this information to judge whether the anticipated use of the travel funds is reasonable and in-line with the SUA lab’s goal and mission. We understand that the nature of these estimates are tentative on actual location and subject to some uncertainty at this time.
  
• Are primary activity and support activity hourly rates expected to be separate?
  
  No, please only provide hourly rates for the primary services. The anticipated costs for the support activities should be built into the hourly rates of the primary services.
  
  
• How long are the biographical sketches of the involved individuals to be expected? The RFP mentions CVs, are resumes also okay?
  
  Yes, resumes are also okay. The biographical sketches should have enough information to assess the qualifications of the individuals providing the services.
  
• It’s mentioned that we should mention other relevant services we can provide. Are there plans to offer Learning Lab services again? If not, would this be a good opportunity to mention these services?
  
  Yes, please include those services, as long as they are within the larger scope of usability and accessibility services.
  
  
• Can individuals also apply to be Lab partners? What legal entities (LLC? international freelancer?) are allowed here?
  
  Yes, all individuals and organisations can apply as long as they are eligible to receive USG funding.
  
  
• Can you contract with individuals under a pseudonym? What information needs to be on file for OTF – internally (paperwork) and external (website, comms, mailing list)?
  
  OTF is committed to the safety of all applicants and contractors. Applicants can go through the RFP application process using a pseudonym. Upon contracting, we work with the applicant to ensure that any personally identifiable information we have to collect and process is done in the safest way possible, based on their circumstances. In terms of external communication, we only publish project information with their consent. Please refer to our privacy and information sharing policy for more information: https://www.opentech.fund/about/tos/privacy/
  
• Can individuals also apply via a fiscal sponsor to minimise exposure?
  
  Yes, individuals can apply through a fiscal sponsor, or include a fiscal sponsor later in the contracting stage if they wish to do so.
  
• It would be helpful to understand more about what kinds of projects the OTF is interested in. They must be a tool? Can it be an information website?
  
  OTF’s mission is to advance global Internet freedom. Any project focused on counteracting repressive censorship and surveillance can make their case for receiving OTF funding or lab support. While we still think they are valuable, we don’t support general online privacy efforts, guides or open source software, unless people living under repressive censorship and surveillance are the primary audience of that particular application for OTF support.