FAR 4.2201—Definitions.
Plain-English Summary
FAR 4.2201 provides the definitions used in this subpart, and it does two important things: it defines the term “covered application” and it incorporates the statutory definition of “information technology” from 40 U.S.C. 11101(6). In practice, these definitions determine when the subpart’s restrictions or requirements apply, especially in connection with the use of TikTok and related ByteDance applications and with federal agency use of information technology. The “covered application” definition is intentionally broad enough to include TikTok and any successor application or service developed or provided by ByteDance Limited or an entity owned by ByteDance Limited. The “information technology” definition is also broad, covering equipment and interconnected systems used to acquire, store, process, transmit, or manage data, and it expressly includes computers, peripherals, software, firmware, and related services. At the same time, the definition excludes equipment a Federal contractor acquires merely incidentally to a Federal contract, which helps limit the reach of the term to IT actually used in contract performance or agency operations. These definitions matter because they set the scope for compliance, acquisition planning, contract administration, and contractor internal controls whenever this subpart is implicated.
Key Rules
Covered application includes TikTok
“Covered application” means the social networking service TikTok. The definition is not limited to the current app name or version and is meant to capture the service itself as identified in the subpart.
Successor ByteDance services included
The definition also covers any successor application or service developed or provided by ByteDance Limited or an entity owned by ByteDance Limited. This prevents circumvention by rebranding, replacement apps, or affiliated services.
IT definition follows statute
“Information technology” is defined by reference to 40 U.S.C. 11101(6). That means the FAR uses the statutory government-wide definition rather than creating a narrower procurement-specific meaning.
Broad scope of covered equipment
The IT definition includes equipment or interconnected systems used for automatic acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information. It applies when the executive agency uses the equipment directly or when a contractor uses it under a contract requiring that use.
Includes hardware, software, and services
The definition expressly includes computers, ancillary and peripheral equipment, software, firmware, support services, and related resources. This makes clear that IT is not limited to physical devices and can include the full technology stack supporting agency work.
Incidental contractor acquisitions excluded
Equipment acquired by a Federal contractor merely incidental to a Federal contract is not included. This exclusion limits the definition so that ordinary contractor-owned equipment not required for contract performance is not treated as agency IT.
Responsibilities
Contracting Officers
Identify when this subpart applies by determining whether a contract or agency activity involves a covered application or information technology as defined here. Use these definitions when drafting solicitations, evaluating contractor performance requirements, and enforcing any related restrictions or clauses.
Contractors
Determine whether the work requires use of covered applications or information technology within the meaning of this section. Contractors must distinguish between IT used because the contract requires it and equipment acquired only incidentally, and they should ensure internal controls prevent unauthorized use of covered applications where the subpart restricts them.
Executive Agencies
Apply the statutory IT definition consistently in agency operations and procurement planning. Agencies must recognize when equipment, systems, software, or services fall within the definition and ensure compliance measures are aligned with the subpart’s scope.
ByteDance-affiliated entities
Although not regulated directly by this definition section, any application or service they develop or provide may be treated as a covered application if it is a successor to TikTok or otherwise fits the definition. Their products may therefore trigger restrictions under the subpart.
Practical Implications
This section is a scope-setting provision: if a tool or system falls within these definitions, the rest of the subpart may apply. Contractors and agencies should treat the definitions as the first compliance checkpoint before using or procuring any related technology.
The TikTok definition is intentionally future-proof. A renamed or replacement ByteDance service can still be covered, so compliance reviews should look at ownership and lineage, not just the app name.
The IT definition is broad enough to capture cloud services, support services, peripherals, and software, not just desktop computers. Teams often miss that “information technology” can include the services and resources needed to operate the system, not only the device itself.
The incidental-acquisition exclusion is important for contractors, but it is narrow. If the contract requires the contractor to use the equipment, or use it to a significant extent, the equipment is likely within the definition; if the contractor bought it only as a side effect of doing business, it may be excluded.
A common pitfall is assuming that contractor-owned equipment is automatically outside the rule. The key question is whether the contract requires the use of that equipment or whether it is used significantly in performance, which can bring it within scope even if the contractor owns it.
Official Regulatory Text
As used in this subpart— Covered application means the social networking service TikTok or any successor application or service developed or provided by ByteDance Limited or an entity owned by ByteDance Limited. Information technology , as defined in 40 U.S.C. 11101(6) — (1) Means any equipment or interconnected system or subsystem of equipment, used in the automatic acquisition, storage, analysis, evaluation, manipulation, management, movement, control, display, switching, interchange, transmission, or reception of data or information by the executive agency, if the equipment is used by the executive agency directly or is used by a contractor under a contract with the executive agency that requires the use— (i) Of that equipment; or (ii) Of that equipment to a significant extent in the performance of a service or the furnishing of a product; (2) Includes computers, ancillary equipment (including imaging peripherals, input, output, and storage devices necessary for security and surveillance), peripheral equipment designed to be controlled by the central processing unit of a computer, software, firmware and similar procedures, services (including support services), and related resources; but (3) Does not include any equipment acquired by a Federal contractor incidental to a Federal contract.