Request for Information - Cloud-Native DRM Solution

SOL #: 2026-CIO-0275Sources Sought

Overview

Buyer

Library Of Congress
Library Of Congress
CONTRACTS SERVICES
Washington, DC, 20540, United States

Place of Performance

Washington, DC

NAICS

Information (51)

PSC

Support Services, Delivered As A Service Contract (Saa S Or Subscription) Involved With The Analysis, Design, Development, Code, Test And Release Packaging Services Associated With Application Development Projects, As Well As Off The Shelf Business Software. (DA10)

Set Aside

No set aside specified

Timeline

1
Posted
Apr 16, 2026
2
Response Deadline
May 20, 2026, 3:00 PM

Qualification Details

Fit reasons
  • NAICS alignment with historical contract wins in similar service areas.
  • Scope strongly matches core technical capabilities and delivery model.
Risks
  • Past performance thresholds may require one additional teaming partner.
  • Potential clarification needed on staffing minimums before bid/no-bid.
Next steps

Validate eligibility requirements, assign capture owner, and schedule partner outreach to confirm teaming strategy before submission planning.

Quick Summary

The Library of Congress is conducting market research through a Request for Information (RFI) to identify commercial off-the-shelf (COTS) Cloud-Native Digital Rights Management (DRM) solutions. This RFI aims to understand API-driven DRM options that meet federal security standards for securing digital assets, managing metadata, and enforcing usage rights within the LOC's application stack. Responses are due May 20, 2026, at 11:00 a.m. (EST).

Scope of Work

The LOC requires a DRM solution with the following capabilities:

  • Cloud-native compatibility with AWS & Azure environments.
  • Integration with existing custom applications built in JAVA, Python, and Angular.
  • Ability to support approximately 2+ million files (25TB) annually.
  • Authentication via MS Entra and login.gov.
  • Handling of approximately 5,000+ external and 300+ internal concurrent users.
  • Support for a wide range of file formats (details in Appendix A of the RFI).
  • Desired workflow includes Ingest, Protect (encrypt/wrap), Storage (cloud), and Access (SSO authentication, DRM client validation).
  • Assets must remain read-only and maintain integrity.
  • Encrypted files accessible in real-time via approved viewers or custom-built LOC viewers.

Contract & Timeline

  • Type: Sources Sought / Request for Information (RFI)
  • Set-Aside: None specified
  • Questions Due: May 4, 2026, 11:00 a.m. (EST)
  • RFI Response Deadline: May 20, 2026, 11:00 a.m. (EST)
  • Published: April 16, 2026

Submission & Evaluation

Vendors are requested to provide detailed technical responses, avoiding generic marketing language. Key areas of interest include Company Profile & Compliance (FedRAMP status, support, SLA), Solution Architecture (SaaS/PaaS, deployment, client requirements), API Capabilities & Integration Strategy, Core DRM Functions (streaming encryption, policy abstraction, revocation), Authentication & Identity, Security & Key Management (algorithms, BYOK, data residency), Performance & Reliability, Auditing/Reporting, Pricing Model, and User Interface.

Responses must be in PDF format, limited to 25 pages, and submitted in Voluntary Product Accessibility Template (VPAT) format.

Additional Notes

This RFI is for market research purposes only and does not constitute a solicitation for proposals. It is intended to gather information to inform future acquisition strategies.

Points of Contact

People

Points of Contact

Veronica PricePRIMARY
vprice@loc.gov
2023743046
Stefanie FitteSECONDARY
sfitte@loc.gov
2028936318

Files

Files

Download

Versions

Version 1Viewing
Sources Sought
Posted: Apr 16, 2026
Request for Information - Cloud-Native DRM Solution | GovScope