Skip to content
legal report

Illustration by Security Management, iStock

Legal Report January 2021

Judicial Decisions

Fraud. The former CEO of tech firm ASGN Inc. was sentenced to 21 months of home confinement for his involvement in a U.S. college admissions bribery ring. Peter Dameris paid $300,000 as a bribe for his oldest son to attend Georgetown University as a tennis recruit, despite the fact that his son does not play tennis.

Dameris pled guilty in June 2020 to one count of conspiracy to commit mail fraud and honest services mail fraud. He paid the money to the Key Worldwide Foundation, a fake charity operated by William “Rick” Singer. Singer used roughly half of the $300,000 to bribe Georgetown’s former tennis coach, Gordon Ernst, to help Dameris’s son gain acceptance to the school as a tennis recruit.

Ernst was part of Singer’s larger conspiracy, dubbed Operation Varsity Blues by investigators, and is accused of accepting approximately $2.7 million in bribes as he helped several parents use the “side door” to gain admittance into the school. Ernst resigned from his position at the college in 2018 and entered a plea of not guilty to charges of racketeering conspiracy and racketeering forfeiture.

Along with confinement to his home—which will not include location monitoring—Dameris will pay a $95,000 fine and undergo three years of supervised release. He also resigned from his position as ASGN Inc.’s CEO in April 2019. 

Singer pled guilty in March 2019 to charges of conspiracy to commit racketeering, money laundering conspiracy, conspiracy to defraud the United States, and obstruction of justice. He also helped the FBI investigate the scandal. (United States of America v. Peter Dameris, U.S. District Court of Massachusetts, No. 20-cr-10099-RGS, 2020)


Internet of Things. A new U.S. cybersecurity bill increases security requirements for Internet-connected devices.

Such devices form a network, also known as the Internet of Things (IoT), and encompass smart sensors, software, or technologies that can connect and exchange information with other devices or systems via the Internet. IoT devices include connected smart home features like automatic lighting or HVAC controls, as well as industrial applications such as connected transportation systems, system monitoring, and integrated security technology systems.

The IoT Cybersecurity Improvement Act combines various security requirements to create a set of standards on securing development, identity management, patching, and configuration management for IoT devices.

Created with input from private companies, the standardized requirements create a set of benchmarks for IoT developers seeking contracts with the federal government. The National Institute of Standards and Technology (NIST), part of the U.S. Commerce Department, will develop and implement these standards, “including minimum information security requirements for managing cybersecurity risks associated with such devices,” according to the text of H.R. 1668. The requirements will be reviewed and revisited every five years, with revisions as appropriate.

Federal contractors will be responsible for developing and incorporating acceptable security vulnerability disclosures.

While the requirements will not be mandatory for companies, they will create a set of fundamental standards for the industry, which will inform consumers when considering a purchase—similar to EnergyStar ratings for appliances.

The bill was passed in the Senate by unanimous consent in November 2020.

The bill was enacted after being signed into law by President Donald Trump.

Victim rights. California expanded protections for workers who are victims of either abuse or a crime.

Previously, the law prohibited employers from firing an employee for taking time off to serve on a jury or appear in court when summoned by a subpoena or court order. The Labor Code also required some employers to allow time off for medical attention for employees who were victims of domestic violence, sexual assault, or stalking.

Assembly Bill 2992—which was enacted by California Governor Gavin Newsom in September 2020—expands those protections for employees who were the victim of a crime which caused an injury. Now, victims of crimes, including domestic violence, sexual assault, or stalking, that caused physical or mental injuries are entitled to take time off to seek medical attention—even if no one is arrested, prosecuted, or convicted for committing the crime.

Along with allowing victims time to receive medical treatment, employers are also banned from discriminating or retaliating when a worker seeks other relief, including “a temporary restraining order, restraining order, or other injunctive relief, to help ensure the health, safety, or welfare of the victim or their child,” according to the law.

Employees must give their employers “reasonable advance notice” of the necessary time off or provide official documentation such as a police report or a jury appearance request to explain their absence.


Gender discrimination. Princeton University agreed to pay $1.2 million to female professors as part of an early resolution conciliation agreement to end a U.S. Department of Labor (DOL) investigation into discriminatory salary discrepancies.

As detailed in the agreement, the university will pay 106 female professors $925,000 in back pay and adjust salaries to pay each professor at least $250,000 total every year for the next five years.

The DOL investigation, led by the Office of Federal Contract Compliance Programs, found that Princeton discriminated in its employment based on wage discrepancies between 2012 and 2014, with female professors receiving less payment than their male counterparts. The department alleged that this wage gap is a violation of the DOL’s Executive Order 11246 that prohibits employers from discriminating in employment decisions on the basis of race, color, religion, sex, sexual orientation, gender identity, or national origin.

Princeton has denied any wrongdoing and said that the DOL’s findings were based on inaccurate statistics. (OFCCP Case No. R00188003)


Money laundering. Switzerland’s Financial Market Supervisory Authority (FINMA) determined that Banca Credinvest violated anti-money laundering regulations. The violations were related to the bank’s relationships with Venezuelan clients.

FINMA began investigating Banca Credinvest in November 2018 after receiving information alleging the possibility of violations of money-laundering rules, specifically connected to a Venezuelan oil company, PDVSA.

The watchdog sanctioned the bank and levied several measures, including ordering the bank to monitor all private banking clients to identify and appropriately mitigate increased money-laundering risks, according to a FINMA press release. The bank will also withdraw from all relationships involving clients connected to Venezuela and cannot accept any new high-risk clients until late 2023, pending a review of the implementation of the measures.

Although FINMA has closed its investigation into the bank, Banca Credinvest said in a public statement that it never had a relationship with PDVSA or other Venezuelan state organizations.