It's mostly just shocking to me there isn't more separation of duties amongst a few people. The fact that one guy could pull this off suggests some major failure to consider single points of failure. He did allegedly have someone with him, but they didn't even sit in the same place on the plane!
The mark of a good security expert is that they will tell you the threat they themselves, potentially, are. (This is true for IT as well.)
I think McDonald's could have cared less. They made & continue to make $$$ hand over fist with these promotions. The marketing for sure worked, whether anyone won or not. I used to play these games & I never remember hearing about any real winners. Didn't keep me from the dream of pulling one of those instant winners. People get excited for games of chance and it drives large amounts of traffic into stores.
McDonald's counts those millions good as gone when they start the promotion, but it's worth it since they assuredly get a huge return on the investment. They assumed Simon marketing was doing their job, and we shouldn't be surprised they didn't care to look analyze the integrity of the game. They were selling truckloads of Big Macs & Mcnuggets and that all that really matters to them.
Any-who... great writing, and interesting look into to a "game" I'm sure most of us have a connection to. Pretty amazing it was hijacked by a few people for so long. Really enjoyed this read!
There is some irony in the criminals paying restitution to the company who was making so much money from the game to be incentivized to turn a blind eye.
Running the last game that was known ahead of time to be rigged seems indefensible. The article doesn’t challenge the position that catching the crooks is a good reason to defraud more people.
Finally, a us multinational who recognized the danger of Canada. So actually, the article didn't explain why we wanted to cut them out. It just was. I thought they suggested it was the marketing company, not mackers, but it wasn't specified.
As far as I know, most US-based companies don't like doing chance-based giveaways with the potential to have a winner in Canada. Even though it's not that hard, it's still extra work.
In this case though, the allegation is that the chance-based giveaway was still operated and promoted in Canada, but the prize-distribution was skewed so that no prizes went there.
Which, from a regulatory point of view, seems strictly worse than running an honest game.
Generally, Canadian law doesn't allow games of pure chance to be run for profit, outside of a handful of exceptions like the government-run lotteries.
So to run this type of promotion in Canada, you need to set up a façade of presenting it as a game of skill or mixed skill/chance instead, which usually involves something like having a prospective winner answer a math question. Look up "skill-testing question Canada" for more info.
And Québec in particular has piles of extra rules on top of that, which often leads to "offer not valid in Québec" as part of the promotion.
Great summary! I remember being young and seeing lottery tickets with simple math problems like “25 * 4 - 20 = ?” to get around the “no games of chance” laws.
My brother won a Sony Watchman (mini-TV) and we all double checked his math before redeeming.
That doesn't make sense as a motivation, though, because they followed those regulations anyways. They ran it in Canada every single year. Heck, last year they customized it by renaming all of the pieces after Canadian landmarks [1].
He could also just go the the bathroom with the tickets out of sight of his partner.
There should have been 3 people, and the tickets should always have been in sight of 2 of them. That way one person can go the the bathroom while the other 2 keep watch over the tickets.
The mark of a good security expert is that they will tell you the threat they themselves, potentially, are. (This is true for IT as well.)