Service provider collaboration: Other

If you need to purchase an item in a store, you can purchase it anonymously to make it harder for an adversary to use the collaboration of the store to link your identity to the item.

You can follow digital best practices to make it harder for service providers to provide useful information to an adversary. For example, you can:

• Use Tor^[1] to make it harder for your Internet Service Provider to provide useful information about your Internet activity to an adversary.
• Use trusted online services^[2] that will refuse to comply with an adversary's requests to access your data, or build their service to make it technically impossible to comply with such requests.

You can encrypt “in-motion” data to make it harder for service providers to provide useful information to an adversary.

Investigators used the collaboration of the hospital to:

• Learn that a person (Louna) was hospitalized for burns.^[3]
• Obtain Louna's medical file.
• Seize Louna's clothing while she was hospitalized.^[4]
• Obtain the phone number of someone close to Louna that Louna had given to the hospital.
• Obtain CCTV footage from the hospital.
• Obtain information from the hospital's parking payment system.
• Learn the time and place of an appointment Louna had at the hospital a few days after the arson.

Investigators also used the collaboration of several State institutions:

• The Agence nationale des titres sécurisés (ANTS, National agency for secured documents) provided scans of identity documents and applications for renewal of identity documents.
• Health insurance organizations provided the personal information of people under investigation and their partners.
• The tax authorities provided the purchase and sale files of houses of Louna's parents and grandparents.

Investigators used the collaboration of several companies:

• Banks provided:
  • Bank information of several people, including many members of Louna's family.
  • IP addresses used to make online bank transfers.
  • Locations where people had withdrawn cash.
• An insurance company provided a person's address and list of roommates.
• The highway operator Vinci provided CCTV footage of highway toll booths.
• The French national railway company (SNCF) provided information about people who had booked seats next to people under investigation, including their photos and bank information.
• The carpooling service BlaBlaCar provided information about people who had used the service, including their photos, bank information, and the trips they had taken.
• The car manufacturer Stellantis provided the IMSI^[5] and IMEI^[6] numbers of a car's embedded location system. However, investigators were unable to locate the car because, for some unknown reason, it did not transmit its location.

Investigators asked a social housing landlord and a real estate agency to provide them with access cards to apartment buildings.

A fireworks store provided investigators with records showing that Peppy had purchased fireworks from the store three days before the protest.^[7]

Investigators gave the serial number of a camera to the camera manufacturer, and the manufacturer gave them the name of the store where the camera was sold.^[8] This helped investigators identify a person they accused of taking photos with the camera.

Investigators used the collaboration of an email provider to gain real-time access to an email address used by Boris: they were able to see emails sent and received in real time.

Investigators used the collaboration of banks to:^[9]

• Analyze the bank records of a suspected editor of the newspaper, including bank records as old as 8 years, to determine if the person had purchased printing equipment.
• Obtain, in real time, the locations of cash withdrawals made by a person they wanted to locate. When a cash withdrawal took place, investigators would send a patrol to the withdrawal location to try to locate the person. However, this did not work, seemingly because the patrol always arrived too late.
• Reduce the maximum cash withdrawal limit of a person they wanted to locate in order to force her to make more withdrawals and increase the opportunities of locating her.

Investigators asked several companies to provide information about a person:

• Mail order companies were asked to provide the shipping addresses used by the person.
• PayPal, Ebay, and similar companies were asked if the person had an account with them and, if so, which addresses were associated with the account.
• The German national railway company (Deutsche Bahn) and the bus operator FlixBus were asked to provide information about the person's travels.
• The person's former vocational school was asked to provide the list of participants in the school's courses, presumably to identify possible contacts of the person.

Investigators used the collaboration of banks to obtain the bank records of organizations fighting against Cigéo.^[3] The bank records of one organization included a 500€ transfer entitled “participation manif 18 fev” (“contribution to the February 18 demonstration”), in reference to a demonstration in which people attacked a building associated with Cigéo.

The owner of a supermarket in a town about 20 km from Bure told investigators that he had seen customers buying an unusually large amount of denatured alcohol (15 liters), and gave the receipt to the investigators.