Repression of the attack on Clarín's headquarters

Contents

Description
Techniques used

Contents

Description
Techniques used

In 2021 and 2022, several people were arrested and accused of throwing Molotov cocktails at the headquarters of Clarín, Argentina's largest newspaper, in 2021.^[1]

In a 2022 trial, three of the defendants were sentenced to a three-year suspended prison sentence.^[2]

Techniques used

Name		Description
Forensics
	Facial recognition	Investigators used facial recognition software to identify one of the defendants, using a photo of their face extracted from CCTV footage near the attack site.^[3]
	Fingerprints	The fingerprints of one defendant were found on a Molotov cocktail that was used in the attack but did not break.^[3]
	Gait recognition	One of the defendants was identified because their gait was considered compatible with that of a suspect visible in CCTV footage near the attack site.^[3]
House raid		During raids, investigators found eight national identity cards and a debit card in the names of third parties.^[3] In court, the cards were presented as evidence of the defendants' “strategy of concealment” and were used to justify keeping them in preventive detention.
Mass surveillance
	Video surveillance	CCTV footage from multiple cameras showed one defendant leaving the attack site, being driven away on a motorcycle for a few blocks, and boarding a bus — the defendant was identified because he used his partner's electronic bus card to board the bus.^[4]
Network mapping		After identifying the first defendant, investigators identified the other defendants by establishing links between them. Investigators found that the defendants:^[3] Called each other on the phone. Were part of the same groups on the messaging application WhatsApp. Interacted with each other on the social network Facebook.
Open-source intelligence		Investigators analyzed social media profiles to establish links between the defendants.^[3] The profile of one defendant on the social network Facebook was named “Coctel Molotov” (Molotov cocktail), which was considered suspicious.
Service provider collaboration
	Mobile network operators	Investigators used the collaboration of mobile network operators to:^[3] Analyze the activity of some of the defendants' phones at the time of the attack. Several phones were seemingly turned off shortly before the attack and turned back on shortly after, which was considered suspicious. For example, one phone was seemingly turned off ten minutes before the attack and turned back on approximately two hours after. Geolocate the phones of some of the defendants retroactively. This showed that: One defendant spent time near the attack site the day before the attack. One defendant was present at the attack site a few minutes before the attack. Intercept phone calls. In intercepted calls, some of the defendants expressed solidarity with those targeted by the investigation and concern about being targeted themselves.
	Other	One defendant was identified because he was seen on CCTV footage boarding a bus and he used his partner's electronic bus card to board the bus — investigators presumably obtained his partner's name using the collaboration of the entity that manages the bus card system.^[3]

1.

https://publicacionrefractario.wordpress.com/2022/03/23/argentina-detenidxs-companerxs-acusadxs-de-participar-en-el-atentado-incendiario-contra-el-periodico-el-clarin

2.

https://lanacion.com.ar/politica/condenan-a-tres-anos-de-prision-en-suspenso-a-tres-de-los-atacantes-del-diario-clarin-con-molotovs-nid07092022

3.

https://notrace.how/documentation/clarin-case-file.pdf

4.

https://web.archive.org/web/20211210123411/https://www.revolucionpopular.com/otras-noticias/la-policia-detuvo-a-otro-hombre-por-el-ataque-a-clarin_a61b34174d2f0a04884749d24