If the LE visit fear is taking over the customs risk, there's to explore the possibility to use a mail forward or dropshipping company, whose one of the warehouses is located within the national or regional borders (Europe).
There are such online services which permit an anonymous registration (no verification of the client + payment with Bitcoin).
Basically, if in Spain, you'd ask to send the parcel to say, a warehouse in Poland (if the seller accepts, without backing off at the idea), wait for the confirmation of arrival that it entered Europe without interception, excluding the scam possibility along the way. Then redirect it to a collecting point only after.
Advantages : your real name and address are not given to the seller if he later runs into problems.
If there is an alert notice of customs/LE arriving early, you just disappear, not claiming the final forwarding, which is not a problem under a fake name, payment, coupled to internet privacy.
Drawback : if you proceed, there could be a linking record that sticks at a company. So a local pickup point instead of home address could be used (possible because the seller ships against signature, while the inter-Europe forwarding options would offer national postal services as unregistered mail), then all problems are solved forever, unless troops are deployed at the time of the collection (James Bond would tire them by picking up the parcel with days of delays, or something more inventive ;o)).
Enjorlas, your knowldgements are amazing, and I'm absolutely postive that you're right. But it's impossible for me to get all that done. So, my question would be this:
It is possible. Honestly, I took time to research to isolate the most simple straight forward solutions. It is not hard but is to be spanned over some time if it feels overwhelming (understandably). That said, some of the steps can be done calmly from the comfort of the home (like setting up ProtonMail, properly configured).
In opposition, the common guides will invite you to submit many documents online at a regulated exchange (sometimes even having to provide a selfie of your face, up to masking your card numbers with scissors, paper and tape, or following a video call interview procedure of 2 minutes with actions ...contrary to popular belief, the crypto space is often more strictly controlled than the banking industry).Trust me, these are shit and energy consuming steps, not straight forward, and destabilising. You'll easily understand that providing this much data in order to satisfy KYC/AML, is violating your privacy.
...INSTEAD you can visit in-person by car/foot, a local store of your town with cash coupons, or a crypto ATM.
NB: if you choose to purchase Monero not Bitcoin from home, then it turns out okay to buy it at the Kraken or Binance (indirect trading) exchanges.
Developping further : mixing Bitcoins or using separate online changers, are an example of cumbersome blended with risk inefficiency, plus subject to more manipulation errors from using more services and having to install more software, rely on more websites. Well, maybe my procedure installs as many softwares ? like a VPN instead of 1 wallet too much, but it is for optimisation. It becomes a stance. It uses less intermediary sites and is more proprietary (covering the grounds of sought-after properties like "asset bearing" or seeking a "trustLESS setup")
If I simply use protonmail (registered behind Tor) and pay through Bitcoin (regular payment), would my chances of success be significantly diminished?
Significantly yes, over someone who doesn't pay any attention. But it is not fail-proof over time (Monero's privacy improves over time magically due to the tech). If for immediate CTB consumption, then don't bother. Otherwise, think twice.
As others have said, ProtonMail should not be entirely trusted. LE has the ability to break into Tor and have been in the past. Just they have to deploy considerable means.
Usually what can go wrong is not about the core defences applied but sometimes lies into the details. You may think you're covered while you're not.
For instance, someone who would use coins that totally break the payment links (like Zcash, superior to Monero) could still be caught by doing other small mistakes.
Let me explain, the online exchanges record the history of outward user transactions. Let's suppose that A doesn't apply crypto "best practices" by recycling Bitcoin addresses after every single use (some trick many persons override), normally dumping them one after the other.
If LE learns that A uses a specific Bitcoin address, or several ones (so very simply by contacting him and pretending to purchase, like you), they can contact all major crypto exchanges, forcing them to comply to handle customers' identity all at once, grouped, about who sent about this X amount worth $750 to this Y address(es). Then you're doomed and the next benefit of obfuscating the money movement with an anonymous coin becomes irrelevant.
If you setup a bridge wallet in between, you could still forget to hide your IP (using a leaking traffic "light wallet" without VPN) or have the VPN run into a temporary technical failure (or have the VPN server picked at a high-risk jurisdiction attacked). Etc...
Either you take everything into account for peace of mind, or you don't. So I'm not really ready to comfort that using Tor for Proton, getting Bitcoin at Coinbase and sending it to A is enough of a good idea. It's a better idea than to use Gmail plus Western Union, that's for sure, but that's it.
Conclusion, the more steps I defined you'll take, the more hermetic seal you'll apply (even if you don't apply them all, grrr). However, advising to hand select a few is only a jeopardy game, especially if there's no understanding at which corners the many possible failures hide. Most tutorials for beginners don't care about the consequences, choosing not to explain the logic of the steps, letting some important details apart.
bitcoinatmmap.com
gobitcoin.io
ctemplar.com
www.bitnovo.com
