The Texas Rangers have served Apple with search warrants for data linked to the iPhone of Devin Kelley, who killed 26 people at a church in Sutherland Springs near San Antonio.
On Nov. 9 the Rangers secured warrants for files stored locally on Kelley's iPhone SE, as well as his iCloud account, according to mySA. Another warrant covers an LG feature phone — a 328BG — found near his body.
The warrants seek access to calls, contacts, messages, passwords, social media, photos, videos, and other data reaching back to Jan. 1 of last year.
Two days after the shooting the FBI's San Antonio office head, Christopher Combs, complained that encryption was preventing investigators from accessing Kelley's data. The iPhone was at some point flown out to an FBI lab in Quantico, Va., but without success.
Law enforcement may have missed a critical window during which they could have tried to use Kelley's fingers to unlock his iPhone without a passcode, though it's not certain that would have worked. Regardless, investigators reportedly failed to contact Apple during that window, leading to Apple itself getting in touch after seeing Combs' press conference.
Apple has a policy of handing over iCloud data when served with a proper legal order, but the company is unlikely to cooperate in cracking the iPhone's encryption. The company famously refused to do so for the FBI in the case of San Bernardino shooter Syed Rizwan Farook, arguing it would have to rewrite iOS to create a backdoor and fundamentally weaken security.
The FBI eventually recruited the help of a third party to break into the phone, dropping its demands with Apple, but no useful data was found.