Did law enforcement make a big error in its handling of the iPhone after the San Bernardino shooting?
That’s what Apple is claiming. According to senior Apple executives, there was a lost opportunity to get into the shooter’s iCloud account, which had been backed up six weeks prior to the shooting.
They said the iCloud password was changed hours after the shooting, preventing a potential iCloud backup that may have revealed further information about the suspect.
The phone was actually issued to the shooter, Syed Farook, by his employer and belonged to San Bernardino county.
According to senior Apple executives, in an attempt to access the device soon after the attack, someone at the county changed the iCloud ID password, preventing a potential iCloud backup.
Related: U.S. tries to force Apple to unlock San Bernardino shooter’s iPhone
Apple engineers would have tried to find a known Wi-Fi network that the suspect had utilized. That’s because the phone would’ve backed up to iCloud when it was on a trusted network and plugged in — assuming the password hadn’t been changed.
The Department of Justice acknowledged that the password had been changed.
But the Justice Department, in a footnote to its filing on Friday, said that any backup would have been “insufficient” because it didn’t have the same amount of information as what was on the phone itself.
Furthermore, investigators believe the shooter had turned off auto-backup, saying the phone had been auto-updating weekly until the last backup six weeks before the shooting.