What law enforcement can learn from your smartphone

Cell phone secrets

You may not realize it, but your smartphone contains a wealth of information. Everything from texts and e-mails to where you go, plus health and sleep information.

That includes data you've deleted.

"Even though you've deleted the content, it's actually still there, and the file system still can see it," said James Aquilina, a former federal prosecutor.

That data has become a source of debate as law enforcement fights devicemakers like Apple for access for the purpose of criminal investigations.

No matter where you stand on privacy issues, law enforcement has many tools to recover deleted information.

"We can … create essentially a timeline of how the phone was used and where the person was at any given time," said Aquilina, who now leads cybersecurity consulting firm Stroz Friedberg's digital forensics practice.

Stroz Friedberg works with law enforcement and private clients to recover data from smartphones, both legacy and newer devices. They invited CNBC into their forensics lab to see how it works.

As soon as a device is brought in for recovery, it's placed inside what's called a Faraday box.

Once law enforcement recovers a smartphone, it's stored in a Faraday box to avoid it being remotely wiped.
CNBC Video

"It blocks the signals to the device, so that, for example, it can't be remotely wiped," Aquilina explained.

This is especially important, he said, if the device is owned by a suspect in a criminal case, who may try to delete critical information.

The box is made of grounded metal, which blocks Wi-Fi and cell signals. Once the smartphone is safely secured inside, technicians put it in airplane mode using gloves and a window on top.

Next, if the device has a password lock, the team needs to crack the code — or break into the device.

For some older models, tools can circumvent passwords.

In fact, the new security metrics have law enforcement agencies scrambling to adapt and find new ways to crack the codes.

When investigators cannot get past a lock code, or when a phone is too damaged to turn on, they can use a method called chip-off, which solders the memory chip from the board to recover data.

This phone was completely submerged in water, but Stroz Friedberg was able to recover data using a method known as chip-off.
CNBC Video

Stroz Friedberg was able to recover data from a device that had been completely submerged under water using chip-off.

"We were able to recover not just the chip, but also information off the chip that includes all kinds of information about the user," Aquilina explained.

Read MoreThe existential dilemma of a broken smartphone

Once a phone is unlocked, investigators plug it into a device that downloads and then analyzes the data.

Law enforcement commonly uses a device made by mobile technology company Cellebrite for this purpose.

Currently, there are more than 30,000 Cellebrite devices deployed to law enforcement, according to the company.

The Cellebrite machine is used to download data hidden inside smartphones.
CNBC Video

But even when law enforcement cannot physically access a phone, there is still a chance to recover its data.

"These devices are synced to so many places, whether it's the cloud, or to a computer … usually we can get to it somewhere else where we can find it replicated," Aquilina said.