The Reality Winner case is good example where a basic investigative method still works regardless of how much publicity that the same method has received for years prior. In the Winner case, printed documents were tied to Winner based on “microdots”. This article below does a decent job of explaining what micro dots are if you haven’t heard of this before, or if you associate microdots with LSD...

https://www.grahamcluley.com/reality-winner-pleads-guilty-after-being-unmasked-by-microdots/ 

Basic (and non-secret) investigative methods suceed more often than not, and actually happens all the time. It doesn’t really matter that criminals know police investigative methods, because the methods still work. A personal example that I had when I was doing drug investigations, was ‘knock-and-talks’, where my partner and I would knock on the door of a suspected drug dealer and ask consent to search for drugs.  On one knock-and-talk, we were given permission to search a home that had hundreds of marijuana plants. Not that unusual. But what was unusual was finding a book written by a prominent Seattle defense attorney, opened to a page on “Police Knock and Talks”, with a highlighted sentenced that stated something to the effect of ‘Say no to the police when asked for consent to search’.  Even the attorney’s business card was used as a bookmark that had the same advice printed on the back of the card. Yet he willingly let us in.

This concept applies to all aspects of investigations, including technology related investigations like the Reality Winner case.

Part of the reason why the tried and true, traditional methods continue to work is that no matter how secure a criminal will try to be in all that he or she does, there are times where complacency creeps in. Add a bit of arrogance (“They’ll never catch me!”), and BAM. It’s over.

I’ve had cases where a dozen hard drives were wiped clean, but another dozen had plenty of evidence (illicit images). In these instances, the suspects were fanatical about wiping evidence until they weren’t. This applies to everything that anyone does with their electronic devices and online behavior. Complacency allows traditional methods to work and the complacency monster always wins because eventually everyone slacks off in something they do eventually.

Search warrants are not difficult to get

In a recent court decision, law enforcement is now required to obtain a search warrant for cell phone records. If you didn’t know how it worked before this decision came out…

http://www.governing.com/topics/public-justice-safety/tns-supreme-court-privacy.html

Depending on how you think this affects you personally, your perspective may be different. But in all practical reality, nothing really changed. Your cell phone records are not protected from reasonable search and seizure. The records are still there, and if probable causes exists, law enforcement can get it with a warrant. I do not believe any criminals are jumping for joy over this court decision, because they are still ripe to have their records pulled with search warrants.

As far as how difficult is it to get a search warrant…it’s not difficult at all if you have probable cause. I have found that the longest time to apply for a warrant is the time it takes to type up the affidavit. The faster you can type, the faster you can get a warrant. The rest of the process only takes minutes (not counting any traffic while driving to the judge’s home…). But you don’t even have to type up a warrant if you don’t have time. Simply call a judge, get sworn in over the phone, and ask the judge for a telephonic warrant with a verbal affidavit. I’ve done both ways and typically had a signed warrant in under an hour…nearly every single time. I've had warrants in less than 30 minutes on a few occasions. If a warrant is needed faster than 30 minutes, then you might be dipping into exigent circumstances, which is a different topic.

Your cell phone records probably weren’t going to be pulled anyway, and won’t be unless there is probable cause to do. As for criminals knowing that cops need a warrant now, that won’t make a bit of difference as to how they use cell phones to commit or facilitate crimes and it won’t make a difference in that law enforcement will still get 100% access to everything. 

The point

No matter how sophisticated your suspect in (or custodian in a civil case), never forego looking for the low hanging fruit first. Don't assume that files were wiped, browsing was only done with Tor, or that the suspect didn't use his home Internet to hack into a victim's system. Because they do and always will. Old hat stuff works.