Assuming @npub1tkey...wral designed as advertised, of the 2-of-3 keys needed, Bitkey servers controls 1 key, the mobile app controls 1 key, and the hardware device itself controls 1 key. There is also an encrypted backup of the mobile app key stored in your cloud account - which requires the hardware device to decrypt it. In short, in addition to the key from Bitkey severs, the FBI would also need either your hardware device, or the key from your mobile app (which I suppose could potentially be lifted through some sort of spyware and/or malicious version of the app). *The key controlled by the hardware device isn't backed up anywhere (it's designed to not even be possiible). If the device is lost (or just stops working for whatever reason), the user's only recourse is to hope to still be able to get a new device and hope to still be able to coordinate with Bitkey to transfer funds (via the mobile app key and the Bitkey servers key) to an entirely new 2-of-3 keyset.

Apply says they don’t have the key

PS... Apparently, your recovery contact(s) would also have what's necessary to decrypt your app key stored in the cloud... so, potentially, if FBI compromises Bitkey server, your cloud provider, and also somehow a recovery contact, I suppose your wallet could be at risk without you necessarily ever even knowing it.