Here is the catch that costs out-of-state defense attorneys weeks of wasted process. Almost every platform you need evidence from, Meta, Google, Snap, and X among them, is a California company. That single fact reshapes your discovery before the federal Stored Communications Act even enters the picture. To subpoena a California tech company you have to clear a California procedural gate first, and the case law that decides what these companies must actually hand over is, overwhelmingly, California case law. Facebook is the cleanest example, so this guide uses it throughout, but the analysis is the same whether the account lives on Instagram, Snapchat, Gmail, or X.

This post is the companion to our guide on how to subpoena cloud provider data . That one explains the federal wall every defense attorney hits. This one explains the California-specific layer that sits on top of it, the layer that determines whether your subpoena is even properly served and which precedents your judge will be reading.

Where We Sit: Two Roles, One Goal

A word on perspective. Lucid Truth Technologies exists to search for the truth, and in a criminal matter that search takes two forms. The first is the impartial forensic expert: the analysis here, like our conclusions in any case, follows the data wherever it leads, for whichever side retains us. The second is the professional investigator who works alongside defense counsel to reconstruct what actually happened, rather than treating the law-enforcement version as the whole story.

Neither role is the practice of law. We are forensic examiners and investigators, not attorneys, and nothing here is legal advice; the motions, the strategy, and the courtroom judgment calls belong to licensed counsel. What follows is how the evidence landscape looks from our chair. We call its central wrinkle the California catch: the label is ours, the procedure is real.

The Federal Wall, in One Paragraph

Start with the rule you already know, because the California catch makes no sense without it. The Stored Communications Act, 18 U.S.C. section 2703, lets a “governmental entity” compel a provider to disclose records; it gives the defense no equivalent power, and 18 U.S.C. section 2702 separately bars a provider from voluntarily disclosing the contents of communications [1 ], [2 ].

Every appellate court to publish on the question so far has read the SCA to bar a criminal defense subpoena for content, from the D.C. Court of Appeals in Facebook, Inc. v. Wint, 199 A.3d 625 (D.C. 2019), to the California Supreme Court in Facebook, Inc. v. Superior Court (Hunter), 4 Cal. 5th 1245 (2018) [3 ], [4 ]. Rebecca Steele has argued in the Yale Law Journal that the asymmetry is unconstitutional when it buries exculpatory evidence [5 ], and scholars including Rebecca Wexler have pressed parallel critiques, though no court has adopted that reform. That debate is unresolved, and our analysis does not depend on its outcome. Our cloud provider guide walks through this wall, the provider-by-provider retention windows, and the scholarly critique in full. Read it for the federal foundation. The rest of this post assumes it.

The California Catch, Part One: You Cannot Just Mail Menlo Park

Suppose you accept the wall and narrow your subpoena to the records a provider can produce: basic subscriber information, content the user configured as public, the non-content records that let you identify the other parties to a conversation. You draft it, you sign it, you mail it to Meta. If you practice outside California, it lands nowhere.

A subpoena issued by a court in another state has no force against a California company until it is domesticated. California’s Interstate and International Depositions and Discovery Act, by its terms, calls for an out-of-state subpoena to be reissued through a California superior court, either by the clerk on application or by a California-licensed attorney who issues the California subpoena directly [6 ]. In practice that means associating California counsel, and it means building that step into your timeline rather than discovering it after the provider’s legal team ignores your out-of-state paper.

The platforms say so themselves. Google states plainly that it accepts civil and criminal-defense subpoenas only from a California court, or from out-of-state process properly domesticated through a California court, served on its registered agent [7 ]. In our experience, Meta, Snap, and the others operate the same way. When you set out to subpoena a California tech company, the registered-agent-in-California requirement is not a formality you can paper over; it is the difference between a served subpoena and a stack of paper with no legal effect.

One honest caveat belongs here, and your California associate should brief it. The Interstate Discovery Act lives in the Code of Civil Procedure, and whether it cleanly governs a criminal subpoena is not settled by any controlling decision. Expect friction on that point, and do not assume the civil-discovery path transfers to your criminal matter without argument.

The California Catch, Part Two: California Courts Wrote the Rulebook

The deeper reason California matters is that its appellate courts have done most of the work interpreting how the SCA applies to social media. Because Meta, Snap, and Google are headquartered there, the cases that test these limits are filed there, and out-of-state defenders end up litigating under California precedent whether they realize it or not. Three decisions form the spine.

Hunter (2018) is the anchor. The California Supreme Court held that a provider may produce communications a user configured as public, on an implied-consent theory, but may not produce restricted content to a defendant [4 ]. That is the line between what your narrowed subpoena can reach and what it cannot.

Facebook, Inc. v. Superior Court (Touchstone), 10 Cal. 5th 329 (2020), is the one to read closely, because it teases two doors and walks through only one. The court framed as a question presented “whether the trial court might compel the prosecution to issue a search warrant on behalf of the underlying defendant,” then resolved the case on narrower subpoena grounds and left that question open [8 ]. The same opinion indicated, more helpfully, that a trial court may order an account holder, including a victim-witness, to consent to disclosure. That consent lever is often your fastest real path, and it exists because a California court said so.

Snap, Inc. v. Superior Court (Pina), 103 Cal. App. 5th 1031 (2024), is the frontier. A California Court of Appeal held that the SCA does not bar a provider from producing content on a defense subpoena where the provider accesses that content for its own business purposes, and it ordered production for in-camera review [9 ]. If that theory survives, it reshapes this entire analysis. The catch: the California Supreme Court granted review in September 2024 (No. S286267). Under California Rule of Court 8.1115(e), a grant of review no longer depublishes a Court of Appeal opinion, but it does strip its binding force. The decision stays published and may be cited for its persuasive value only, not as precedent, until the high court rules. Watch the docket, and do not build a defense around a holding the Supreme Court may yet narrow or reverse.

Notice the pattern. The rule that lets you reach public content, the lever that can compel a witness to consent, and the theory that might one day crack the content wall are all California holdings. When you subpoena a California tech company, you are not just serving a California address; you are arguing inside a body of law California built.

What You Can Actually Get

Within those limits, two narrow categories are reachable, and they are worth pursuing because they often point you to better evidence.

First, basic subscriber information under section 2703(c)(2): the name, account creation date, email and phone on file, recent login IP addresses, and payment data. Section 2702(c) lets a provider disclose these non-content subscriber records to a private party, which can help you identify, and then directly subpoena, the actual parties to a conversation [2 ]. Second, under Hunter, communications the user configured as public.

That is the realistic yield of process served on the provider itself. Everything that matters more lives somewhere else, and the rest of this post is about reaching it.

A Civil Aside: Even Public Posts Resist Self-Help

Picture a different matter. Someone who finished serving a sentence is now the target of a harassment campaign on Instagram, all of it posted publicly, and wants those posts as evidence in a civil suit. The posts are public, so the instinct is to screenshot them and move on. In practice, building an admissible, complete record of them is nearly impossible without the same proper legal process this post describes.

Start with the platform’s own rules. Instagram’s Terms of Use prohibit collecting information by automated means and creating accounts or accessing data in unauthorized ways, which rules out scraping the posts or monitoring them through a throwaway profile [10 ]. Meta enforces that line with its inauthentic-behavior systems, which detect and disable the fake or sock-puppet accounts investigators are tempted to spin up for quiet collection [11 ]. Manual screenshots avoid the automation problem but create an evidentiary one: they carry no provider metadata, the harasser can delete or hide a post mid-collection, and, as our guide to authenticating social media evidence explains, they invite the same authentication challenge as any self-export.

The reliable path is the one this whole post points to. Because the user configured the posts as public, Hunter lets a provider produce them in response to proper process [4 ], but that process is a civil subpoena domesticated through a California court and served on Meta’s registered agent [6 ], paired with a preservation request so nothing disappears first. The lesson generalizes past this one scenario: public describes who may see a post, not who may lawfully collect it. Even the most visible content on a California platform comes back cleanly only through a California-routed legal order.

The Routes to the Evidence That Matters

Because the provider will not hand you private content, the real investigative work is reaching it another way. Four routes tend to do that work; one much-asked-about route mostly does not. Our cloud provider guide covers several of these in depth, so the treatment here is brief and focused on what is specific to the California platforms.

Get What the Government Already Pulled

This is the strongest lever. If the prosecution obtained provider returns through its own warrant or 2703(d) order, Brady v. Maryland, 373 U.S. 83 (1963), and Kyles v. Whitley, 514 U.S. 419 (1995), require disclosure of favorable, material evidence in the prosecution team’s possession [12 ], [13 ]. Those returns are certified, hash-verified, and complete in a way no self-export is. This is where a focused motion to compel the content the prosecution already holds tends to do the most work, and that motion is counsel’s to make. The limit is that Brady does nothing when the government never sought the evidence you need.

Can You Persuade the Court to Order a Warrant?

This is the question defense attorneys ask most, and the answer is more open than a flat no. Left to itself, the government has no constitutional duty to gather evidence for the defendant. Arizona v. Youngblood, 488 U.S. 51 (1988), holds that police have “no constitutional duty to perform any particular tests” [14 ]. The prosecutor’s lack of a duty, though, is not the end of the inquiry, because the court has its own obligation to ensure the defendant receives due process, and that obligation is the lever a well-built motion presses. Pennsylvania v. Ritchie, 480 U.S. 39 (1987), allows in-camera review of records the state already possesses, though it does not reach records the government never obtained [15 ].

And Touchstone framed, then expressly left open, “whether the trial court might compel the prosecution to issue a search warrant on behalf of the underlying defendant” [8 ]. That open door is real. A judge persuaded that no other avenue can produce material, exculpatory evidence may be willing to order the prosecution to use its warrant power.

If you win that order, the mechanics matter, and they lead straight back to the California catch. A warrant the prosecution obtains is served by law enforcement through the provider’s law-enforcement portal, which returns certified, complete records and never touches the domestication problem. A court order that does not travel through that law-enforcement channel, anything you carry to the provider yourself, is treated like any other out-of-state process and must still be domesticated through a California court before the provider will honor it [6 ]. So the aim of the motion is not merely to get a warrant; it is to get the prosecution to carry it, because that is the single path that clears both the SCA and California’s service rules at once.

My research did not uncover public examples of a court ordering the prosecution to obtain third-party records for the defense. Some attorneys think it is advantageous to treat the motion as a genuine attempt and as record-building at the same time. Counsel can make the due-process and compulsory-process showing that leading commentators contend the Constitution requires, and when the court declines, the issue is preserved for appeal. As of today, that door is open but unused.

Section 2702(b)(3) lets a provider disclose content with the account holder’s lawful consent [2 ]. When the account is your client’s, or a cooperating witness’s, consent unlocks what a subpoena cannot, and Touchstone indicates a court may even order a victim-witness to consent. The cost is forensic. Consent routes through the platform’s self-export, and Meta directs a consenting user to its “Download Your Information” tool rather than producing certified records [16 ].

A self-download is data collection, not a forensic acquisition, and the distinction matters on the stand. As our post on authenticating social media evidence explains, it lacks cryptographic hashes, omits the metadata and artifacts a tool-based image would capture, and hands opposing counsel a selective-export argument. An examiner still adds value by documenting how the export was obtained, hashing the resulting files, and testifying to that process, while being candid that it is a collection with known limits rather than a forensic image.

Subpoena the Parties, Not the Provider

The SCA restricts the provider, not the people who sent and received the messages. As Wint recognized, a defendant can subpoena the account holders themselves; the discovery simply has to be directed to the owner of the data rather than to the regulated provider [3 ]. The catch is that a custodian can claim the data is gone, and anything produced faces the same authentication hurdles as a self-download.

Where the Content Actually Lives: the Device

When the provider will not produce content and no party will consent, the recoverable material very often still lives on a device. Endpoint forensics on a client’s or a cooperating witness’s phone can recover Messenger and WhatsApp conversations, cached media, and app databases the provider will never hand over. Unencrypted cloud backups in iCloud or Google Drive are another route. This is usually where a defense examiner adds the most value, and it sidesteps the SCA, and the California domestication problem, entirely.

Per-Platform Reality, Using Meta as the Example

What even exists to be found differs by surface, which matters whichever route you take. This mirrors the per-provider breakdown in our cloud provider guide and the FaceTime analysis in what Apple hands over . Meta makes the cleanest illustration because its four surfaces span the whole encryption spectrum.

  • Facebook and Instagram. Stored content, including direct messages, posts, and photos, exists on Meta’s servers and is reachable by a government warrant. Instagram had offered an opt-in encrypted DM mode; Meta removed that option effective May 8, 2026, so Instagram DM content is again producible on a warrant [17 ], [18 ].
  • Messenger. Default end-to-end encryption began rolling out in December 2023, so for new one-to-one chats even the government gets message and call logs and IP data, not plaintext content [19 ]. Whether content exists turns on whether the chat predates the account’s migration.
  • WhatsApp. End-to-end encrypted since 2016, so in the ordinary case no party, including Meta, holds the plaintext message content, though an unencrypted cloud backup or a linked device can change that. What remains is subscriber and device records, contacts, group membership, and who-contacted-whom logs under a pen register order [20 ]. The content lives on the device or in an unencrypted cloud backup.

Preservation and Timing

The government’s preservation tool, the 18 U.S.C. section 2703(f) request, is a governmental tool, and providers are under no obligation to honor a defense preservation letter [1 ]. The most masterful attorneys send one anyway: a documented request supports a later spoliation argument and shows diligence even if ignored. More importantly, image any device you lawfully control immediately, because that is the copy of the evidence you can actually preserve while the domestication and motion practice plays out.

What This Means in Practice

From the investigator’s chair, working alongside the defense teams that retain us, a few patterns save the most time when evidence is held by a California platform.

  • California domestication belongs in the timeline from the start, which usually means associating California counsel before anything is drafted.
  • A content subpoena to the provider for private material is routinely quashed, so it rarely rewards the wait.
  • The court, not just the prosecution, is the audience for a due-process motion to order a warrant; no court has done it yet, but the question is open, and a prosecution-carried warrant is the one path that also clears domestication.
  • Brady reaches the returns the government already obtained, which is often the most productive single request.
  • Account-holder consent unlocks what a subpoena cannot, and an examiner can document and hash the resulting export.
  • The parties to a conversation can be reached directly, because the SCA restrains the provider, not them.
  • The device is where the content usually lives, and it sidesteps both the SCA and domestication.
  • Preserving the constitutional record when a court refuses matters, because the law here, much of it made in California, may yet change.

The reason a subpoena to Meta runs through California, and the reason the precedents the judge cites were written there, is the same fact: this is where the companies live. The teams that treat California as the gate, not an afterthought, spend their time on the routes that work and skip the ones that never could. That is the truth-seeking job, and it is the one we are built for.

If you have an account held by a California platform at the center of a case and need help framing the obtainable discovery, supervising a forensically sound export, or recovering content from the device where it actually lives, contact Lucid Truth Technologies for a consultation.

References

[1] 18 U.S.C. section 2703 (Required disclosure of customer communications or records). [Online]. Available: https://www.law.cornell.edu/uscode/text/18/2703

[2] 18 U.S.C. section 2702 (Voluntary disclosure of customer communications or records). [Online]. Available: https://www.law.cornell.edu/uscode/text/18/2702

[3] Facebook, Inc. v. Wint, 199 A.3d 625 (D.C. 2019). [Online]. Available: https://case-law.vlex.com/vid/facebook-inc-v-wint-895459086

[4] Facebook, Inc. v. Superior Court (Hunter), 4 Cal. 5th 1245 (2018). [Online]. Available: https://scocal.stanford.edu/opinion/facebook-inc-v-super-ct-34595

[5] R. Steele, “Equalizing Access to Evidence: Criminal Defendants and the Stored Communications Act,” Yale Law Journal, vol. 131, 2022. [Online]. Available: https://yalelawjournal.org/note/equalizing-access-to-evidence-criminal-defendants-and-the-stored-communications-act

[6] California Code of Civil Procedure section 2029.300 (Interstate and International Depositions and Discovery Act). [Online]. Available: https://leginfo.legislature.ca.gov/faces/codes_displaySection.xhtml?sectionNum=2029.300.&lawCode=CCP

[7] Google, Information for Civil Subpoenas and Other Legal Process. [Online]. Available: https://support.google.com/faqs/answer/6151275

[8] Facebook, Inc. v. Superior Court (Touchstone), 10 Cal. 5th 329 (2020). [Online]. Available: https://supreme.courts.ca.gov/sites/default/files/supremecourt/default/2022-08/S245203A.pdf

[9] Snap, Inc. v. Superior Court (Pina), 103 Cal. App. 5th 1031 (2024), review granted, Cal. Supreme Court No. S286267 (Sept. 2024). [Online]. Available: https://www.gmsr.com/snap-inc-v-superior-court-s286267/

[10] Instagram, Terms of Use. [Online]. Available: https://help.instagram.com/581066165581870

[11] Meta, Community Standards: Inauthentic Behavior. [Online]. Available: https://transparency.meta.com/policies/community-standards/inauthentic-behavior/ [12] Brady v. Maryland, 373 U.S. 83 (1963). [Online]. Available: https://www.law.cornell.edu/supremecourt/text/373/83

[13] Kyles v. Whitley, 514 U.S. 419 (1995). [Online]. Available: https://www.law.cornell.edu/supremecourt/text/514/419

[14] Arizona v. Youngblood, 488 U.S. 51 (1988). [Online]. Available: https://www.law.cornell.edu/supremecourt/text/488/51

[15] Pennsylvania v. Ritchie, 480 U.S. 39 (1987). [Online]. Available: https://www.law.cornell.edu/supremecourt/text/480/39

[16] Meta, Information for Law Enforcement: Law Enforcement Guidelines. [Online]. Available: https://www.meta.com/safety/communities/law/guidelines/

[17] T. Hartley, “PSA: Instagram Encrypted Messaging Ends May 8,” MacRumors, May 5, 2026. [Online]. Available: https://www.macrumors.com/2026/05/05/psa-instagram-encrypted-messaging-ends-may-8/

[18] Bitdefender, “Meta to Halt Instagram End-to-End Encryption for DMs,” HotForSecurity, 2026. [Online]. Available: https://www.bitdefender.com/en-us/blog/hotforsecurity/meta-halt-instagram-end-to-end-encryption-dms

[19] Meta, “Launching Default End-to-End Encryption on Messenger,” Meta Newsroom, December 6, 2023. [Online]. Available: https://about.fb.com/news/2023/12/default-end-to-end-encryption-on-messenger/

[20] WhatsApp, About Government Requests for User Data. [Online]. Available: https://faq.whatsapp.com/808280033839222