The Stored Communications Act: How US Police Legally Compel Online Data
Subscriber data, transaction records, or message content: in the United States each tier needs a different legal instrument. A plain guide to the SCA's three-tier process (subpoena, 2703(d) order, search warrant), preservation letters, the Carpenter rule, the CLOUD Act, and non-disclosure orders.
For US investigators, the question is never just "can I get this data." It is "which legal instrument compels it." The Stored Communications Act (SCA), codified at 18 U.S.C. 2701 to 2712, sets a three-tier ladder: the more sensitive the data, the higher the legal standard. Getting the tier wrong gets evidence suppressed. This guide lays out the ladder and the rules that surround it.
- Tier 1, subpoena (18 U.S.C. 2703(c)(2)): basic subscriber information only (name, address, session and connection records, length of service, payment means).
- Tier 2, 2703(d) court order: non-content records and transactional data, on "specific and articulable facts" that the records are relevant and material to an ongoing investigation.
- Tier 3, search warrant (probable cause): the content of communications. In federal practice, a warrant is the operative rule for all content.
- Preserve first: a 2703(f) letter freezes records for 90 days while you obtain process.
The three tiers, in detail
Each tier maps to a category of data:
| Legal process | What it compels |
|---|---|
| Subpoena (grand jury or administrative) | Basic subscriber records under 2703(c)(2): identity, addresses, connection and session logs, length and types of service, and means of payment. No content. |
| 2703(d) court order | Non-content records beyond the basics: transactional and metadata records. The standard is "specific and articulable facts showing reasonable grounds to believe" the records are relevant and material to an ongoing criminal investigation. A lower bar than probable cause. |
| Search warrant | The contents of communications (message bodies, stored files, photos). Requires probable cause. The statute's old 180-day distinction has largely been overtaken by practice: federal investigators obtain a warrant for content regardless of age. |
Preservation letters (2703(f))
Before you have your legal process ready, send a preservation request under 18 U.S.C. 2703(f). The provider must retain the identified records for 90 days, extendable for one additional 90-day period on a renewed request. No court order is needed to preserve. Preservation only freezes what exists at the time of the request, so send it early, then serve the appropriate tier to actually obtain the data.
Location data and the Carpenter rule
Historical location data has its own rule. In Carpenter v. United States, 585 U.S. 296 (2018), the Supreme Court held that obtaining historical cell-site location information (CSLI) is a Fourth Amendment search requiring a warrant supported by probable cause. The third-party doctrine does not save a subpoena here. Treat historical location data as warrant-tier. For the mechanics of cell records, see our guide on CDR, IPDR and tower dumps.
Data stored abroad: the CLOUD Act
Where a US-based provider stores data overseas, the CLOUD Act (2018) settled that the provider must produce data within its possession, custody, or control in response to lawful US process, regardless of where the bytes physically sit. The Act also created executive agreements as a faster alternative to the traditional MLAT channel for qualifying foreign partners.
Keeping it quiet: non-disclosure orders (2705(b))
If notifying the customer would jeopardise the investigation, seek a non-disclosure order under 18 U.S.C. 2705(b). A court may bar the provider from telling anyone about the legal demand on a finding of risk to life or safety, flight, evidence destruction, witness intimidation, or serious jeopardy to the case. Recent practice requires these findings per order rather than blanket, and Department of Justice policy generally limits the delay to one year absent exceptional circumstances.
When you cannot wait
For an imminent threat to life, the SCA permits providers to disclose voluntarily, and most run an emergency channel. That is a separate track from compelled process. See our explainer on Emergency Disclosure Requests, and for serving the platforms themselves, the platform-by-platform LERS guide.
Frequently asked questions
Do I need a warrant for email content? In federal practice, yes. A subpoena or 2703(d) order reaches subscriber and non-content records; the contents of communications are obtained with a probable-cause warrant.
What does a 2703(d) order get that a subpoena does not? Non-content transactional records and metadata beyond the basic subscriber set, on a "specific and articulable facts" showing rather than probable cause.
How long does a preservation letter hold data? 90 days, with one 90-day extension on renewed request, under 2703(f). It does not capture future data.
Can I get historical location data with a subpoena? No. Under Carpenter, historical cell-site location information requires a warrant.