GDPR-Compliant CCTV Footage: A Practical Redaction Guide

CCTV systems record everything — employees, customers, delivery drivers, passersby. Under GDPR, every identifiable face and license plate in that footage is personal data. When someone files a Data Subject Access Request, or when you share footage with police or insurers, raw footage alone cannot meet your obligations.

This guide covers the practical side of redacting CCTV footage for GDPR compliance: what triggers the requirement, how to handle DSARs under deadline, and how to build redaction into multi-camera operations. This is operational guidance, not legal advice. Consult a qualified legal professional for your specific situation.

Why CCTV footage falls under GDPR

GDPR Article 4 defines personal data as any information that can identify a natural person. Security cameras capture faces, license plates, name badges, and sometimes documents — all personal data under the regulation.

Recital 51 explicitly addresses photographs processed through technical means that allow identification. Modern CCTV systems with digital recording, facial recognition, and ANPR (automatic number plate recognition) fall squarely within scope.

The practical consequence: CCTV footage is a store of personal data with retention limits, access controls, and subject rights attached — not a simple security asset.

When redaction becomes mandatory

Three scenarios force CCTV operators to redact footage before release.

Data Subject Access Requests

Under GDPR Article 15, any individual recorded by your cameras can request a copy of their footage. You have 30 calendar days to respond. The catch: you must redact every other identifiable person before handing it over. Releasing unredacted footage containing third parties is itself a GDPR violation.

For a single camera, this might mean blurring a handful of bystanders. For a retail store or warehouse with dozens of cameras, a DSAR can mean redacting hundreds of faces across hours of footage — all within that 30-day window.

Sharing footage with law enforcement

When police request CCTV footage, you need a lawful basis for the disclosure. Depending on the request and your jurisdiction, you may need to redact individuals irrelevant to the investigation. Even where law enforcement provides a legal basis, sharing footage of uninvolved third parties creates unnecessary risk.

Sharing with insurers and third parties

Insurance claims, workplace incident investigations, and legal proceedings often require CCTV evidence. Redact any identifiable information not directly relevant to the matter. An insurer investigating a slip-and-fall does not need to see every employee's face in the background.

How to redact CCTV footage at scale

Small operations with a single camera and infrequent requests can sometimes manage with manual video editing. Multi-camera environments cannot.

Assess your camera estate

Map your camera locations, recording volumes, and retention periods. A 20-camera retail site recording 24/7 at 15 fps generates massive volumes of footage. Understanding your estate tells you whether manual redaction is feasible or whether you need automation.

Use automated detection for consistent results

Manual redaction is slow and error-prone. A reviewer scrubbing through hours of footage will miss faces — especially in crowded scenes or low-light conditions. Automated PII detection applies the same model to every frame, catching faces, license plates, and other identifiable information that human reviewers overlook.

PiiBlur detects 13 categories of PII in video, including faces, license plates, name badges, and ID cards. It applies blur or pixelation consistently across every frame, eliminating the inconsistency of manual redaction.

Integrate redaction into your Video Management System

Most modern VMS platforms — Milestone, Genetec, Avigilon — support export workflows and API integrations. Build an automated pipeline instead of redacting footage manually after each request:

1. Export the relevant footage segment from your VMS
2. Send it to the PiiBlur API for automated redaction
3. Store the redacted version alongside the original for audit
4. Deliver the redacted copy to the requester

This pipeline turns a multi-hour manual task into an automated workflow that runs in minutes. For surveillance operations handling frequent requests, API integration eliminates the redaction bottleneck.

Handle multi-camera redaction efficiently

DSARs often span multiple cameras. A customer walking through a shopping centre might appear on entrance cameras, aisle cameras, and car park cameras. You must locate all relevant footage, redact each clip, and deliver the complete set within 30 days.

Batch processing through the API lets you submit multiple video clips simultaneously. Process all camera angles in parallel rather than one at a time.

Building a DSAR response process for CCTV

A reliable DSAR process prevents last-minute scrambles. Define these elements before you receive your first request:

Footage identification. How will you locate footage of the requesting individual? Timestamp and camera location are the minimum. Some organizations require the requester to provide a recent photograph for identification.

Verification. Confirm the requester's identity before releasing footage. An unverified DSAR response that discloses footage to the wrong person is a data breach.

Redaction workflow. Define who exports footage, who triggers redaction, and who reviews the output. Automated redaction reduces review time but does not eliminate oversight.

Delivery and documentation. Record what footage was provided, what was redacted, and when the response was delivered. This audit trail protects you if the request is later disputed.

The 30-day DSAR deadline is strict. Extensions apply only in limited circumstances. Automated redaction is the most reliable way to meet deadlines consistently.

Retention, minimization, and proactive redaction

GDPR's data minimization principle applies directly to CCTV. Retain footage only as long as its stated purpose requires. Most CCTV systems default to 30-day retention, but your justified retention period depends on your lawful basis and operational needs.

Some organizations proactively redact stored footage after a defined period — keeping footage for incident review but redacting identifiable information once the immediate need passes. This reduces data protection liability while preserving evidentiary value for non-personal purposes.

For a broader look at how GDPR applies to visual data beyond CCTV, see our guide to GDPR image compliance.

Start redacting CCTV footage today

Every day your CCTV system records, it accumulates personal data with compliance obligations attached. The next DSAR, police request, or insurance claim will demand redacted footage — and the 30-day clock starts when the request arrives.

PiiBlur's API handles video redaction across all 13 PII categories. Process single clips through the dashboard or integrate the API into your VMS for automated workflows. The free tier includes 5 minutes of video per month, so you can test it against your actual CCTV footage before choosing a plan.