How Long Is CCTV Footage Kept UK

CCTV is widely used across the UK by homeowners, landlords, businesses, and local authorities as a means of security and monitoring. One of the most common questions surrounding these systems is how long CCTV footage should be kept. The answer depends on the purpose of the recording, who is operating the system, and the obligations under data protection law. While many assume that keeping footage indefinitely is best, UK law sets out clear expectations to ensure that recordings are not held for longer than necessary.

The Legal Framework for CCTV Retention

In the UK, CCTV footage that captures identifiable individuals falls under the scope of data protection legislation. This includes the UK General Data Protection Regulation and the Data Protection Act. These laws require anyone operating CCTV to process personal data fairly, lawfully, and transparently. One of the key principles is that data must not be stored for longer than necessary. That means CCTV operators should have a clear policy for how long footage is retained before it is deleted. This applies not only to businesses and landlords but also to homeowners if their cameras capture public areas or neighbouring property.

Typical Retention Periods for CCTV

There is no single fixed time that CCTV footage must be kept in the UK. Instead, retention periods should reflect the purpose of the system. For most domestic and commercial uses, a retention period of around 30 days is common. This is usually long enough to review and investigate incidents such as theft, anti-social behaviour, or vandalism. In higher-risk environments, such as banks or transport hubs, footage may be retained for longer, sometimes up to 90 days. However, keeping recordings for extended periods must still be justified, and operators should be able to explain why it is necessary.

CCTV for Domestic Use

For homeowners, CCTV systems are often used purely to protect private property. If the cameras only capture images within the boundaries of your home, such as a driveway or back garden, then data protection law does not apply. In this case, you may keep footage for as long as you choose. However, it is still best practice to set a sensible retention period. Many homeowners opt for automatic overwriting of footage after a set number of days, usually between two weeks and one month. This ensures the system runs efficiently without consuming unnecessary storage space.

CCTV Covering Public Areas or Third-Party Property

When home CCTV captures images beyond your own property, such as public footpaths or a neighbour’s garden, then you become subject to data protection obligations. This includes the requirement to avoid retaining personal data for longer than necessary. As with business use, a retention period of around 30 days is considered reasonable. If footage is needed as evidence for an ongoing investigation, it may be kept for longer, but once the purpose has been fulfilled, it should be securely deleted.

Business and Commercial CCTV Retention

For businesses, schools, landlords, and other organisations, retention policies are particularly important. The Information Commissioner’s Office advises that CCTV operators should have a clear written policy that sets out retention periods and explains why recordings are stored for that length of time. Staff should also be trained to manage footage securely and ensure it is not accessed or retained unnecessarily. For example, a retailer may keep footage for 31 days to allow time to investigate incidents of shoplifting, while a landlord may keep recordings from communal areas for a similar period to manage tenant or visitor disputes.

Exceptions for Evidence and Legal Proceedings

Although routine retention periods are typically set at 30 days, there are situations where footage may need to be kept longer. If a crime is reported and the police request a copy of relevant recordings, or if footage is required for insurance or legal purposes, then it may be retained until the investigation or case is resolved. Once the matter is concluded, the operator should securely delete the data in line with their retention policy. Importantly, this must be the exception rather than the norm.

Why Retention Periods Matter

Keeping CCTV footage for longer than necessary can be a breach of data protection law. It increases the risk of unauthorised access or misuse of recordings and places unnecessary demands on storage systems. More importantly, it undermines the balance between security and privacy that UK law seeks to maintain. By setting clear retention periods and deleting data when it is no longer required, operators demonstrate compliance and show that CCTV is being used responsibly.

Practical Considerations for Storage

Modern CCTV systems often include features that allow for automated management of recordings. This can include loop recording, where old footage is automatically overwritten after a set number of days. Cloud storage systems may also provide options to configure retention periods, ensuring compliance is built into the operation of the system. For homeowners and small businesses, this can be the easiest way to ensure that data is not kept for longer than intended.

Conclusion

In the UK, there is no absolute rule on how long CCTV footage must be kept, but the guiding principle is that it should only be retained for as long as it is needed for the purpose it was recorded. For most households and businesses, a period of around 30 days is considered appropriate, with longer retention only in cases of investigation or legal proceedings. By adopting a clear policy and using system features to manage storage automatically, both homeowners and organisations can protect themselves, their property, and the privacy rights of others.