SB 691 instructs California law enforcement agencies to adopt written policies and procedures governing the recording, downloading, storage, tagging, and release of body‑worn camera (BWC) data. It bundles operational guidance — who downloads footage, how files are categorized, and contract safeguards for cloud vendors — with specific retention expectations and protections for patients receiving medical care.
The bill matters because it shifts many technical decisions about BWC programs from ad hoc local practice toward a common, documented set of best practices. That affects procurement, records management, public‑records disclosure, criminal discovery, and agency exposure when footage is mishandled or insufficiently preserved.
At a Glance
What It Does
The bill requires agencies that operate BWCs to adopt policies based on listed best practices: designate who downloads footage, tag and categorize video at download, define storage locations, set retention schedules, require vendor safeguards (audit trails, backups, contracts), and include procedures to handle patient privacy and redaction requests.
Who It Affects
All California law enforcement agencies that use body‑worn cameras, the vendors they contract with for storage or cloud services, emergency service personnel who may request limited recording or redaction, and attorneys/prosecutors who rely on long‑term evidence preservation.
Why It Matters
SB 691 establishes common expectations that will shape BWC procurement and records workflows, raise the baseline for chain‑of‑custody practices, and create operational duties (downloading, tagging, redaction handling) that agencies must build into daily practice and contracts.
More articles like this one.
A weekly email with all the latest developments on this topic.
What This Bill Actually Does
SB 691 is framed as a best‑practices statute rather than a micromanaging mandate. It begins by stating legislative intent to standardize policies and then enumerates concrete items agencies should consider when they adopt or update BWC policies.
The items cover the whole data lifecycle: who takes custody of cameras when automatic download isn't available, when footage gets moved into the storage system, how video is tagged and categorized, and what technical and contractual protections vendors should provide.
On retention, the bill draws a bright‑line baseline: nonevidentiary recordings should be kept at least 60 days before deletion is allowed, while recordings that qualify as evidentiary — such as use‑of‑force incidents, officer‑involved shootings, detentions/arrests, or recordings tied to complaints — should be retained at least two years. If footage contains evidence relevant to a criminal prosecution, agencies must retain it under the same rules that apply to other criminal evidence.
The bill also requires that records or logs of access and deletion be retained permanently, which creates a separate long‑term metadata obligation.SB 691 addresses third‑party storage explicitly. Agencies are told to assess vendor experience, require contracts that protect agency data, demand built‑in audit trails and automatic backups, and consult counsel to preserve chain of custody.
The statute also declares BWC data to be the property of the agency and forbids agency personnel from using footage for personal purposes or uploading it to public social media, with sanctions for violations.The bill adds a patient‑privacy layer: agencies must update policies to give camera‑wearing personnel discretion to limit or temporarily stop recordings during medical or psychological evaluation or treatment when such recordings could cause embarrassment or humiliation, and to include procedures that let emergency service personnel request redaction (for example, blurring or muting) before public release. It also cross‑references existing medical confidentiality laws and does not create a new obligation to render aid.Two drafting features matter for implementers: multiple provisions use the word "should" (advisory) rather than "shall" (mandatory), and the policy‑update deadline in the text lists two close but different dates (July 1, 2026, 2027), an ambiguity agencies must resolve when updating policies.
The statute preserves the public's right to access recordings under the California Public Records Act, so retention and redaction rules will interact directly with CPRA disclosures and discovery practice.
The Five Things You Need to Know
Nonevidentiary BWC footage is to be retained at least 60 days before agencies may erase or destroy it.
Recordings that are evidentiary — including use‑of‑force, officer‑involved shootings, arrests/detentions, or complaint‑relevant footage — must be retained for a minimum of two years.
If footage contains evidence relevant to criminal prosecution, agencies must retain it according to existing rules for criminal evidence rather than the statutory minima.
The bill requires agencies to retain access and deletion logs permanently, creating an enduring metadata record separate from the video files themselves.
When cameras do not automatically offload footage, a supervisor must take physical custody and download recordings for incidents involving force, officer‑involved shootings, or other serious events.
Section-by-Section Breakdown
Every bill we cover gets an analysis of its key sections.
Legislative purpose — adopt best practices
This short section states the Legislature's intent that agencies adopt policies for recording, downloading, and storing BWC data, and that those policies be based on best practices. It sets the tone: the statute is framed as guidance to standardize how agencies govern BWC data rather than as a prescriptive, one‑size‑fits‑all operational code.
Download responsibilities, timing, and anti‑tampering
These paragraphs tell agencies to designate who downloads data and to create rules that ensure timely download and camera readiness. If a system lacks automatic downloading, the officer's supervisor should immediately take physical custody and download footage after serious incidents. Agencies must adopt measures to prevent tampering, unauthorized copying, or deletion and must tag and classify video at download so recordings are searchable and sortable for investigation and disclosure.
Minimum retention schedules for nonevidentiary and evidentiary data
This provision sets retention minimums: nonevidentiary footage should be kept at least 60 days; evidentiary footage specified in the statute must be kept at least two years. It also defers to existing legal obligations for material relevant to criminal prosecutions and instructs agencies to consult counsel when setting a retention schedule to protect chains of custody. Practically, agencies must translate these minima into records schedules and disposal procedures that align with state discovery and evidence law.
Storage location and third‑party vendor safeguards
The statute requires agencies to state where data is stored and, if using third‑party vendors, to consider vendor reputation, contracts that protect agency data, audit trails to detect tampering, automatic backups, and technical support. This is a practical checklist for procurement teams; contracts will need explicit terms on access controls, audit logging, incident response, and chain‑of‑custody assurances.
Agency ownership and prohibition on personal use
SB 691 specifies that recordings are the property of the agency and prohibits personnel from accessing footage for personal use or uploading it to social media. Agencies must build disciplinary or other sanctions into policy for violations, and should update training and supervision practices to enforce the ban.
Patient privacy, redaction procedures, and emergency personnel requests
This subdivision directs agencies to update policies to give camera‑wearing personnel discretion to limit recording during medical or psychological evaluations or treatments that could embarrass a patient, to establish procedures enabling emergency service personnel to request redaction (blurring/muting) prior to public release, and to respond to those requests. It explicitly preserves existing state (CMIA) and federal (HIPAA) confidentiality protections and clarifies that the statute doesn't create a new duty to render aid.
Definitions and public‑records reservation
The bill defines 'evidentiary data' and 'nonevidentiary data' to guide retention application and confirms that the California Public Records Act remains the avenue for public access. These entries anchor the retention rules to statutory definitions and remind agencies that retention/redaction choices will affect CPRA disclosure obligations.
This bill is one of many.
Codify tracks hundreds of bills on Justice across all five countries.
Explore Justice in Codify Search →Who Benefits and Who Bears the Cost
Every bill creates winners and losers. Here's who stands to gain and who bears the cost.
Who Benefits
- Members of the public and civil‑rights groups — they gain clearer policy baselines (tagging, retention minima, permanent access logs) that make oversight, complaints, and transparency requests easier to evaluate.
- Emergency service personnel and patients — the bill requires redaction procedures and gives responders a channel to request blurring or muting of footage that captures sensitive examinations or treatment.
- Prosecutors and defense counsel — longer, standardized retention for evidentiary recordings and permanent access logs reduce the risk of lost or contested evidence and streamline discovery questions when footage is material to a case.
- Procurement and records teams at agencies — the vendor checklist (audit trails, backups, contract protections) provides concrete criteria to include in RFPs and agreements, reducing downstream legal risk.
Who Bears the Cost
- Local law enforcement agencies — they must update policies, train personnel, implement tagging and logging procedures, and budget for increased storage and permanent log retention, all of which can be significant for small departments.
- County and city budgets — expanding data storage, retaining metadata permanently, and buying vendor services or upgrading internal servers will increase recurring costs and administrative burden.
- Supervisors and line officers — when automatic offload is unavailable, supervisors are expected to take custody and download footage after serious incidents, adding operational tasks and potential liability for mishandling.
- Third‑party vendors — vendors will face contract requirements (audit trails, backups, technical support) that shift liability and compliance responsibilities into procurement contracts and may raise pricing for smaller agencies.
Key Issues
The Core Tension
The central dilemma is between transparency/accountability (longer retention, permanent access logs, public‑records disclosure) and privacy, cost, and operational feasibility (patient privacy, vendor costs, storage burdens, and the administrative work of downloading/tagging); the bill tries to thread that needle by offering best practices rather than strict commands, but that ambiguity forces agencies to choose how strongly to prioritize one interest over the other when they implement policy.
SB 691 mixes advisory language ('should') with directive language and contains at least one drafting ambiguity about the policy‑update deadline (the text lists July 1, 2026 and 2027). That combination leaves room for differing legal interpretations: some provisions effectively function as recommended practices, while others (for example, retention minima stated as 'should be retained for a minimum of') could be treated as expectations rather than enforceable mandates.
Agencies will need to decide whether to convert the guidance into mandatory local rules to ensure consistent compliance.
Other implementation challenges are practical and legal. The statutory minima (60 days for nonevidentiary, two years for defined evidentiary categories) and the permanent retention of access/deletion logs will increase storage, indexing, and records‑management costs — especially for agencies that currently purge footage more quickly or use low‑cost vendors without robust audit trails.
The bill's requirement that data be agency property and not uploaded to social media is straightforward in principle, but enforcement depends on well‑defined sanctions and supervision protocols that the bill does not specify. Finally, redaction procedures introduce a timing tension: protecting patient privacy through redaction can conflict with discovery deadlines and CPRA requests, meaning agencies will need concrete workflows to balance privacy with timely disclosure obligations.
Try it yourself.
Ask a question in plain English, or pick a topic below. Results in seconds.