> right now and pick up a hard drive big enough to store this data with cash I happen to have in my wallet.

You do know that the legal recordkeeping requirements mandate specific indexing and cross-referencing requirements, and that the age records must legally include copies of portions of every covered piece of media sufficient to identify the performer against the photos in the age recors, and also must include cross-reference to every individual full work.

If your media is live streamed, it doesn't seem to me likely that you could meet the requirements with an offline system.

> If your media is live streamed, it doesn't seem to me likely that you could meet the requirements with an offline system.

You store all the PII offline and assign each performer a unique identifier. Then tag each stream with the unique identifier.

Why would that not work?

> Why would that not work?

It would work if the law is applied on such a way that the list of media retrieved by querying using the performer ID on the media server is acceptable as the listing of depictions that is required to be part of the age verification records. It's pretty clear in the combination of statute and regulation that either hardcopy or digital records can be used, but it's not at all obvious that a hybrid of that particular form satisfied the requirements. From an information management perspective, I can see it making sense; from what I've seen of administration of legal rules I can see where it might not be. Especially in an industry that politicians (and lead US federal prosecutors are all a brand of politicians) like to score points against, I would expect people to be extremely conservative about uncertain legal exposure; you don't want a setup where you have a decent but uncertain argument of it goes to court, you want one that would never give anyone a reason to think it was a viable pretext for legal action against you in the first place.

Would printing out screenshots of the video constitute copies of portions?

If so, there's a simple solution, albeit one that involves hiring a decent-sized staff of file clerks: whenever a model uploads a video, have a printer start spewing screenshots and have an file clerk grab a selection of photos that both identify the video and clearly show the model's face and put them in that model's file in the cabinet.

I did not know this!

I guess today was my day to put my foot in my mouth for assuming that I can solve complicated systems with a "why don't you just" :/

It is not that difficult to achieve with documents, actually.

that's a fair point. I'm not saying they didn't make mistakes, just that I understand why they held onto the ID's in this case.

It's very rare law enforcement requires (by law) a realtime, self-service access to information.

Companies just choose to give them realtime access because they charge an admin fee for data access, and if it's realtime, they'll earn more.

Also data retention policy: automatically purge old data when it is no longer actively being accessed

Well, no - this data could be relevant ten years from now, if they’re accused of allowing an underage model after the fact. They need this data to protect themselves, and they need to have it accessible for the rest of their lives.

This is quite incorrect. Most jurisdictions have record retention policies that explicitly state that you're allowed to dispose records after a certain period of time (usually based on record type). After that, even if the record would be relevant to a case, you cannot be held liable for having disposed of it.

source: i work in this field

Isn't there a better solution involving offline storage? Keeping the data online is likely exposing it to insider threats as well.

Isn't there a statuate of limitations?

There are many, but capital offenses have no limitation, and there are many potential capital offenses. However, that shouldn't really be an issue here, because any business can commit a capital offense, but we don't require every business to record every bit of information about everything they do in perpetuity just because they might commit a capital offense one day. Innocent until proven guilty.

I think that there is a limit on the required period of record retention but I keep failing to find it.

But I don't think it is short, and it at least extends as long as you are selling the material to which it relates, since it is expressly illegal to sell depictions without the records.

If the data is to protect yourself against criminal accusations, there's not really a time limit after which data can be safely purged.

They could be accused many years after the fact.

Often the law that stipulates you need the record, also stipulates how long you need it. Good data hygiene is to retain in it for as long as necessary, and no longer.

It does not. They use old footage of models indefinitely and can be accused at any time of distributing such materials even after they’ve stopped distributing it when clients are found in possession.