Police.live is an AI-powered video analytics platform purpose-built for law enforcement. It transforms standard IP cameras into intelligent threat detection systems for police stations, jails, detention centers, and airports — all processed on-premises without cloud dependency.

Does Police.live require an internet connection?

No. All AI video processing happens on-premises inside your facility. Internet is only required for optional cloud features like remote device monitoring or over-the-air updates.

Can Police.live work with existing security cameras?

Yes. Police.live works with any standard RTSP or IP camera using H.264 or H.265 encoding. No hardware replacement is required — simply connect your existing cameras to the NeueTrace appliance.

Is Police.live NDAA Section 889 compliant?

Yes. Police.live software is NDAA Section 889 compliant, free of components banned under U.S. federal procurement restrictions. It is safe for government and federal agency deployment.

What AI detection capabilities does Police.live provide?

Police.live detects fire and smoke, violence and weapons, performs facial recognition and license plate recognition (ANPR), counts people and analyzes crowds, detects loitering and abandoned objects, monitors restricted areas, and provides cell monitoring for detention facilities.

How many cameras can Police.live support?

Police.live supports 6 to 40+ cameras per device depending on the hardware tier. Edge Compact supports 6-8 cameras, Edge Performance supports 12-16 cameras, and Server Class supports 20-40+ cameras with multi-GPU scaling.

Is customer video data sent to the cloud?

No. All video, biometric data, and analytics remain on the customer network. Police.live uses a privacy-first on-premises architecture with zero cloud dependency.

Who makes Police.live?

Police.live is a product of NeueCode (a Helnix company), built on the NeueTrace V3 AI video analytics engine. NeueCode is headquartered in Portland, Oregon with operations in the United States, Kuwait, and Saudi Arabia.

Compliance Guide

The Complete CJIS Compliance Guide for AI Video Analytics

Q: What encryption does Police.live use?

Police.live uses industry-standard AES-256 encryption for data at rest and in transit — the same encryption standard used by the U.S. military and financial institutions.

The Criminal Justice Information Services (CJIS) Security Policy governs how law enforcement agencies handle, store, and process criminal justice information. As police departments adopt AI video analytics, facial recognition, and body camera systems, CJIS compliance has become a critical procurement requirement. This guide explains what CJIS requires, where AI video systems intersect with the policy, and how to deploy compliantly.

The Complete CJIS Compliance Guide for AI Video Analytics

What Is CJIS Security Policy?

The CJIS Security Policy is a set of mandatory requirements published by the FBI that governs how Criminal Justice Information (CJI) is accessed, transmitted, stored, and disposed of. It applies to any agency, contractor, or vendor that touches CJI — including local police departments, sheriff offices, state agencies, and federal partners.

The policy is updated periodically (current major version: 5.9.x) and contains 13 policy areas covering everything from physical security to encryption, audit logging, personnel screening, and incident response. CJIS is enforced through state-level CJIS Systems Agencies (CSAs) that audit member agencies for compliance.

For AI video analytics, the relevant CJIS requirements depend on what the system processes: live video alone may not be CJI, but facial recognition matched against criminal databases, license plate reads against active warrants, or evidence storage tied to investigations all bring video systems into CJIS scope.

When Does AI Video Analytics Trigger CJIS Requirements?

Not every camera deployment requires CJIS compliance. The trigger is when video data becomes Criminal Justice Information — typically when it intersects with criminal investigations, arrests, or law enforcement databases.

Facial recognition matched against criminal databases (NCIC, state warrants) — CJIS applies
License plate recognition against stolen vehicle or wanted person databases — CJIS applies
Video used as evidence in criminal cases — CJIS applies (chain of custody requirements)
Body camera footage involving suspects or arrests — CJIS applies
General security cameras at a public lobby with no criminal data linkage — typically does NOT trigger CJIS
Holding cell monitoring of detained persons — typically applies (detainees are CJI subjects)

Core CJIS Requirements That Apply to AI Video Systems

When AI video deployment falls under CJIS scope, the following policy areas typically apply most directly:

Encryption (Policy Area 10): All CJI in transit must be encrypted with FIPS 140-2 validated cryptography. Stored CJI must be encrypted at rest.
Access Control (Policy Area 5): Role-based access with multi-factor authentication for any user accessing CJI. Audit logging of all access events.
Personnel Security (Policy Area 12): Personnel with access to CJI must pass fingerprint-based background checks (NCIC).
Physical Security (Policy Area 9): Servers and storage holding CJI must be in physically secured locations with documented access logs.
Auditing & Accountability (Policy Area 4): All access, modification, and deletion of CJI must be logged and retained for at least 365 days.
Incident Response (Policy Area 3): Documented procedures for detecting, reporting, and responding to security incidents involving CJI.
Configuration Management (Policy Area 7): Change control for any system handling CJI. Vendor patches must be reviewed and approved.

Why Cloud-Based AI Surveillance Struggles with CJIS

Cloud-based AI video systems (e.g., Verkada, Avigilon Alta, Coram AI) face a fundamental tension with CJIS: the platform vendor processes and often stores video data on third-party infrastructure (AWS, Azure). For CJIS purposes, this can require the vendor to be CJIS-compliant themselves, including personnel screening of cloud engineers, audit access to cloud datacenters, and contractual flow-down agreements.

Some cloud vendors have invested heavily in CJIS compliance certifications, but procurement officers often find it simpler to choose on-premises systems where data physically stays on agency-controlled infrastructure. This eliminates the third-party cloud variable from CJIS audits.

For agencies in jurisdictions with stricter interpretations of CJIS (or with state laws layering additional requirements like California CCPA or specific state CJIS supplements), on-premises deployment is often the only realistic path to compliance.

How Police.live Aligns with CJIS Requirements

Police.live is built on a privacy-first architecture that aligns naturally with CJIS expectations. Because the platform runs entirely on-premises on the X-B3 appliance inside your facility, you maintain full physical, network, and access control over all data — no third-party cloud variables to audit.

AES-256 encryption for data at rest and in transit (FIPS 140-2 validated cipher suites)
Role-based access control with multi-factor authentication options
Comprehensive audit logging — every event, alert, search, and configuration change is logged with user, timestamp, and IP
Hardened Linux-based appliance with minimal attack surface
No third-party cloud dependency — data never leaves your network
NDAA Section 889 compliant — safe for federal procurement
Custom CJIS compliance roadmap available — our team works with your CJIS Systems Officer (CSO) to align deployment to your jurisdiction

CJIS Deployment Checklist for AI Video Systems

Use this checklist when evaluating any AI video analytics platform for CJIS-compliant deployment:

Confirm where data is processed and stored — on-premises is simplest for CJIS
Verify FIPS 140-2 validated encryption for data at rest and in transit
Require role-based access control with MFA support
Confirm comprehensive audit logging (minimum 365-day retention)
Review vendor personnel security — anyone with potential access to CJI must be background-checked
Document the deployment architecture, network topology, and data flows for your CSO
Establish incident response procedures specific to the AI video system
Confirm vendor will support your CJIS audit by providing documentation, attestations, and access on request
Review configuration management — what is the patch process? Who approves changes?
Validate physical security of any on-premises hardware (locked server room, access logs)

Common CJIS Audit Findings for AI Video Deployments

When agencies fail CJIS audits involving AI video systems, the most common findings cluster around a few specific issues:

Missing or weak encryption — particularly for data in transit between cameras and AI processor, or between AI processor and operator workstations
Inadequate audit logging — many vendors log alerts but not user actions like searches, exports, or configuration changes
Cloud data flow not documented — agencies sometimes do not realize their AI vendor sends metadata or thumbnails to cloud
Missing MFA — single-factor authentication for operator workstations is a common gap
Personnel screening gaps — vendor support engineers with remote access who have not been background-checked to CJIS standard
No incident response plan that specifically covers the AI video system

Bottom Line

On-premises AI video systems with strong encryption, audit logging, and access control are the path of least resistance to CJIS compliance.

Police.live Position

Built on-premises by default with AES-256 encryption, comprehensive audit logging, and a CJIS deployment roadmap tailored to your jurisdiction.

Cloud AI Caution

Cloud-based AI video systems can be CJIS-compliant but typically require vendor CJIS certification, contractual flow-downs, and increased audit complexity.

Procurement Tip

Require vendors to provide a written CJIS compliance attestation and documentation of how their architecture maps to each relevant CJIS policy area.

Frequently Asked Questions

Is Police.live CJIS certified?+

CJIS is a policy framework, not a certification — there is no single "CJIS certified" stamp. Instead, individual deployments are audited by state CJIS Systems Agencies for compliance. Police.live provides a CJIS compliance roadmap and architectural alignment with all relevant policy areas. Our team works directly with your CJIS Systems Officer (CSO) to support your audit.

Does cloud AI video automatically violate CJIS?+

No. Cloud-based AI video can be deployed compliantly with CJIS, but it requires the cloud vendor to also be CJIS-compliant, including personnel screening of their staff, contractual flow-down agreements, and additional audit complexity. Most agencies find on-premises deployment significantly simpler for CJIS purposes.

Do all law enforcement video deployments require CJIS compliance?+

No. CJIS applies when video data becomes Criminal Justice Information — typically when it links to investigations, arrests, criminal databases, or evidence. A camera in a public lobby with no investigative linkage may not require CJIS. Cell monitoring of detainees, body cameras at arrest scenes, and facial recognition against criminal databases all bring video into CJIS scope.

What encryption does Police.live use for CJIS purposes?+

Police.live uses AES-256 encryption for data at rest and in transit. The cipher suites are FIPS 140-2 validated, meeting CJIS Policy Area 10 requirements. Encryption keys are stored on-device with optional integration with hardware security modules (HSMs) for high-security deployments.

How does Police.live handle audit logging for CJIS Policy Area 4?+

Police.live logs every relevant event: user logins, configuration changes, alert acknowledgements, evidence exports, facial recognition queries, and system errors. Logs include timestamp, user ID, IP address, and action. Default retention is 365 days (configurable longer). Logs can be exported to your SIEM (e.g., Splunk, QRadar) via standard syslog or REST API.

Can NeueCode support engineers access our deployment remotely?+

Only if you grant explicit, time-limited remote access with full audit logging. By default, Police.live deployments are not accessible to NeueCode without your authorization. For agencies under CJIS, remote support engineers can be background-screened to your jurisdiction's standards if needed.

Is Police.live compliant with state-specific CJIS supplements (e.g., California, Texas)?+

Police.live's baseline architecture meets the federal CJIS Security Policy. State-specific supplements (like California's CCPA overlays or Texas DPS requirements) are addressed in our deployment roadmap on a per-jurisdiction basis. We will work with your CSO to ensure deployment aligns with your specific state requirements.

How does CJIS affect Arabic-language deployments in the GCC?+

CJIS is a US federal policy and does not apply to deployments outside the US. However, GCC countries have their own data protection and security regulations (e.g., Saudi NCA, Kuwait DPL) that often have similar architectural requirements: encryption, audit logging, on-premises processing. Police.live's on-premises architecture aligns with these regional requirements as well.

Need CJIS Deployment Guidance?

Our team works directly with your CJIS Systems Officer to align Police.live deployment with your jurisdiction's requirements. Get a compliance briefing.

Schedule Compliance Briefing