I agree with Don about the recorder. We should record to the cloud. If you keep them online its much harder to remove the recorder and tape when you leave. We can always write to more than one location too. We could also use video from the cameras on our website to promote our activities.
I don't think the cameras would be open to the public there is admin and user level access that are password protected. We can create accounts by user and its supports WPA2 Encryption.
User level access is by named user, we can create accounts by user so we know who is accessing it and at what time. We can poll the log files and display the person currently logged in.
The cameras also support recording when there is motion so if nothing is happening then nothing is recorded.
If we make it easy to turn off the cameras and turn them back on it would give people the privacy they want and give us protection at the same time.
I'm having a fantasy of a procedure where, when you enter the space, you turn off the internal cameras, then turn them on when you leave. Record all events while no authorized personnel are present, record nothing while they are present.
This would still record all entry/departure of authorized personnel, but that is probably a good idea anyway (and could also be recovered from alarm logs). Video record of these events would just confirm that the person logging in is the person claimed.
One other item (I haven't been following this closely and it may have already been said) - any recorder needs to be hardened and maybe kept or mirrored in a separate location.