In the middle of the day on December 20, 2024, four men walked into a Deutsche Bank branch in Lübeck, northern Germany.
Nothing unusual: long coats, face masks — December, northern Germany, Christmas just around the corner. They didn’t rush, didn’t fidget, didn’t attract attention. The cameras saw them. Security let them through. Customers went about their business.
And then the bank closed.
This is where the story begins to resemble the script of an old French heist film more than a police report. The four men didn’t leave. They stayed inside the building for the entire night. And the next one. Almost a full day.
According to investigators, the criminals spent around 17 hours inside the bank, hiding in office areas on the upper floors. They weren’t in a hurry. They had time. A lot of time. So much time, in fact, that they had brought a portable bio-toilet with them in advance — compact, camping-style, neat. Not because they cared about comfort, but because they didn’t want to use the staff restrooms and leave behind DNA.
This was no longer just a theft.
It was attention to detail.
German - almost bureaucratic - attention to detail.
At night, they calmly went down to the vault and began opening safe deposit boxes. One by one. 371 boxes. No rush. No panic. No outside interference. The cameras recorded everything. The alarm remained silent. Security did not intervene.
By morning, the haul amounted to:
over 300 kg of gold and jewelry,
large sums of cash,
total damage exceeding €19 million.
Only around 5 a.m., as the criminals were leaving through the inner courtyard, did the alarm finally go off. Almost on time. Almost.
A security guard noticed two SUVs with people inside in the courtyard but, as later emerged, did not write down the license plates. Minutes later, the vehicles were gone. The police arrived — too late. The cameras had recorded everything — but it was already the past.
The Cameras Were There. The System Was There. The Response Was Not.
The first and most common question after stories like this is the familiar one:
“How is this even possible in the 21st century?”
The answer is uncomfortable in its simplicity:
because video surveillance systems in Europe are most often not designed to prevent crime.
They are designed:
for formal regulatory compliance,
for post-factum investigations,
for reports,
but not for active intervention.
In Lübeck, the cameras were there. They saw people enter. They recorded nighttime activity. But:
there was no automatic anomaly detection,
no behavioral analysis,
no incident escalation.
The system did its job honestly: it recorded video.
But it had no right to do more.
This is the key feature of European video surveillance:
the camera is a witness, not a participant.
Germany: A Country Where Video Surveillance Is More Dangerous Than Crime
In Germany, video surveillance is regulated strictly and consistently. Sometimes — to the point of absurdity.
The basic logic is simple:
every camera must be justified;
every degree of viewing angle must be defensible;
every day of storage must be documented;
any form of analytics is viewed with suspicion.
Especially if it’s not just about recording, but about understanding what is happening.
Facial recognition? Practically taboo.
Behavior analysis? A legal swamp.
Automatic detection of people at night? Extremely risky.
Why? Because the fines are real — and painful.
The most famous example: H&M, 2020 — a €35 million fine for video surveillance and behavioral analysis of employees.
Not terrorists.
Not criminals.
Office staff.
Regional regulators in Germany regularly fine companies:
hundreds of thousands of euros,
millions of euros,
for:
an excessively wide camera angle,
insufficient justification,
“excessive data collection.”
In this coordinate system, security teams face a simple choice:
either try to prevent a crime and then spend years explaining themselves to regulators,
or fail to notice it in time — but stay legally safe.
Most choose the second option. And it’s hard to blame them.
France and the Louvre: Many Cameras, Less Meaning
France looks different. There really are many cameras — especially in tourist areas, transport hubs, museums. Including the Louvre, one of the most heavily guarded museums in the world.
But this is where CNIL, the French data protection authority, enters the picture. And its position has long been clear:
Cameras are allowed.
Automation is strictly controlled.
Analytics must be handled cautiously.
Facial recognition — almost never.
The fines confirm how serious this stance is:
Carrefour — €2.25 million for video surveillance and customer data processing.
Amazon France Logistique — €32 million (combined, including employee monitoring).
Clearview AI — €20 million for unlawful facial recognition.
Against this backdrop, the Louvre becomes the perfect symbol:
cameras are there,
security is there,
regulations are followed,
yet thefts from tourists and incidents occur regularly.
Why?
Because the system is focused on recording, not prevention.
On the past, not the present.
Technologies That Could Have Prevented This (But Are Not Welcome)
Modern video surveillance systems have long moved beyond the role of a video recorder. And this is important to understand: this is not about total surveillance, but about reasonable automation.
For example, SmartVision uses technologies that are technically capable of preventing a “coat gang” scenario:
real-time detection of people and objects;
detection of human presence in closed facilities outside working hours;
event-driven logic: the system reacts not to “motion” but to context;
local data processing without sending biometrics to the cloud;
flexible retention policies and data masking;
ONVIF compatibility and operation with existing infrastructure.
Such a system does not “spy.”
It simply asks a logical question:
“Why are people here at night when the facility is closed?”
But in Europe, this question often turns out to be legally inconvenient.
Why the “Coat Gang” Did Everything Perfectly
The criminals in Lübeck were not geniuses.
They didn’t hack servers.
They didn’t disable cameras.
They didn’t use sophisticated technology.
They simply:
knew that cameras are passive;
understood that no automatic response would occur at night;
acted slowly and carefully;
brought a bio-toilet, because even small details matter.
This was not a failure of security.
It was a logical consequence of a European regulatory philosophy in which video surveillance is a potential liability, not a protection tool.
Final
Cameras in Europe watch carefully.
But they are not allowed to intervene.
They recorded everything:
the entry,
the night,
the opened safe deposit boxes,
the exit.
And now:
depositors are raising a €300,000 reward,
a private investigator is working the case,
police continue the search,
regulators remain silent.
And somewhere in a server room, a surveillance system hums quietly — having done everything strictly according to the rules.