Recognition needs to be local (possibly in a box that plugs into a wall outlet and has one of the better ARM chips). Recording can be remote, but should be encrypted, with the key unknown to the cloud service provider. You set the encryption key by having your phone generate it, and your phone displays a QR code, which is shown to the camera once. You now have a shared private key, and can view video from your phone. You can only view video from your phone, or from other phones which have been paired in this way.