I was thinking that if OP's wife or the video subjects are European then a GDPR request# might surface the data. Strikes me the videos would probably only have a delete flag set if this is recent and even after deletion from live data may exist in backups?
(# AIUI companies are obliged to share with you any PII they hold that identifies you.)
I hate to be deceptive, but I was thinking that even if they are not EU residents (or residents of another entity that has similar laws, e.g. UK), then they might be able to fake residency for the purposes of using data laws to exfiltrate the videos. They might have to take the dishonesty further and say that they appear in all the videos.
(# AIUI companies are obliged to share with you any PII they hold that identifies you.)