Re: Is a compromise possible?
If the data were to be stored at rest UN-encrypted, but only accessible via an 'encryption' gate at the hardware level, this would prevent remote access to the data if you don't have the key.
However, using a physical switch inside the device to bypass the encryption gate would give access to the data without a key, but only if you have the device.
Unfortunately, the random mugger who nicks your phone would also have access to this switch
Alternatively, you could set up a second encryption gate where the fuzz have the other key, but the interface to this second gate is only accessible physically.
Sounds good on paper, except as the data is stored un-encrypted all "you" need to do is to figure out a means to bypass the gate (whether consumer facing or LEO facing) to introduce a plaintext gate.
Certainly more of a challenge than simply nicking a phone and having all the data there ready, but it still massively undermines the point in encrypting the data at rest.
If no compromise is found, the powers that will be will just stomp all over device-end encryption with their jack-boots to the point where even owning a device capable of running an app on it that performs that function could become a crime.
There's arguably a good chance they'll try to do that any way. If we look at your gated example, the next thing to come would be "Criminals have learnt how to nobble the LEO access point".
On the upside, given an app can be written anywhere, whilst it might be a crime to have that app they're going to have a hard time actually stopping it. The harder they (visibily) push against law-abiding citizens, the more their motives come into question. There's a balance they have to keep as well, it takes a lot, but beyond a certain point people's apathy goes away and they start questioning things (and, given how easy it is, installing apps to "protect" themselves).