Everything involved could be encrypted with the keys simply re-randomised when somebody else takes ownership. The manufacturer doesn't need those keys, only the owner.
The way they did it was easier, but as we see also more prone to screw-ups. But it was not the only, or best, way to do it.
I’m all for strong encryption, but I want to point out that user experience with strong encryption also leads to customer dissatisfaction (from what I have heard). It seems to me most companies give themselves a golden key in part so they can solve user issues. Most people aren’t demanding strong encryption but they do want easy app setup. I mostly avoid those devices because they aren’t from privacy focused companies. If I do webcams I’d put them on an isolated WiFi network and use a VPN to view data remotely, but that’s not something any normal consumer wants to do.
The way they did it was easier, but as we see also more prone to screw-ups. But it was not the only, or best, way to do it.