Hardware security. These devices should have been built from day 1 with the idea that they would eventually need to be retired from service. They could be designed to self-destruct their own memories if a certain signal is not received within a certain timeframe. Procedures would be built around this such that cameras would need to be periodically checked-in for audit and refresh of the hardware kill timer. If an officer fails to check in a certain camera (presumably with the intent to expire the hardware timer), you could assume malicious intent and have whatever arbitrary penalties to discourage this behavior. Set the timer at 48~72 hours and it would be virtually impossible for even the most sophisticated attacker to physically breach the HSM in time for extraction of the data/symmetric key.
Combine this with a PKI and you should then have a solid solution. If you want maximum traceability, you could throw in LTE or satellite connectivity for logging major audit events or triggering certain device features remotely.
You could spin any bullshit story around any device. If you do not have some degree of discipline with your meatspace domain, there's no hope for the hardware domain either. Even the most secure devices on earth can eventually be compromised if you allow all policy to fall away and just let the hardware fend for itself.
The police can and should be held to a higher standard regarding evidence and chain of custody. The tools are only half of this picture. It is a synergistic approach.
What would be a better system?