Here’s an idea why not get @divine to make it so that you have to create a secondary pin when creating a safe network log on that when entered scrubs all your data? 
so when your under duress you can reveal your second pin that would effectively delete all your data. I understand this may not be feasible given how data is structured and stored.