Who knows the secret key/has access to the system?
Just him - in which case what happens to my data if he walks under a bus?
Or all the admins/the board/the lawyers?
So a three-letter-agency guy turns up with a SWAT team, you only need one of them to decide to reveal the key with a gun at their head - or with the threat that child porn would be found on his laptop/20kg of heroin would be found in his apartment. Chain = weakest link.
The "weakest link" problem can be ameliorated to some extent by using secret sharing cryptography, so that at least x% of participants must cooperate to reveal the secret key.
So a three-letter-agency guy turns up with a SWAT team, you only need one of them to decide to reveal the key with a gun at their head - or with the threat that child porn would be found on his laptop/20kg of heroin would be found in his apartment. Chain = weakest link.