It has been stated for over a decade on Telegram's Privacy Policy that
All data is stored heavily encrypted and the encryption keys in each case are stored in several other data centers in different jurisdictions. This way local engineers or physical intruders cannot get access to user data.
For reference, Telegram has several data centers, with the two main ones being in the United States and the Netherlands.
This statement raises several questions, it means that at no point in time must the full encryption key be stored on disk, thus, the different keys need to be refetched from different jurisdictions at each server reboot. If the server is capable of doing this, then an engineer with wide access to Telegram infrastructure across different jurisdictions would also be. However, Telegram is known to be wholly uncooperative with law enforcement[1][2][23].
If an engineer in the US is served with a subpoena for user data, then a defense that reads like "Sorry, I cannot access the database because I would need to connect to and retrieve the password from a server in the Netherlands" sounds to me like it would never succeed, as it would be laughably easy for any service to avoid providing data this way.
Essentially, my question is in what way can the key retrieval process mentioned above be legally secure given that it lacks the technical security of systems like end-to-end encryption, where the data is simply "impossible to access". At which point does the effort required to access the data become unreasonable enough to provide a legal defense?
