Building a “secure” escrow sytem is a cool thought experiment I think.
For example, as noted, there could be a unique backup key per device, instead of one golden key. This makes it more than a little harder for the key to get out. The FBI decrypting Alice’s phone doesn’t give them the key to decrypt Bob’s phone; they have to make a separate request to Apple every time.
We also want to prevent somebody from stealing all the keys. The keys could be stored on physical paper, perhaps. Large sheets of paper, but with only one key per page. Then anybody stealing the keys would require a giant dumptruck. Or you’d have to sift through the paper on site to find the one you want, increasing chances of getting caught.
The keys can be physically separated. Only X keys would be stored at each site, which limits the damage from compromise.
The escrow key could be embedded in hardware, similar to the way the secure enclave works. You wouldn’t be able to take the key out of the site, or copy it. You’d have to give the device to Apple, who would take it to the correct decryption site, and decrypt it there.
Anyway, just musing.