This isn't legal advice, but this seems to meet the same legal requirements that big companies must adhere to when using outsourcing providers that will have access to sensitive client data.
The magic words: "Like most major online services, we have a small number of employees who must be able to access user data when legally required to do so. But that’s the exception, not the rule. We have strict policy and technical access controls that prohibit employee access except in these rare circumstances. In addition, we employ a number of physical and electronic security measures to protect user information from unauthorized access."
Its not about the fact that they comply with court orders, of course they're going to, it is in their ability to give the courts unencrypted data that they shed light on the real issue to do something they said was impossible.
If it were impossible for them to get at the unencrypted data, the encrypted data would be all that that had to had over.
The magic words: "Like most major online services, we have a small number of employees who must be able to access user data when legally required to do so. But that’s the exception, not the rule. We have strict policy and technical access controls that prohibit employee access except in these rare circumstances. In addition, we employ a number of physical and electronic security measures to protect user information from unauthorized access."