>> with a passphrase that is the users responsibility.

And there's the rub. "What do you mean, I can't ever see my data again? Why can't you reset my password?"

We know that true security means only the user has the key. But users don't all want that responsibility.

Key escrow services?

See: Clipper.

I'm familiar. There's a big difference between "optional key escrow with a service I have chosen to trust" and "mandatory key escrow" though. Most importantly with regard to the ease of mass surveillance.