Multiple key encyption sounds like somethign you might wiwsh to use. All sign-on session-cookie like technology you would use for a single computer/domain/area, which hopefully you encrypt, would be encrypted in a way for multiple people to decrypt with multiple private keys, one for each decryptor.

Take this gnupg example for instance. At least then, the user nor anyone outside of the technology owners would be able to decrypt they key. Also, having different privates per monnth to make sure your key isn't cracked "someday", or stolen, would help.