Key escrow places a copy of the encryption key with a trusted third party for emergency recovery — law enforcement access, disaster recovery, or employee departure.
Key escrow is controversial — law enforcement wants it; privacy advocates oppose it. Enterprise key escrow is common for data recovery. Recovery agents in Windows can decrypt EFS files. Balance: recovery capability vs. escrow compromise risk.