You make many good points.
I think that so often when we talk about governmental access to encrypted data we loose sight of whether that is data-at-rest on an encrypted device or data-in-motion over an encrypted communications channel. The two, whilst similar, because they both involve encrypted data, are actually very different scenarios.
Giving the government access to either data-at-rest or data-in-motion is highly problematic, but out of the two giving it access to data-in-motion is probably the worst.
Any scheme to allow governmental access to data-in-motion is probably one or two orders of magnitude more complex and risky than any scheme that might be devised to allow governmental access to data-at-rest.
It might be possible to devise a practical scheme whereby access to an encrypted device could be permitted in the most exceptional of circumstances because devices are not, certainly in terms of their encryption, highly dynamic environments.
Data-in-motion, such as encrypted instant messaging, is, in contrast, a highly dynamic environment, with encryption keys being created and destroyed on an almost continuous basis.
So, whilst it may be impossible to give the government exactly what it wants, i.e., access to all encrypted data, it may be possible to reach a middle ground type of solution that focuses just on data-at-rest and accepts that data-in-motion is a bridge too far.