I don't think that Spideroak would just decrypt your data if someone said pretty please, but the fact is that they retain the ability to do so if they are legally obligated to. It follows that they may do so if they are not legally obligated to, though I don't mean to imply that they would (and I don't think I do in the article, sorry if it comes across that way). It does mean that they can decrypt on command, though. If they have access theoretically, they have it practically, in this case. There's a difference between them and other cloud services but it's more like the difference between varieties of apple than between apples and oranges, I think.
