But that additional access would probably include various keys that would let them decrypt previous communication. Maybe the order was to log passwords on login, or something like that, that would allow recovery of the key and decryption of stored data, which may not be possible depending on the original architecture of the system.
