I think they could pull it off in a way that would result in few inaccessible backups. The decryption keys could be stored on your iCloud Keychain, so if you lose one iOS device, the backup can be decrypted with another iOS device you own. And maybe the encryption key could itself be derived from your device's passcode in some asymmetric way.