[Quekid5]

If your (backup-via-redundancy) keys are mutable, you do not have a backup. What happens in the case of a ransomware attack, for example?

You've also added (possibly substantial) latency to every single operation that operates on user data.

[muti]

The specifics of how the keys are backed against different failure modes/attacks is orthogonal to the splitting of data/key.

Yes you would need to carefully design the system that allows deletion of keys while minimizing chances of data loss, but it can be done, and it's going to be cheaper and less complex to do so on a tiny subset of the data.

Latency considerations are also down to design, it's not a given that there will be significant overhead imposed.

[Unroasted6154]

One simple way is to keep only a few days / weeks of (immutable) keys backups. You can always stop the deletion of you have a big issue. If the law says you have 14 days to delete all data, you keep only that much backups.