As I said, your fallback group have a privkey each for n-of-n multisig. No single person can unlock the encrypted package. You set it at, say 3-of-5, and if one of those 3 is you, post-disaster, there is only a need for you to rely on 2 of your fallback group, or 3 if you're not around any more or you've no longer got access to your own privkey for the group. How scorched-earth is your scenario that you want to demand the recovery plan has to account for multiple people in multiple locations losing the privkeys you sent to them?