In the SAN/NAS world, this is called bay redundancy. A few vendors have geo separation options that would meet your criteria, but network latency would be a factor just as it is with layer 2 tunneling.
Openstack SWIFT has something via zones, but the complete copy is present on all three redundancy nodes as it's mirroring so that's not what you want unless you use a disk adapter that supports encryption, but that's still the full copy in one place.
However, you can also set up DRBD with this, but the encryption is at the file system, not file, level. EG: Each file is encrypted with the same key/passphrase.
I would suggest looking into madm and jacking in something at the scsi device level to drive encryption.
The chances of any government seizing all 3 is zero.
With RAID 5, they only need two of the three, not all three.
Also look to see if someone would be willing to be your encryption key escrow along the lines of a National Security Letter canary site. If they remove the post they have not received an NSL or a warrant, have another system that monitors that page delete the key.
The best course is to not be on the radar of law enforcement in the first place. EG: they can't seize what they don't know exists. There are many ways to hide things as small as encryption keys. DNS data exfiltration for the retrieval, using a inode marked in use but with a null directory entry, hiding it in a NVAM area, using RAID 5 with USB keys and split the custody of the USB drive, a HSM (be aware that any made in the USA or for a company in the USA will very likely have back doors), and many others.