It's stored with zero-knowledge encryption, which means the server only receives enough information to authenticate the user, but otherwise has no ability to decrypt the user's files. Proton has an explainer.
But if someone sent a threat using their platform all that is really required is the information who owns the account that sent it which is information that should still be available even with an end-to-end encrypted service.
We can debate all we want but clearly it’s enough of a hurdle that the Indian government tried to block Proton’s services entirely. Legal standards and what we consider “logical conclusions” aren’t always the same thing either so I imagine that’s where a lot of the nuance lies here. Without knowing exactly what happened I don’t think either of us can really parse this beyond what we now know about the Indian government’s efforts to block Proton’s services.