Proton cannot destructively hash the email address for recovery because they need to use it. And if they can use it, they are legally mandated to give it to LEO in warrants that include that data as scope.

You can argue they should have a password the user holds to encrypt the recovery address, but that's going into the territory of hurting normal users. You use a recovery address when you don't have your password or recovery phrase. Requiring a password for the recovery email would just mean more customers locked out requiring human intervention (if it's even possible for that account) to get access back for the customer. And remember, many users also use the same account for their password manager.

And no, Proton is 100% welcome to publicly support free speech and protest while not destroying their company and going out of business with all their executives jailed for not complying with non-optional, legally required, minimally exposing warrants from law enforcement.

Proton can claim what they want, but when they promote themselves as supporters of peaceful protests while quietly handing over account details for people engaging in them, that is false advertising.