Sting ops aren't uncommon. See ANOM that was used to catch bad guys. https://en.m.wikipedia.org/wiki/ANOM
I think ProtonMail is another one, but it will run for much longer to harvest more data, create a more accurate web of criminal connections, and get more precise locations of peoples and events. All this so the charges laid in the end actually stick.
I don't think it's being used to track your pirated music and movies, or the dikpix you share with your gf/bf. But rather, it's being used to target high level criminals that are invovled in human, sex, drug, and arms trafficking.
I also don't think the trojan horse nature of ProtonMail will be revealed for a very long time, if ever. The good guys will keep tracking the criminals without them knowing and will keep raiding them that opportune times. The busts will keep happening more and more and at larger scales. They'll be chalked up to informants and good timing and larger presence by the enforcements.
Why do I think this is the case? ProtonMail is huge and getting bigger. It has increased the services it offers since its inception. It's touted as open source and regularly audited. But is there really a way of verifying beyond all doubt that the code made public is the code that's running? I also "percieve" a huge uptick in criminal busts in recent years.
The average petty privacy seeker need not worry. This is meant for evil people higher up.