The emails can be hashed, turning it into a pseudo-anonymous ID. It is debatable whether that is PII. It probably comes down to whoever can afford the better legal representation.
Hashes are not a panacea. I see them being suggested as solution for anonymization of ip addresses/domain names/urls/file names/emails all the time but these people that make said suggestions are either clueless or are arguing in bad faith. It is extremely easy to brute-force the majority of said hashes. (in addition to that I doubt that anyone is passing hashed emails as it would make it slightly inconvenient to send emails to said accounts)
It's indeed extremely easy to brute force these hashes when you have a database of the original (plaintext) data stolen from people's contacts which reduces your search space dramatically.
