1) https://proton.me/blog/emergency-access nor https://proton.me/support/emergency-access explains if emergency contact can change account password/key which they have accessed (taking over account). It does not explain any other protections.

2) Also the account owner should be able to limit emergency user access to read-only, maybe just for a limited time like 1-2 years, during which owner has ability to reset the emergency user access and they have to request again.

3) Owner should be able to limit access only to some services, like for example Drive or even certain folder of a Drive or Mail. This possibility I have not seen announced in mentioned articles.