It's very hard to associate a piece with its decrypted content without the decryption key. Because the user is in control of the keys, content that is private will tend to stay private. Only if someone has access to the encryption keys of the content they want to greylist can they do so. When a user distributes the download information and the keys online they are giving up the privacy of their content by letting the public access and decrypt it.
Calculating the hash of a file in no way lets you determine the content of the file. If a storage node operator only has a small piece of an encrypted file, then even if they had the keys, they would still need to know about where all the other pieces are located on the network and collect and decrypt all those pieces before being able to read the content of the file.
So users can store anything they want in private, and potentially distribute it to people they trust, but as soon as a file piece´s content is made public, it can be graylisted. This provides the network with the necessary plausible deniability to stay decentralized.