If you could upload a public key, and they would encrypt the download with it and send you the result, that would be a pretty effective workaround for any legality issues. After all, no one but the intended recipient can then determine what's actually on the disk. And, as long as the download and encryption are done together with no human intermediary, nobody at the company can say they knew what was on the disks either. Bam: average-sized safe-harbor provision.
There are two big problems with that: one problem is that, unless the torrent itself is encrypted, they'll know what they downloaded. After all, they're the ones encrypting it.
The second problem is that judges won't look kindly upon any attempt to blind yourself to what's going on. You'd be a lot better off making a good faith effort to comply with the law, even if you're not perfect at it. Otherwise, people will see it as a wink-and-a-nudge kind of thing, which is exactly what you don't want if you're trying to run a legitimate business.
How are these not also problems with the original service, though? If a judge would say that "they know what they downloaded", then why wouldn't they "know what they're proxying"? Since both processes would be automated, knowledge of either would require explicit logging. (And before you say that the downloading step enables a point where the entire illegal product is, for however brief an instant, on-disk where logging could be much more easily applied, consider this alternative setup: the company just rents out "CPU time" to their customers to run virtual machines running with encrypted disk images, a known image of which happens, as its effect, to download a torrent, encrypt it, and dump the result to a write-only host-shared folder. They then send their customers any such "dumped logs" on disks as a courtesy service.)
