Reporting on hacked material is, at bottom, what journalists do everyday: determining whether something is in the public interest, and whether it should be covered.
There are a lot of important stories in hacked documents — Hacking Team’s emails showed the surveillance company sold its controversial products to Sudan; Ashley Madison’s communications revealed the CEO wanted to hack a competitor.
But you know what else there is in email dumps? A lot of personal messages with absolutely no public interest to them at all.
In those same two dumps (from what I can remember), there were emails about birthday parties, picking up kids from soccer practice, and other stuff that, although likely banal to most readers, could still cause harms to the individuals implicated if deliberately amplified by journalists or other commentators.
Every single time a reporter tweets a snippet of a hacked email, or pitches a piece based on one to an editor, they have to ask themselves the same questions they’ve hopefully been doing for all of their other stories — why does this matter, and should people really — really — know about it. If the reporter can’t sum up why the individual’s privacy should be breached for the greater good of the public in one or two compelling sentences, then it’s probably not a good, or moral, story.