On the 22nd of August, a federal judge ruled that paying a hacker $15,000 to provide you with confidential emails did not lead to liability under the wiretap act or California's invasion of privacy act. The opinion itself can be found here.
So what happened? The judge stated that since the emails were taken from a server, they weren't "intercepted" for purposes of the wiretap act. As set forth in this article from C|NET, that would seem to indicate that the wiretap act simply doesn't cover email communications, since all emails are stored in memory (e.g., RAM), at least temporarily. No damages were available under California's invasion of privacy act because that act was preempted by the federal statute.
Does this mean that there is simply no remedy for someone whose emails have been stolen? Not at all. As the decision made clear, the wiretap act is only half of a larger bill, the electronic communications privacy act (ECPA). ECPA's other half, the stored communications act is designed to "address access to stored wire and electronic communications and transactional records." However, the plaintiffs made their claims under the wiretap act, note the ECPA. The moral of the story? There are two. First: the American legal system seems to have been designed in a deliberately confusing manner with traps for the unwary which can prevent even meritorious claims from being heard. Second: if someone steals your emails, you sue under the ECPA, not the wiretap act.