15 Jul AI AND EMAIL PRIVACY

Artificial Intelligence
(AI) is increasingly
shaping our world,
raising new and
complex questions.
One such issue
is whether it is
permissible to use AI tools that analyze
email and message content in order
analyze trends without obtaining
individual information. Consider an AI
tool that reads people’s direct messages
to analyze business trends and advises
you on investment strategies. This tool
can be perfectly legal but halachah
might be stricter. Are we allowed to
benefit from AI analysis of private
emails and messages?
I. The Cherem of Rabbeinu Gershom
Rabbeinu Gershom (11th cen.,
Germany) gathered leading rabbis
together to issue a cherem—a communal
ban—against a number of practices.
Historians debate his specific role and
the exact content and list of practices
that fell under this ban, as opposed to

later bans (Chakmei Ashkenaz Ha-
Rishonim, p. 132ff). Regardless, there

is a long-standing ban against opening
and reading someone else’s mail that is
widely attributed to Rabbeinu Gershom.
The original context was physical
letters, but authorities have extend its
application to modern communication,
including emails and text messages.
Rav Simchah Yonah Klein (cont.,
England) writes that the cherem
applies even to hidden video cameras,
i.e. nanny cams (Piskei Ha-Mishpat
154:7). Similarly, Rav Shaul Alter, in
his recent book Software and Artificial
Intelligence in Halacha, writes that “the
cherem is not limited specifically to
reading a letter, but to consuming any
information that was not intended for
public knowledge” (p. 334). It seems
clear that emails and private messages
fall under the cherem, as well.
Rav Chaim Palaggi (19th cen., Turkey)
asks what rationale lies beneath this
cherem? Even if the act is independently
prohibited, Rabbenu Gershom and
his colleagues may have enacted a
cherem to reinforce the prohibition.
Rav Palaggi suggests that it might be
the obligation to love your fellow like

yourself, or rather to not do
to others what you would not
want done to you (Lev. 19:18;
Shabbos 31a). It might be a
variant of gossip-mongering
(Lev. 19:16). Alternatively, it
might be a form of deception,
geneivas da’as, or of using
someone’s property without
permission, which constitutes
theft (Responsa Chikekei
Lev 1:49). The distinctions
between these different
rationales will be crucial for evaluating
the permissibility of AI that accesses
private communications.
II. Rationales and Implications
Some authorities understand the
prohibition as a form of theft by
accessing someone else’s property,
his information. Rav Chaim Shabesai
(17th cen., Greece) writes that opening
someone else’s letter is like borrowing
something without permission, which
is a form of stealing (Responsa Toras
Chaim 3:47). In his recently republished
book, The Practical Torah, Rav Michael
Taubes writes that according to this
view, “such action is forbidden even for
the purpose of a mitzvah, particularly
since one can cause damage to another
by revealing his secrets” (p. 297).
According to this approach, if an AI
accesses private email data without the
owner’s consent, then the developers or
users of the AI tool may be considered
to have committed a form of theft.
Even if no human sees the content, the
act of extracting value from someone’s
private correspondence without
permission would still fall under the
category of theft.
On the other hand, several authorities
understand the core of the cherem not as
theft, but as a violation of privacy. Rav
Ya’akov Chagiz (17th cen., Morocco)
briefly says that opening someone
else’s mail violates the prohibition
against gossip-mongering (Halachos
Ketanos 1:276). As mentioned above,
Rav Chaim Palaggi suggests that this
might be a violation of loving your
fellow as yourself. However, both of
those reasons would permit opening
someone else’s mail when there is a
mitzvah need to do so.
According to this approach, the
violation is not the act of accessing
information per se, but the act of

disclosure. Meaning, the problem is
violating the privacy of the individual.
If so, an AI system that ingests an
email but does not reveal the content,
only extracting patterns or offering
aggregate insights, does not violate
the individual’s privacy. The secret
remains hidden; no human sees it, no
one exposes it.
For example, if an AI reads a team’s
emails and determines that a particular
merger will go through, but does
not expose the personal content of
any individual message, it might be
functionally equivalent to a locked
diary read by no one. The information is
accessed, but the individual’s personal
privacy remains intact.
III. Additional Considerations
According to our analysis, if
reading someone’s mail is forbidden
because of gossip-mongering, an
AI would be allowed to analyze
private correspondence and provide
anonymized and aggregated analyses
which could be used for business
purposes. However, if it is prohibited
because of theft, then even anonymizing
and aggregating the information would
still be forbidden.
However, Rav Yosef Shalom Elyashiv
(21st cen., Israel) is reported as
modifying Rav Palaggi’s analysis in a

significant way. Rav Elyashiv’s son-in-
law, Rav Yitzchak Zilberstein, presented

a related question to him. Rav Elyashiv
replied that opening someone’s mail can
only constitute theft if the information
is used to interfere with the victim’s
plans. But if the victim does not suffer
any loss, he has not been subjected to
theft (Chashukei Chemed, Yoma, p.
55). If that is the case, then we would
be allowed to invest based on advice
legally extracted by AI from private
emails and correspondence as long as
it does not cause any damage to other
investors.