On appeal from the Superior Court of New Jersey, Law Division, Monmouth County, L-2736-08.
The opinion of the court was delivered by: Parrillo, J.A.D.
NOT FOR PUBLICATION WITHOUT THE APPROVAL OF THE APPELLATE DIVISION
Before Judges Carchman, Parrillo, and Lihotz.
We granted leave to appeal to decide whether the protections of New Jersey's Shield Law, N.J.S.A. 2A:84A-21, extend to an operator of a website so as to bar from disclosure sources from which she obtained information in her investigation of the online adult entertainment industry and later posted on internet bulletin boards.
Plaintiff Too Much Media, Inc. (TMM), owned by plaintiffs John Albright and Charles Berrebbi, is a software company in Freehold that manufactures, as its principal product, NATS, a prepackaged "affiliate" or tracking software. Different websites, affiliated with one another for common business purposes, place links and banners on each other's websites as a form of reciprocal advertising, and when a banner or link is "checked," the user is transferred to the affiliate site. NATS functioned as the financial intermediary between these affiliated websites, allowing website owners to track which other "affiliate" websites were sending customers to them and thereby determine what commissions were due to the referring website. NATS did not collect money from the users -- it simply provided a means of tracking sales and commissions due. TMM made its profit by selling the software and charging a licensing fee. Many of TMM's customers who are "affiliates" to each other are in the "adult entertainment" business.
In Fall 2007, TMM experienced a security breach in which hackers compromised non-unique user names and passwords maintained in the NATS database for TMM clients and accessed subscriber lists to various porn websites and customer e-mail addresses. Obviously, such a security breach is damaging to a website's business and, due to the supposedly private nature of online pornography viewing, especially embarrassing for the customers of the website. This breach created a substantial amount of conversation within the online porn industry and was reported by major news agencies as early as January 2008.
Defendant Shellee Hale, a Washington State resident who worked for Microsoft and then operated a computer consulting company until 1994, began a business in 2007 as a certified life coach. In connection with that business, defendant operated two websites. Via these websites, users, without leaving their computers, were able to utilize webcams to project real-time images of themselves to another viewing a computer screen and thus interact electronically face-to-face over long distances. At some point in this business venture, defendant became distraught over the number of instances in which she was subjected to "cyber-flashers" who exposed themselves naked to her through the camera, under the guise of seeking life-skills coaching. When defendant's server did not remedy her complaints, she was determined to investigate what she perceived to be criminal activity in the online adult entertainment industry.
In October 2007, defendant launched a website called "Pornafia," www.pornafia.com, purportedly "to inform the public on scams, fraud, [and] technological issues" in the adult entertainment industry. According to a press release posted on February 8, 2008:
[Pornafia] came about in reaction to the unprecedented levels of criminal activity now rampant within the global adult entertainment industry, which have until now gone largely unchecked, with the aim of providing a cost free information resource for victims, potential victims, legitimate industry players, and pertinent government agencies worldwide.
Defendant further specified the crimes as "credit card fraud, identity theft, affiliate fraud and PPC fraud." She identified the Pornafia website as an "information exchange," and later described it alternatively as a "bulletin board" or "message board."
Despite defendant's announcement, however, the website was never fully launched and therefore published no findings. Although defendant said that the "front end of [the website] was a news magazine," she did not identify any journalist hired, and admitted that "that portion of the site was still being worked on and was not live."
Defendant claims, nevertheless, to have pursued an investigation of the online adult entertainment industry. To this end, she formed a limited liability company, ES Enterprises, under which she created two webcam sites, "sexyteaser.com" and "sextyteaserguys.com," to interact on various adult industry websites and to "start to develop relationships, and get into this business under somewhat of a pretext." Defendant first discussed these websites with the Attorney General of Washington, "[b]ecause I wanted to make sure that they were aware of what I was... going to be doing."
Defendant also reviewed web pages of the porn industry and news media sites, interviewed persons in the industry and attended six industry trade shows. One of the primary means she utilized for collecting and communicating information was through porn industry weblogs (blogs) and message boards such as www.jbm.com, www.gfy.com and www.Oprano.com (Oprano), the self-described "Wall Street Journal for the online adult entertainment industry." These are forums where members, in order to facilitate discussion, read and post their thoughts and opinions on various subjects. The content is usually available to the public for viewing. In order to post on the board, however, one must become a registered user by submitting an online form, including a name, e-mail address and a chosen username. Once approved by a website administrator, a user is free to post on the board; such posts are unfiltered and, ordinarily, not subject to review by the site administrator prior to being posted.
Defendant's investigation ultimately focused on TMM. To that end, she reviewed numerous posts and online articles related to the 2007 security breach of TMM's NATS database. Defendant also examined pleadings from an open litigation*fn1 in which TMM's prime competitor, NR Media, sued TMM for defamation and tortious interference, among other claims, over comments by TMM that NR Media had not properly paid its affiliates. Defendant supposedly also talked to a person who told her confidentially that Albright had "threatened their life."
On several occasions, defendant made numerous posts on Oprano about TMM. For example, on March 17, 2008, defendant posted:
Consumer's [sic] personal information is fair game to every thief online[.] Read the 2much media Nats depositions (not yet public but copies are out there - Charles and John may threaten your life if you report any of the specifics which makes me wonder)[.]
She then directed the reader by link to Pornafia, where the complaint in a class action lawsuit against TMM could be accessed.*fn2 She concluded this post by intimating plaintiffs have engaged in fraudulent, unethical and illegal uses of technology, stating if one read the class action suit "you would understand the depths of the schemes and fraud and how the unethical and illegal use of technology has become common practice." Defendant also posted a "snipit" [sic] from the class action complaint, listing each of the allegations against TMM by NR Media, including a violation of New Jersey's Consumer Fraud Act, N.J.S.A. 56:8-1 to -106, and New Jersey's Identity Theft Protection Act, N.J.S.A. 56:8-161 to -167.
In another post on Oprano, defendant suggested plaintiffs engaged in threatening behavior against persons who released information about the NR Media/TMM lawsuit:
Let me just clarify that this is my personal opinion after reading and speaking with several people.
Mr. John Albright has personally contacted me to let me know he "has not threatened anyone[,]" but I was told something different from someone who claims differently and a reliable source.
In yet another posting on Oprano, defendant implied TMM purposely failed to inform its customers of the security breach and actually made a profit off of it:
I guess I should preface this with innocent until proven guilty but....
This point really concerned me. I believe it is $10,000 per violation in New Jersey.
Does anyone have any idea how many consumer's [sic] processed their information through NATS. If 2 Much Media actually was aware of a security leak between them and the Billing Company why didn't anyone put out a fraud security announcement to the consumers? If this is true - How long have they been sitting on this information and doing nothing?
On another Oprano posting, defendant alleged plaintiffs had used TMM's NATS software to cause an influx of spam to its customers and "re-directs" away from NAT's affiliate websites to websites owned by TMM or one of its employees:
Do you think there is traceable revenue on the stolen email addresses from the security leak?
Do you think that we will find that traffic, spam, re-directs are found on a[n] adult site owned or operated by a TMM owner/employee?
Is there a potential class action law suit by customers who's [sic] email addresses were compromised and were not informed of this theft as soon as TMM became aware of it?
How many customers had [an] increase of spam or malware after signing up under a site managed by TMM and is there some relevancy connecting the two?
Defendant explained that in this post, she was questioning whether TMM sold the email addresses, "and then they spammed those e-mail addresses, or used those e-mail addresses to send material to promote a product, or services... the[n] people... bought something that would be revenue from the stolen e-mail addresses." Defendant acknowledged that throughout her "investigation," she never inquired of TMM's principals concerning their version of the facts.
According to defendant, she posted information on TMM's security breach for two reasons: (1) to inform the public about alleged misuse of technology, affiliate fraud and scams taking place in the online porn industry; and (2) to facilitate debate on these issues. She believed the information was of interest to the public because "whenever there is a security breach... people may need to change their passwords,... change their banks, [or] close accounts [because]... their personal information can be compromised."
These various internet postings form the basis of plaintiffs' complaint against defendant, alleging defamation, false light and trade libel. After defendant answered,*fn3 discovery ensued in which plaintiffs sought to depose defendant about, among other things, the sources of information for the allegedly defamatory statements she posted about them. Claiming to be a journalist and invoking the newsperson's privilege, N.J.S.A. 2A:84A-21, defendant sought a protective order preventing disclosure of the identity of her "confidential" sources. Following a plenary hearing pursuant to N.J.S.A. 2A:84A-21.3, the motion judge denied the application for a protective order, determining that defendant was not entitled to the protections of the Shield Law. Defendant's subsequent motion for reconsideration was also rejected.*fn4 On leave granted, defendant appeals, arguing that both the statutory ...