In a decision posted last week by the U.S. District Court for the District of Massachusetts in the case In re Pharmatrak, Inc. Privacy Litigation, the court ruled that Pharmatrak’s collection of personal data about the Plaintiffs did not violate any state or federal laws. Pharmatrak contracted with several pharmaceutical defendants (including Pfizer, SmithKline, Glaxo Welcome, and American Home Products) to monitor their corporate websites and provide monthly analysis of website traffic. Although Pharmatrak represented to these companies that it would not collect any “personally identifiable information,” it appears the company was very, very mischievious in the types of software used.

Pharmatrak used JavaScript programming, cookies, web bugs, and clear GIFs to collect information about the individuals visiting the pharmaceutical websites. Plaintiffs alleged that Pharmatrak collected information that included names, addresses, telephone numbers, dates of birth, sex, insurance status, medical conditions, education levels, occupations, e-mail addresses, and more.

I don’t want to go into all the legal analysis, but the court granted summary judgment on all of Plaintiffs’ claims against Pharmatrak — giving a tacit blessing to the collection of such information. Give the opinion a read and let me know what you think.