Agree with Robin that IP addresses is not a concrete way to track visitors because it's really easy to look like you're in a different country. For example, when I'm VPN'd into Eloqua's network it looks like I'm in Canada. As far as we can tell, authorities want to see that you're taking action and they're not going to get super nitpicky if you're actually not spamming people and doing everything in your power to follow CASL. If someone filled out a form and told you they were in the US, but they're actually in Canada, there's not a whole lot you could have done about that. That said, the general recommendation Eloqua is making is to capture the date of express consent and store that data, and also have forms on your site that follow CASL compliance (having a checkbox that's not pre-populated with the correct verbiage and asking for country). From everything I've heard/seen/read they're looking to go after true spammers, not 'white hat' marketers who had bad data at no fault of their own.
↧