For folks who aren’t following the discussion about whois records and GDPR compliance there’s a decent summary at vice.com: What Is Going to Happen With Whois?
The problem, briefly stated, is that ICANN has agreements with the thousands of domain registrars around the globe like GoDaddy or HostGator which oblige the companies to post WHOIS data—such as names, emails, and phone numbers—for every domain registrant with their service. On the other hand, the GDPR prohibits companies from publishing information that identifies individuals, which means that when the law goes into effect in April, ICANN’s agreements with registrars about WHOIS data will be illegal, at least in Europe.
Many researchers, including those fighting online crime, malware, phishing, and spam, use whois data as a significant part of their investigations. Losing access to whois data is going to hamper those investigations.
RSS - Posts
I think it will be allowed for these organizations who fight against crime, malware, phishing, and spam due to a collective agreement or for the legitimate interest.