It’s an interesting read, but it has several flaws. It refers to registrars solely and ignores registries. It also makes it sound like issues around whois are “new”, which we all know isn’t true. The comments about IP addresses make it sound like it’s a theoretical concern, yet there is case law eg: https://www.irishtimes.com/business/technology/european-court-of-justice-rul... -- Mr Michele Neylon Blacknight Solutions Hosting, Colocation & Domains https://www.blacknight.com/ http://blacknight.blog/ Intl. +353 (0) 59 9183072 Direct Dial: +353 (0)59 9183090 Personal blog: https://michele.blog/ Some thoughts: https://ceo.hosting/ ------------------------------- Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty Road,Graiguecullen,Carlow,R93 X265,Ireland Company No.: 370845 From: gnso-rds-pdp-wg <gnso-rds-pdp-wg-bounces@icann.org> on behalf of Dotzero <dotzero@gmail.com> Date: Friday 16 February 2018 at 00:07 To: RDS PDP WG <gnso-rds-pdp-wg@icann.org> Subject: [gnso-rds-pdp-wg] Krebs On Security article RE whois and GDRP https://krebsonsecurity.com/2018/02/new-eu-privacy-law-may-weaken-security/ Michael Hammer