I understand the concerns that are being presented. Although, some data to support this would be great. For instance how many attacks did WHOIS actually identify and stop out of the total? The perpetrators where were they situated? For documentation purposes, I think clear examples of the adverse consequences for investigations into terrorist activities, political influence campaigns and cybercrimes, creating serious threats to public safety. Would be a good way of configuring some degree of negotiation or compromise. The issues and threats mentioned of "Russian hackings" occurred even without GDPR in place.

All these questions are relevant because they are highly related with the actual application of GDPR, which has as a primary goal to protect European citizens and at its core to guarantee commercial exchanges with the European Union.

One of the main concerns in GDPR are automated decision making patterns, and this makes the issue very pertinent, even so if these are meant to target terrorists.  

Although it is important to state that GDPR is not completely clear, there is some ambiguity when it comes to the actual definition of what is personal data. Can it be considered personal data, when perpetrators are actually using fake names and accounts?

Yes, I agree that partnerships between the private and the public sector are required, but these must be carefully managed, a public data base, that is subject to automated decision making if it treats European citizens, should use dispositions that are required by law. 

Additionally, as long as there is no "universal" data Privacy legislation in the USA, it will be very difficult to come to a consensus as to GDPR and its application across borders. Currently, companies in the US, have decided what standard they apply, what focus and where. Meaning if if GDPR inside the US, or just for their dealings with Europe."