Spending some time at work today struggling through what Whois Privacy even is with GDPR. It comes down to this: what data does your domain registrar have, and exactly who has access to it and for what reasons. Seems if the answers to those questions are reasonable, maybe there isn’t a place for Whois Privacy anymore?