Maybe I'm going out on a limb here, but was domain whois ever really that useful? I can't remember ever using it for any legitimate sort of activity, and I know it gets scraped quite a bit by spammers. Most of the data is bogus these days on a lot of TLDs which allow "anonymous registrations" and which registrars often charge an extra dollar or two for. Showing the authoritative nameservers is neat, but a simple NS record query against the next level up would suffice to provide that information as well. The date of expiration may be useful if you're trying to grab a domain when it expires, but registrar policies often drag that out anyways and half the time the registrar squats on any decent domain when it expires anyhow. Date of original registration may be interesting for one reason or another... but none of this data is personally identifiable information anyhow. Now on the other hand, RIR whois is actually very useful for determining the rightful owner and abuse contacts for IP address space... Since RIRs are designated by region and, afaik, only RIPE NCC data would be impacted by GDPR... well, I'm surprised this isn't being talked about more than the domain name side of things. Take care, Matt