Over recent months the GDPR has given extra weight to concerns - originally expressed by regulators fifteen years ago - about public access to information about individual registrants of DNS domains. This article considers the use of this WHOIS data by those handling information security incidents, and why this represents a benefit, rather than a risk, to the objectives of data protection law.
