I'm just wondering why ICANN is "scrambling to get it GDPR-compliant" just now, at the eleventh hour. They had just as much time as rest of the world to do it sooner, without any interim modes, and without any rush and all the problems that can come from hastiness.
A big factor is that ICANN is comprised of multiple stakeholder communities of competing interests that have to come up with consensus to make new policies. Refining the model of what is published in the WHOIS has been the subject of working groups in ICANN for over 10 years, but consensus was never reached because you had a huge spread of opinions that never converged. Privacy advocates argued for no WHOIS, whereas interests from law enforcement, security research and intellectual property arguing for full disclosure.
