It sounds to me like the WHOIS data is useful to their Internet sleuthing. I have no doubt that it is.<p>Private investigators in the real world would also have an easier time if we replaced license plates with the owner's full contact information. But we don't. Yes it's a car analogy.
> <i>Moreover, they point out that the overwhelming majority of phishing is performed with the help of compromised domains, and that the primary method for cleaning up those compromises is using WHOIS data to contact the victim and/or their hosting provider.</i><p>Then have a way to contact the site owner without publishing information about them, e.g. a registry-operated e-mail forwarder? And for sites operated by commercial entities, requiring some level of contact information should still be legal.