Processing of publicly available personal data

Answer:

Regarding the processing of publically available personal data you would have to consider the fact that processing needs to be in line with the scope for which that data was made publically available by the data subject.

For example, you could get email addresses from LinkedIn and it would be fine to use those to contact the data subjects for recruitment purposes or to buildup a CV data base using the information fro m LinkedIn if you are a recruiting company.

However, if the email addresses were to be uses for marketing purposes this processing will most likely be unlawful unless you obtain the consent of the data subjects.

You could also check out this case law in Italy which you might find useful - https://europrivacy.info/2016/10/31/italiano-dati-personali-resi-manifestamente-pubblici-dallinteressato-e-uso-di-dati-pubblicati-su-social-network-prime-osservazioni-allart-9-co-2-lett-e-gdp/

The issue regarding Whois is still under debate but most likely changes would follow such as granting access to the information on domain holders only for law enforcement agencies.