It's not like WHOIS wasn't problematic before, e.g. even inside ICANN people have been pointing out conflicts with data protection laws for over a decade. And ICANN not being from regions with stricter regulation isn't actually that relevant, since ICANN doesn't directly run WHOIS. The registries and registrars do it, many of which are in the stricter jurisdictions.
GDPR being globally applied certainly ups the overall pressure, and is the reason they want to change the overall wHOIS rules instead of making special rules for individual countries, but the key thing seems to be the fear that there actually might be painful fines now.
GDPR being globally applied certainly ups the overall pressure, and is the reason they want to change the overall wHOIS rules instead of making special rules for individual countries, but the key thing seems to be the fear that there actually might be painful fines now.