The phishing sites should be taken down no questions, but
what's the obligation for WhoisGuard to provide information to an Internet company? Shouldn't they provide information only to legal authorities?
Surely they should provide the information in response to any reasonable request?
(* reasonable request is obviously a bit vague and needs clarification, but I think there really does need to be a proper policy/procedure for this - WHOIS existed for a reason, and that reason hasn't gone away just because access to that data has been abused).
