how to penetrate WHOIS privacy
legally, without court order
If you stitch together the pieces that are available from historical widely available and free (or cheap to access) databases, you can find ways to cut through WHOIS privacy in many cases.
http://domaintools.com has an excellent database, as does http://robtex.com both going back longer than the histories of many adversaries.
Generally it’s easier to leave trails and make mistakes when you’re small-time, which is why long history is always better. A person who does not make mistakes today, may have made many mistakes before.