Photo by ev on Unsplash

Estonia has only been an independent country for 26 years, but has quickly gained a reputation as a “Cyber-State”. To keep it that way, the data that supports and defines Estonia’s government and administration should also be stored on servers in other countries , in a kind of embassy.

Digital Transformation also Requires Security

Talking about Open Data and the digital transformation, we inevitably have to look at data security, because the very certainty of knowing one’s data is the basis for progress in its use. Digital transformation is making its way into our daily life and is not stopping at the state administration.

Estonia has adopted the chip identification card system, which functions as a passport, health insurance and library card, driver’s license or public transport ticket at the same time. The only thing that people can not do with the chip is to get married, divorce or buy land. But laws, important documents and virtually the entire administration no longer exist on paper in Estonia.

Estonia’s Model of E-Residency

Since the end of 2014 Estonia has been offering an E-Residency, a virtual second citizenship, to all people older than 18 with no criminal record. This does not include a right of residence, an EU-visa, voting rights, tax residence or entitlement to social benefits. Digital Estonians, however, have access to government online services and can, for example, set up an EU-company and then operate it from anywhere. The participation costs 100 Euro for three years and starting a business through this system takes 18 minutes.

No Progress Without Challenges

But all this progress also entails risks and challenges. Already in 2007 Estonia was a victim of hacker attacks. Over two weeks 58 websites were paralyzed simultaneously, including government websites, news sites and banks. Even though it has not yet been clarified who was behind the DoS attack, the suspicions point in the direction of Russia. Although there was no loss of data at that time, the Estonians were faced with the question of securing their data. How can data be preserved intact? How can the digital state remain capable of acting even in a crisis?

Opening the World’s First Data Embassy

After initial negotiations on the opening of a data embassy with the UK failed, it was decided to negotiate with Luxembourg. On the 20th June 2017, a bilateral agreement guaranteeing Estonian servers, which guarantees the same protection and extraterritoriality as a conventional embassy, was signed. After both parliaments ratified the Convention in spring 2018, various Estonian institutions, connected via the open source platform X-Road, and are currently testing their systems. In the near future, copies of initially ten priority databases, such as cadastres, laws, statistics or registers of persons, will be outsourced to Luxembourg. Estonia and Luxembourg have thus set a precedent for a digital representation of States covered by the Vienna Convention on Diplomatic Relations. This means that the host country of the data embassy does not have access to the data. They are a sovereign territory of Estonia in Luxembourg.

Digital Transformation in the public sector is not a fantasy, as it is already changing the lives of many people. However, it is necessary to respect the process being involved in technological development, to carry out experiments and to discuss their consequences. Finally, despite all the benefits that can be obtained, new questions will constantly arise that states should not leave unanswered.