Almost 30 years ago,
my country was facing the need to rebuild everything from scratch.
After years of Soviet occupation,
Estonia regained its independence, but we were left with nothing.
No infrastructure, no administration, no legal code.
Out of necessity,
the state leaders back then had to make some daring choices.
The ones that our country could afford.
There was a lot of experimentation and uncertainty
but also a bit of luck involved,
particularly in the fact that we could count on a number
of brilliant visionaries,
cryptographers and engineers.
I was just a kid back then.
Today, we are called the most digital society on earth.
I'm from Estonia,
and we've been declaring taxes online since 2001.
We have been using digital identity and signature since 2002.
We've been voting online since 2005.
And for today, pretty much the whole range of the public services
that you can imagine:
education, police, justice, starting a company,
applying for benefits, looking at your health record
or challenging a parking ticket --
that's everything that is done online.
In fact, it's much easier to tell you
what are the three things we cannot yet do online.
We have to show up to pick up our ID documents,
get married or divorced,
or sell real estate.
That's pretty much it.
So, that's why don't freak out
when I tell you that every year
I can't wait to start doing my tax declaration.
Because all I have to do
is sit on my couch with a mobile phone,
swipe a few pages with prefilled data on income and deductions
and hit submit.
After three minutes,
I'm looking at the tax return amount.
It actually feels like a quite rewarding experience.
No tax advisors,
no collecting receipts,
no doing the math.
And have I mentioned that I have not visited a state office
for almost seven years?
Indeed, one of the features of the modern life
that has no reason to exist anymore,
considering technological possibilities of today,
is the labyrinth of bureaucracy.
We've almost got rid of it completely in Estonia,
in an effort coordinated by the government that has also digitized itself.
For instance, cabinet of ministers' work in e-Cabinet is absolutely paperless.
The central idea behind this development
is transformation of the state role
and digitalization of trust.
Think about it.
In most countries, people don't trust their governments.
And the governments don't trust them back.
And all the complicated paper-based formal procedures
are supposed to solve that problem.
Except that they don't.
They just make life more complicated.
I believe Estonian experience is showing that technology can be the remedy
for getting the trust back,
while creating an efficient,
user-centric service delivery system
that actively responds to citizens' needs.
We did not do it by digitizing bureaucracy as it is.
But by rather agreeing on a few strong, common principles,
redesigning rules and procedures,
getting rid of unnecessary data collection
and task duplication,
and becoming open and transparent.
Let me give you a glimpse
into some of the key e-Estonia design principles today.
First, it is essential to guarantee privacy and confidentiality
of data and information.
This is achieved through a strong digital identity
that is issued by the state
and compatible with everything.
In fact, every Estonian has one.
The identity is doubled with a strong digital signature
that is accepted, used and legally binding
both in Estonia and the European Union.
When the system can properly and securely identify who is using it,
after logging in, it will provide access to the personal data of the citizen
and all the public services within one tool,
and allow to authorize anything by signing digitally.
A second principle, and one of the most transformative,
is called "Once only."
It means that the state cannot ask for the same data
more than once,
nor can store it in more than one place.
if you've already provided your birth or marital certificate
to the population registry,
this is the only place where this data is going to be held.
And no other institution will be ever asking for it again.
Once only is a very powerful rule,
as it defines the whole structure of the data collection in a country,
what information is collected
and who is responsible for maintaining it,
making sure we avoid centralization of data,
duplication of data,
and guarantee that it's actually up to date.
This distributed approach also avoids the problem
of the single point of failure.
But since the data cannot be replicated,
or collected more than once,
it means that the design has to keep in mind
secure and robust access to that information at all times,
so the public institution can offer a service.
This is exactly the role of the data exchange platform
called the X-Road
that has been in use since 2001.
Just like a highway,
it connects public sector databases and registries,
local municipalities and businesses,
organizing a real-time, secure and regulated data exchange,
saving an auditable trace after each move.
Here's a screenshot of a live feed
showing all the requests performed on the X-Road
and all the services that it actually facilitates.
And this is the real picture
of all the connections between public and private sector databases.
As you can see,
there is no central database whatsoever.
Confidentiality and privacy are definitely very important.
But in the digital world,
reliability and integrity of information
is just critical for operations.
if someone changes your medical health record,
let's say allergies,
without you or your doctor knowing,
treatment could be deadly.
That's why in a digital society, a system like an Estonian one,
when there's almost no paper originals,
there's almost only digital originals,
integrity of data,
data exchange rules, software components
and log files is paramount.
We use a form of blockchain that we invented back in 2007,
way before blockchain even became a thing,
to check and guarantee the integrity of data in real time.
Blockchain is our auditor
and a promise that no access to the data
or data manipulation remains unrecorded.
Data ownership is another key principle in the design of the system.
Aren't you worried by the fact that governments, tech companies
and other businesses around the world
claim data they've collected about you is theirs,
generally refuse to give access to that information,
and often fail to prove how it was used
or shared with third parties?
I don't know, for me it seems like a quite disturbing situation.
The Estonian system is based on the principle
that an individual is the owner of the data collected about him,
thus has an absolute right to know what information is collected
and who has been accessing it.
Every time a policeman, a doctor or any state officer
is accessing personal information of the citizens online,
first they only get to access it after logging in
to the information they're authorized to see to do their job.
And secondly, every time they're making requests,
this is saved in a log file.
This detailed log file is part of the state public services
and allows real transparency,
making sure no privacy violation will remain unnoticed to the citizen.
Now, of course, this is only a simplified summary
of all the design principles that e-Estonia is built on.
And now, government is building up
to get ready for use of artificial intelligence
and building a whole new generation of public services --
that would activate seamlessly
based on different life situations that people might be in,
such as childbirth, unemployment or starting a business.
Now, of course,
running a digital society with no paper backup
can be an issue, right?
Even though we trust our systems to be solid,
but one can never be too cautious as we experienced back in 2007,
when the first cyberincident happened,
and it literally blocked part of our networks,
making access to the services impossible for hours.
But this event put cybersecurity at the very top of agenda,
both in terms of strengthening the platform and backing it up.
So how do you back up a country-wide system in a small state
where everything is super close?
Well for instance, you can export a copy of the data
outside the country territory
to an extraterritorial space of an embassy.
Today, we have those data embassies
that are holding the most critical digital assets of Estonia,
guaranteeing continuity of operations,
protection of our data,
and most importantly, our sovereignty.
Even in case of a physical attack on our territory.
Some of you might be thinking by now:
Where are the downsides?
Well, going all digital
is administratively, and let's be honest, financially more efficient.
Interfacing primarily with computer systems
might create an impression that the human factor,
and participating in democratic processes
is somehow less important.
And there are also some people
who feel threatened by pervasive technology
that might make their skills obsolete.
So all in all, unfortunately,
running a country on a digital platform
has not saved us from political power struggles
and polarization in the society,
as we have seen in the last elections.
Well, until there are humans involved.
One last question.
If everything is location-independent
and I can access all of the services from anywhere in the world,
why cannot others tap into some of these services,
even if they don't reside within Estonian borders?
Five years ago,
we launched a governmental start-up called e-Residency program
that for today joins tens of thousands of people.
These are businessmen and women from 136 different countries,
who establish their businesses digitally,
who do their banking online,
and who run their companies virtually over e-Estonia platform,
within European Union legal framework,
using an e-identity card similar to mine
and all of that from anywhere in the world.
The Estonian system is location-independent
It prioritizes inclusiveness, openness and reliability.
It puts security and transparency at its center.
And the data into the hands of the rightful owner,
the person they refer to.
Don't take my word for it.