Almost 30 years ago, my country was facing the need
to rebuild everything from scratch. After years of Soviet occupation, Estonia regained its independence,
but we were left with nothing. No infrastructure,
no administration, no legal code. Organizational chaos. Out of necessity, the state leaders back then
had to make some daring choices. The ones that our country could afford. There was a lot of
experimentation and uncertainty but also a bit of luck involved, particularly in the fact
that we could count on a number of brilliant visionaries, cryptographers and engineers. I was just a kid back then. Today, we are called
the most digital society on earth. I'm from Estonia, and we've been declaring
taxes online since 2001. We have been using digital identity
and signature since 2002. We've been voting online since 2005. And for today, pretty much
the whole range of the public services that you can imagine: education, police,
justice, starting a company, applying for benefits,
looking at your health record or challenging a parking ticket -- that's everything that is done online. In fact, it's much easier to tell you what are the three things
we cannot yet do online. We have to show up
to pick up our ID documents, get married or divorced, or sell real estate. That's pretty much it. So, that's why don't freak out when I tell you that every year I can't wait to start
doing my tax declaration. (Laughter) Because all I have to do is sit on my couch with a mobile phone, swipe a few pages with prefilled data
on income and deductions and hit submit. After three minutes, I'm looking at the tax return amount. It actually feels like
a quite rewarding experience. No tax advisors, no collecting receipts, no doing the math. And have I mentioned
that I have not visited a state office for almost seven years? Indeed, one of the features
of the modern life that has no reason to exist anymore, considering technological
possibilities of today, is the labyrinth of bureaucracy. We've almost got rid of it
completely in Estonia, in an effort coordinated by the government
that has also digitized itself. For instance, cabinet of ministers' work
in e-Cabinet is absolutely paperless. The central idea behind this development is transformation of the state role and digitalization of trust. Think about it. In most countries, people
don't trust their governments. And the governments don't trust them back. And all the complicated
paper-based formal procedures are supposed to solve that problem. Except that they don't. They just make life more complicated. I believe Estonian experience is showing
that technology can be the remedy for getting the trust back, while creating an efficient, user-centric service delivery system that actively responds to citizens' needs. We did not do it by digitizing
bureaucracy as it is. But by rather agreeing
on a few strong, common principles, redesigning rules and procedures, getting rid of unnecessary data collection and task duplication, and becoming open and transparent. Let me give you a glimpse into some of the key e-Estonia
design principles today. First, it is essential to guarantee
privacy and confidentiality of data and information. This is achieved
through a strong digital identity that is issued by the state and compatible with everything. In fact, every Estonian has one. The identity is doubled
with a strong digital signature that is accepted, used and legally binding both in Estonia and the European Union. When the system can properly
and securely identify who is using it, after logging in, it will provide access
to the personal data of the citizen and all the public services
within one tool, and allow to authorize anything
by signing digitally. A second principle,
and one of the most transformative, is called "Once only." It means that the state
cannot ask for the same data more than once, nor can store it in more than one place. For instance, if you've already provided
your birth or marital certificate to the population registry, this is the only place
where this data is going to be held. And no other institution
will be ever asking for it again. Once only is a very powerful rule, as it defines the whole structure
of the data collection in a country, what information is collected and who is responsible for maintaining it, making sure we avoid
centralization of data, duplication of data, and guarantee that it's
actually up to date. This distributed approach
also avoids the problem of the single point of failure. But since the data cannot be replicated, or collected more than once, it means that the design
has to keep in mind secure and robust access
to that information at all times, so the public institution
can offer a service. This is exactly the role
of the data exchange platform called the X-Road that has been in use since 2001. Just like a highway, it connects public sector
databases and registries, local municipalities and businesses, organizing a real-time, secure
and regulated data exchange, saving an auditable trace after each move. Here's a screenshot of a live feed showing all the requests
performed on the X-Road and all the services
that it actually facilitates. And this is the real picture of all the connections between
public and private sector databases. As you can see, there is no central database whatsoever. Confidentiality and privacy
are definitely very important. But in the digital world, reliability and integrity of information is just critical for operations. For instance, if someone changes
your medical health record, let's say allergies, without you or your doctor knowing, treatment could be deadly. That's why in a digital society,
a system like an Estonian one, when there's almost no paper originals, there's almost only digital originals, integrity of data, data exchange rules, software components and log files is paramount. We use a form of blockchain
that we invented back in 2007, way before blockchain even became a thing, to check and guarantee
the integrity of data in real time. Blockchain is our auditor and a promise that no access to the data or data manipulation remains unrecorded. Data ownership is another key principle
in the design of the system. Aren't you worried by the fact
that governments, tech companies and other businesses around the world claim data they've collected
about you is theirs, generally refuse to give access
to that information, and often fail to prove how it was used or shared with third parties? I don't know, for me it seems
like a quite disturbing situation. The Estonian system
is based on the principle that an individual is the owner
of the data collected about him, thus has an absolute right
to know what information is collected and who has been accessing it. Every time a policeman,
a doctor or any state officer is accessing personal information
of the citizens online, first they only get to access it
after logging in to the information they're authorized
to see to do their job. And secondly, every time
they're making requests, this is saved in a log file. This detailed log file
is part of the state public services and allows real transparency, making sure no privacy violation
will remain unnoticed to the citizen. Now, of course, this is only
a simplified summary of all the design principles
that e-Estonia is built on. And now, government is building up to get ready for use
of artificial intelligence and building a whole new generation
of public services -- proactive services that would activate seamlessly based on different life situations
that people might be in, such as childbirth, unemployment
or starting a business. Now, of course, running a digital society
with no paper backup can be an issue, right? Even though we trust
our systems to be solid, but one can never be too cautious
as we experienced back in 2007, when the first cyberincident happened, and it literally blocked
part of our networks, making access to the services
impossible for hours. We survived. But this event put cybersecurity
at the very top of agenda, both in terms of strengthening
the platform and backing it up. So how do you back up
a country-wide system in a small state where everything is super close? Well for instance,
you can export a copy of the data outside the country territory to an extraterritorial
space of an embassy. Today, we have those data embassies that are holding the most critical
digital assets of Estonia, guaranteeing continuity of operations, protection of our data, and most importantly, our sovereignty. Even in case of a physical attack
on our territory. Some of you might be thinking by now: Where are the downsides? Well, going all digital is administratively, and let's be honest,
financially more efficient. Interfacing primarily
with computer systems might create an impression
that the human factor, elected politicians and participating in democratic processes is somehow less important. And there are also some people who feel threatened
by pervasive technology that might make their skills obsolete. So all in all, unfortunately, running a country on a digital platform has not saved us
from political power struggles and polarization in the society, as we have seen in the last elections. Well, until there are humans involved. One last question. If everything is location-independent and I can access all of the services
from anywhere in the world, why cannot others
tap into some of these services, even if they don't reside
within Estonian borders? Five years ago, we launched a governmental start-up
called e-Residency program that for today joins
tens of thousands of people. These are businessmen and women
from 136 different countries, who establish their
businesses digitally, who do their banking online, and who run their companies
virtually over e-Estonia platform, within European Union legal framework, using an e-identity card similar to mine and all of that
from anywhere in the world. The Estonian system
is location-independent and user-centric. It prioritizes inclusiveness,
openness and reliability. It puts security
and transparency at its center. And the data into the hands
of the rightful owner, the person they refer to. Don't take my word for it. Try it. Thank you. (Applause)
