E-stonia: Antithesis of Russia

President Toomas Hendrik Ilves (pictured) says Estonia does have a national database of data on its citizens, but that individuals have to be notified if their information is accessed. 

It’s not often that a European head of state uses the “radical postmodernist philosophy” of Jacques Derrida and Jean Baudrillard to bash a hostile superpower. But then Toomas Hendrik Ilves, Estonia’s defiantly erudite president of nearly 10 years, is no ordinary head of state.

Ilves is trying to reinvent Estonia as the brightly lit antithesis of Russia, and in today’s confessional age of Edward Snowden, WikiLeaks and the Panama Papers, claims he is baking transparency and accountability into a new kind of digital civic operating system.

Ilves is known for his controversial opinions on everything from Snowden and Internet privacy to cyberwarfare and Vladimir Putin’s postmodernist state, which have apparently, transformed the 63-year-old into a “regional sex symbol”.

The problem with Putin’s Russia, Ilves insists, is that the truth has been entirely devalued. Quoting from Peter Pomerantsov’s 2015 Nothing Is True and Everything Is Possible, the Estonian president says that “all truths have become equivalent” in contemporary Russia. 

With his nearly 70,000 Twitter followers, Ilves has become a kind of global village elder

Ilves came up with this grand idea a quarter of a century ago. When Gorbachev pulled the Soviets out of Estonia in 1991, Ilves asked himself a simple question about the future of a country that had been brutally occupied by its eastern neighbor for a half-century.

 “What do we have?” Ilves asked himself about a country not much larger than Israel with a population less than half that of Silicon Valley.

His answer was equally simple. What the 1.3 million Estonians had, Ilves concluded in 1991, was technology. He recognized that the Soviets, despite their appropriation of most of Estonia’s wealth, had bequeathed a decent educational legacy, especially in mathematics. Estonia’s future, Ilves thus imagined a quarter of a century ago, was hi-tech, especially personal computers and the Internet.

Ilves – a trained psychologist with degrees from Columbia and the University of Pennsylvania – is also self-schooled in computer science. He proudly recalls learning to program as a 13-year-old schoolboy in New Jersey and being among the first geeks to own Apple’s iconic 2E personal computer. By 1993, he was already arguing that Estonia “should computerize all schools” and by 1997 had championed putting all Estonian schools online and establishing publicly funded Internet centers around the country.

Yet despite its multibillion-dollar success stories – including Skype, Playtech and more startups per person than anywhere else in the world – Estonia isn’t just “E-Stonia”, some Baltic version of Silicon Valley or Israel. The little Baltic republic – with the counterintuitive Ilves at its helm – is actually building something more ambitious than just another tightly knit ecosystem of entrepreneurs, investors and technologists.

Estonia is pioneering a model for a democratically transparent 21st-century networked society – the opposite of Putin’s opaque virtual reality show – by giving everyone a digital license plate. “Our goal is to make it impossible to do bad things,” he explains. “Six billion lanes, and nobody has a license plate except the Estonians.”

Is Estonia becoming a 21st-century panopticon?

That is Ilves’ grand – one might even say baroque – idea. Under his presidency over the past 10 years, Estonia has pioneered a series of technological reforms to not only bring everyone online but also to create a national database. The system is built around the online ID card, introduced in 2002, in which its citizens’ information – from healthcare records to tax filings to educational qualifications to real estate documents – is stored in a seamlessly integrated national database.

But what about privacy in this database of its citizens’ intentions?

“Our obsession with privacy is misguided,” Ilves – who is, of course, anything but indifferent to 20th-century Big Brother surveillance regimes – insists. The Estonian system, he explains, is based on “trust”. While the national database can be accessed by the authorities, he stresses, the citizen has to be notified when their records are observed. So if the system hasn’t been built on Blockchain technology, it nonetheless operates on Blockchain-like principles – creating a data system that can’t be altered with notifying both the authorities and citizens.

This is what Ilves calls a “Lockean contract” between digital citizen and the government. The 21st-century networked sovereign, he says, is the guarantor of what he calls “data integrity”. While the government can’t access our data without our knowledge, the citizen no longer has any anonymity in this system.

Rather than privacy from the state, the real concern, Ilves insists, is the integrity of data. Instead of worrying about somebody else knowing our blood type, we should be worried when they start “fiddling” with that data to change our blood type.

Snowden ‘harmed the EU privacy debate’

This focus on data integrity is why Ilves is much less concerned with Snowden’s NSA revelations than either last year’s Office of Personnel Management (OPM) hack in which the data of 21 million people was stolen, or with the ongoing fight between Apple and the FBI over a back door to the iPhone’s data.

Ilves believes that paranoia over the Snowden revelations “harmed the debate” about privacy in the EU. The NSA, he quipped, wasn’t “mining the deep packets of Bohemian poets sending emails to their girlfriends”. In contrast, the OPM and Apple cases are both about trust. Giving the authorities a blanket and unverifiable back door on the iPhone, for example, means that citizens can no longer trust either their government or Apple.

The Estonian model of digital development is “scalable”, Ilves says, although he acknowledges that its political side is much easier to build in a small country like Estonia. But, in light of the revelations from Snowden and other whistleblowers, can we ever really trust the system – even in a tiny country like Estonia?

Guardian

« US Spies Want A Laser Gun Bomb Detector
One Massive Hack Last Year - Nobody Noticed! »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CyberSecurityJobsite.com

CyberSecurityJobsite.com

CyberSecurityJobsite.com is a specialist job board designed to attract candidates working within Cyber Security, Information Security or Information Assurance.

Zimperium

Zimperium

Zimperium offers enterprise class protection for mobile devices against the next generation of advanced mobile attacks.

Information Network Security Agency (INSA) - Ethiopia

Information Network Security Agency (INSA) - Ethiopia

INSA's vision is to realize a globally competent National Cyber capability which plays a key role in protecting the national interests of Ethiopia.

Data Resolve Technologies

Data Resolve Technologies

Data Resolve offer a mechanism through which customers can detect and tackle various kinds of sensitive activities pertaining to data loss and data theft.

CyCraft Technology Corp

CyCraft Technology Corp

CyCraft is an AI company that forges the future of cybersecurity resilience through autonomous systems and human-AI collaboration.

Phoenix Cybersecurity

Phoenix Cybersecurity

Phoenix Cybersecurity Services and Managed Security Services help clients just like you take full advantage of leading cybersecurity technologies and industry best practices.

Cybeta

Cybeta

Cybeta's actionable cybersecurity intelligence keeps your business safe with strategic and operational security recommendations that prevent breaches.

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

Cybersecurity Maturity Model Certification Center of Excellence (CMMC COE)

CMMC COE is an IT-AAC sponsored public–private partnership that will be the focal point for entities seeking to achieve Cybersecurity Maturity Model Certification.

Coveware

Coveware

Coveware helps businesses remediate ransomware. We help companies recover after files have been encrypted, and our analytic, monitoring and alerting tools help companies prevent ransomware incidents.

Center for Information Technology Policy (CITP) - Princeton University

Center for Information Technology Policy (CITP) - Princeton University

The Center for Information Technology Policy at Princeton University is a nexus of expertise in technology, engineering, public policy, and the social sciences.

Allied Telesis

Allied Telesis

Allied Telesis delivers the secure, flexible, and agile solutions needed to meet the expectations of any industry’s critical mission.

Aleo

Aleo

Aleo is building the world's leading developer platform for enabling absolute privacy on blockchains.

Ipstack

Ipstack

Ipstack offers one of the leading IP to geolocation APIs and global IP database services worldwide. Protect your site and web application by detecting proxies, crawlers or tor users at first glance.

Techsolidity

Techsolidity

Techsolidity is an emerging e-learning platform that offers a wide range of upskilling programs worldwide in areas including cybersecurity.

WeVerify

WeVerify

WeVerify is a platform for collaborative, decentralised content verification, tracking, and debunking.

Runecast Solutions

Runecast Solutions

Runecast Solutions is a global leader in AI-powered risk mitigation, security, continuous compliance and more efficient IT operations management.