E-stonia: Antithesis of Russia

President Toomas Hendrik Ilves (pictured) says Estonia does have a national database of data on its citizens, but that individuals have to be notified if their information is accessed. 

It’s not often that a European head of state uses the “radical postmodernist philosophy” of Jacques Derrida and Jean Baudrillard to bash a hostile superpower. But then Toomas Hendrik Ilves, Estonia’s defiantly erudite president of nearly 10 years, is no ordinary head of state.

Ilves is trying to reinvent Estonia as the brightly lit antithesis of Russia, and in today’s confessional age of Edward Snowden, WikiLeaks and the Panama Papers, claims he is baking transparency and accountability into a new kind of digital civic operating system.

Ilves is known for his controversial opinions on everything from Snowden and Internet privacy to cyberwarfare and Vladimir Putin’s postmodernist state, which have apparently, transformed the 63-year-old into a “regional sex symbol”.

The problem with Putin’s Russia, Ilves insists, is that the truth has been entirely devalued. Quoting from Peter Pomerantsov’s 2015 Nothing Is True and Everything Is Possible, the Estonian president says that “all truths have become equivalent” in contemporary Russia. 

With his nearly 70,000 Twitter followers, Ilves has become a kind of global village elder

Ilves came up with this grand idea a quarter of a century ago. When Gorbachev pulled the Soviets out of Estonia in 1991, Ilves asked himself a simple question about the future of a country that had been brutally occupied by its eastern neighbor for a half-century.

 “What do we have?” Ilves asked himself about a country not much larger than Israel with a population less than half that of Silicon Valley.

His answer was equally simple. What the 1.3 million Estonians had, Ilves concluded in 1991, was technology. He recognized that the Soviets, despite their appropriation of most of Estonia’s wealth, had bequeathed a decent educational legacy, especially in mathematics. Estonia’s future, Ilves thus imagined a quarter of a century ago, was hi-tech, especially personal computers and the Internet.

Ilves – a trained psychologist with degrees from Columbia and the University of Pennsylvania – is also self-schooled in computer science. He proudly recalls learning to program as a 13-year-old schoolboy in New Jersey and being among the first geeks to own Apple’s iconic 2E personal computer. By 1993, he was already arguing that Estonia “should computerize all schools” and by 1997 had championed putting all Estonian schools online and establishing publicly funded Internet centers around the country.

Yet despite its multibillion-dollar success stories – including Skype, Playtech and more startups per person than anywhere else in the world – Estonia isn’t just “E-Stonia”, some Baltic version of Silicon Valley or Israel. The little Baltic republic – with the counterintuitive Ilves at its helm – is actually building something more ambitious than just another tightly knit ecosystem of entrepreneurs, investors and technologists.

Estonia is pioneering a model for a democratically transparent 21st-century networked society – the opposite of Putin’s opaque virtual reality show – by giving everyone a digital license plate. “Our goal is to make it impossible to do bad things,” he explains. “Six billion lanes, and nobody has a license plate except the Estonians.”

Is Estonia becoming a 21st-century panopticon?

That is Ilves’ grand – one might even say baroque – idea. Under his presidency over the past 10 years, Estonia has pioneered a series of technological reforms to not only bring everyone online but also to create a national database. The system is built around the online ID card, introduced in 2002, in which its citizens’ information – from healthcare records to tax filings to educational qualifications to real estate documents – is stored in a seamlessly integrated national database.

But what about privacy in this database of its citizens’ intentions?

“Our obsession with privacy is misguided,” Ilves – who is, of course, anything but indifferent to 20th-century Big Brother surveillance regimes – insists. The Estonian system, he explains, is based on “trust”. While the national database can be accessed by the authorities, he stresses, the citizen has to be notified when their records are observed. So if the system hasn’t been built on Blockchain technology, it nonetheless operates on Blockchain-like principles – creating a data system that can’t be altered with notifying both the authorities and citizens.

This is what Ilves calls a “Lockean contract” between digital citizen and the government. The 21st-century networked sovereign, he says, is the guarantor of what he calls “data integrity”. While the government can’t access our data without our knowledge, the citizen no longer has any anonymity in this system.

Rather than privacy from the state, the real concern, Ilves insists, is the integrity of data. Instead of worrying about somebody else knowing our blood type, we should be worried when they start “fiddling” with that data to change our blood type.

Snowden ‘harmed the EU privacy debate’

This focus on data integrity is why Ilves is much less concerned with Snowden’s NSA revelations than either last year’s Office of Personnel Management (OPM) hack in which the data of 21 million people was stolen, or with the ongoing fight between Apple and the FBI over a back door to the iPhone’s data.

Ilves believes that paranoia over the Snowden revelations “harmed the debate” about privacy in the EU. The NSA, he quipped, wasn’t “mining the deep packets of Bohemian poets sending emails to their girlfriends”. In contrast, the OPM and Apple cases are both about trust. Giving the authorities a blanket and unverifiable back door on the iPhone, for example, means that citizens can no longer trust either their government or Apple.

The Estonian model of digital development is “scalable”, Ilves says, although he acknowledges that its political side is much easier to build in a small country like Estonia. But, in light of the revelations from Snowden and other whistleblowers, can we ever really trust the system – even in a tiny country like Estonia?

Guardian

« US Spies Want A Laser Gun Bomb Detector
One Massive Hack Last Year - Nobody Noticed! »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

SealPath

SealPath

SealPath enables companies to protect and control their documents wherever they are: In their PC, in their corporate network, on a partner’s network, in the cloud.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

HackRead

HackRead

HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends.

Communications Security Establishment (CSE)

Communications Security Establishment (CSE)

CSE is Canada's national cryptologic agency, providing the Government of Canada with IT Security and foreign signals intelligence (SIGINT) services.

ReversingLabs

ReversingLabs

ReversingLabs develops cyber threat detection and mitigation tools that address the the latest directed attacks, advanced persistent threats and polymorphic malware.

Cobalt Labs

Cobalt Labs

Pen Testing as a Service for Modern SaaS Businesses. Cobalt is redefining the modern pen test for companies who want serious hacker-like testing built into their development cycle.

London Office for Rapid Cybersecurity Advancement (LORCA)

London Office for Rapid Cybersecurity Advancement (LORCA)

LORCA's mission is to support the most promising cyber security innovators in growing solutions to meet the most pressing industry challenges and build the UK’s international cyber security profile.

SEPPmail

SEPPmail

SEPPmail is a patented e-mail encryption solution to secure your electronic communication.

ISEC7 Group

ISEC7 Group

ISEC7 Group is a global provider of mobile business services and software solutions. The company was one of the first movers in mobilising company and business processes.

ETSI

ETSI

ETSI is a European Standards Organization dealing with telecommunications, broadcasting and other electronic communications networks and services including cybersecurity.

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp Fintech & Cybersecurity

Startupbootcamp is the world’s largest network of multi-corporate backed accelerators helping startups scale internationally.

Shift5

Shift5

Shift5 focus on securing operational technology (OT) by building best-in-class, dual-use products serving military and commercial entities.

WebOrion

WebOrion

WebOrion is an All-in-One Web Security & Performance Suite. Fortify, accelerate and monitor your website today.

Q6 Cyber

Q6 Cyber

Q6 Cyber is an innovative threat intelligence company collecting targeted and actionable threat intelligence related to cyber attacks, fraud activity, and existing data breaches.

Mission Critical Partners (MCP)

Mission Critical Partners (MCP)

Mission Critical Partners is committed to delivering innovative solutions that help our clients enhance and evolve their critical-communications systems and operations.

MyCISO

MyCISO

MyCISO is the World’s first SaaS application that will vastly simplify security management for all.