My father’s father emigrated to America from Lithuania about a hundred years ago, and one day I intend to visit the Baltic region and see the land for myself, as my sister and I did earlier this year when we visited my mother’s homeland in northeast Poland. In my mind, the next best thing is to follow the activities of Estonia, a neighboring nation that is doing some interesting things online. (I know, my mind works in strange ways. But bear with me, I needed an intro for this essay.)
One reason why I am interested in Estonia is something that they have had in place for many years called the e-Resident program. Basically, this is an ID card issued by their government, for use by anyone in the world. You don’t have to ever live there, or even want to live there. More people have signed up for this ID than are actual residents of the country, so it was a smart move by their government to widen their virtual talent pool. Once you have this ID, you can register a new business in a matter of minutes. Thousands of businesses have been started by e-Residents, which also helps to bring physical businesses there too. In many countries, offshore businesses are required to have a local director or local address. Not Estonia.
So last week, after thinking more about this, I finally took the e-Resident plunge. It costs about $100, you need to take a picture of your local passport and fill out a simple form. When the ID card is ready, you have to physically go and pick it up at a local Estonia embassy (either NYC or DC would be the closest places for me).
Well, as usual, it was bad timing for me. I should have waited a little bit longer. This week we learned that there are potential exploits with the ID cards, at least the cards that have been circulating for the past several years. Almost 750,000 cards are affected. According to Estonian officials, the risk is a theoretical one and there is no evidence of anyone’s digital identity actually being misused. It might change how the IDs are used in next month’s national elections, although they haven’t decided on that. About a third of their voters do vote online. I am confident that they will figure out a fix. Hopefully before my next DC business trip.
Estonia is leading the world in other digital matters too. Lots of companies have disaster recovery data centers located far from their headquarters, but that is an issue with Estonia, which is small enough that far is a just a few minutes’ drive. So they came up with another plan to make Estonia the first government to build an off-site data center in another country. The government will make backup copies of its critical data infrastructure and store them in Luxembourg if agreements between the two countries are reached. My story in IBM’s Security Intelligence blog goes into more details of what they call their “data embassy.” They have lots of other big digital plans too, such as using 100% digitized textbooks in their education system by the end of the decade and a public sector data exchange facility with Finland they are putting in place for this year.
Earlier this year, I read about a course they offered called “Subversive Leverage and Psychological Defense” to master’s degree students at their Academy of Security Sciences. The students are preparing for positions in the Estonian Internal Security Service. The story from CSM Passcode goes into more details about how vigilant they have to be to fight Russian propaganda. These aren’t isolated examples of how sophisticated they are. They also were the first EU country to teach HTML coding in its elementary schools back in 2012, and the Skype software was developed there.
Their former Prime Minister Taavi Rõivas has even appeared on the The Daily Show with Trevor Noah to talk about these programs. Clearly, they have a strong vision, made all the more impressive by the fact that they had almost no Internet access just a few years ago when they were still part of the Soviet empire. Certainly a place to keep an eye on.