- Reset + Print

EU’s role in supporting Member States in digital transformation in a legally permissive environment, Humboldt University lecture


I am very happy that we have this technological alternative to our meetings. I am sitting in splendid self-isolation (in Tallinn), because I have been in contact with somebody who had a virus.

I would have not been able to come to Berlin for double reasons. Welcome to the Office of the President of Estonia, which was in 1938 specifically built for our first President. It is still decorated as it was during the time, even if the communists occupied the building for 50 years.

Not a single ordinary Estonian could enter this room, but here you are together with me 30 years after Estonia restored its independence with quite a lot of help with Germany as well.

When Germany and other European countries supported Estonian aspirations towards the European Union, you probably did it according to the principle that each nation has a right to choose their future. When Estonians wanted to see their future in the European Union, you supported us.

You never thought that you are helping to create a catalyst for 21st century. Because Estonian e-governance model, which allows us to call ourselves the worlds’ first digitally transformed state, has acted in the European Union as a catalyst for change. Maybe you do not expect me to say this, but European Union collectively is the world’s best developed GovTech space. Yes, you heard me right.

Normally we think that the USA is so far ahead in digital development. When we talk about GAFA (Google, Apple, Facebook and Amazon), we are worried that in Europe we do not have big enough digital companies.

But all those who are thinking this way are missing some very important elements, which we have in Europe and no other region has.

This is our legally permissive space for digital governance models to evolve. What do I mean by this?

First, we managed to create GDPR. Second, we have our eIDAS system. We have a common understanding, which was supported by the Council conclusions during the German Presidency, that each European citizen should have a digital ID.

What does this give us? Digital ID gives us access to safe and regulated digital space where both governments and private sector equally can offer safe services to citizens who are able to identify themselves and identify those with whom they act and transact. Take notice, such a system, neither national nor international exists nowhere in the world.

Yes, many citizens in the United States for example are offering loads of applications, which people can download from App Store and access public services. But each app acts separately. Each time a citizen uses these apps they need to give their data repeatedly. Therefore, it looks like it is a network of metro stations, which is not connected with the line.

Here in Europe we have taken a different route. I really want to believe that Estonian model had something to do with it. I personally felt in 2017 during Estonian Council Presidency that this was the moment when European leaders realised that it is not an option for governments to guarantee digital ID-s. But they felt that it was an obligation. And I totally share that it is an obligation.

Because what is a digital ID? Digital ID is just a passport. It is a passport, which you are using in internet space. And if we now think of the street space, we don’t trust anybody in the real world, in the analogue world who does not identify themselves. You are not going to act or transact with people who just say what their name is. You demand a valid document to prove who they are. The same in internet. Digital ID is nothing but a passport, which allows our citizens to act and transact safely online. And the European Union has created collectively the first steps for achieving this opportunity for all European citizens.

How it came about indeed was individual experiences of various European countries. It is true that Estonia is probably the only one, which is able to offer all its public services online. And opens the same access model, the same digital ID platform to our private sector companies. Also without any limitations. But there are other digital ecosystems in other European countries. Finland uses the same as Estonia. Iceland is joining us on the same platform. Denmark has a good digital system, which only lacks an eIDAS compatible digital ID. Portugal also has a good e-governance model in place. And is considering e-residency similar to Estonia as a next step.

So you see, Europe has been building for years an integrated safe digital space for our citizens, our companies and our governments to safely act and transact online. By the way, each German also has access to digital ID. You can use it. The only problem is that there are not enough services linked to this single digital ID.

In Estonia, right from the start, we decided that our digital space is open equally to private and public sector. Which meant therefor that all services started to use the same platform. And why was private sector ready to do that? It is quite obvious if you think about it. Digital ID is not only a technology. It is a legal space. It is protected by the law and therefor, if you use instead of your own identity or some nickname system or some token, you use digital ID offered by the state. In addition to technological security, you get legal security as well. And this is very important.

Estonia by the way has not created any interesting technology to use digital ID-s and provide all public service online. We have created a legal space, which surrounds this technology. Tech-wise we have just been quick followers using what has been created elsewhere for provision of public services.

Already 20 years ago, bigger German private companies were using intranet-systems, certain level of internet services for the company and their clients. The only thing, which was different, is that public sector was not part of it. It is now more and more becoming part of it. It is difficult for the governments today because they are late incomers. They now need to come in, establish themselves in digital space and start to create the laws around the digital space to make sure that citizen’s data is always protected.

In Estonia, for example, the government takes responsibility for my data. But it also states clearly that it does not own my data. Which means that the government is obliged to inform me if any government official has checked my data.  So, I would know and if I do not think that this particular official had any reason looking at my data, I can protest and the state looks into the matter and may take the offending people to the court. It is a criminal offence in Estonia to nose around in databases. You can never nose around in a database, which includes personal information about anybody. A nurse in a hospital has access to e-health files of patients. But this does not mean that they are allowed to look in each and every file. They are only allowed to look into the files which they need to work on. And if a patient sees wrong digital fingerprints on the file they can complain. And a wrongdoer can be taken to a court. This is just an example of a regulated but permissive legal space for working with a data.

Very similar systems are growing in various European countries and European Union Council decision now exists which says that each European Union citizen must have a digital ID, which is eIDAS compatible. And to be eIDAS compatible, all governments have to follow similar safety rules.

Very often people ask – is digital safe? And my answer always is that if you have smart technology and legally permissive space for technology development which protects data, people, businesses and governments, then you can never say that things are 2000% safe. Nothing is so safe. But you can easily demonstrate that it is safer than on paper. How to illustrate that? Let me turn back to the example of doctors and nurses.

You probably have a file in your doctor’s office. I have too. But mine is digital. Yours is on paper. And if you now honestly think, can you be sure that yesterday afternoon nobody was reading your file? You cannot. But I can. Because if anybody wanted to access my e-health file, I would see their fingerprints. So we easily demonstrate that digital is safer than paper. And this is what allows us to move ahead with the European project of interconnected digital public space. If we can collectively understand it, then we must realize and must be proud that in GovTech, Europe has a global advantage. If we are able to really carry through this decision that each European citizen has a digital ID, we can easily develop data clouds where we can all collectively work from afar, without going to our offices, without even entering the country where you are working.

It was only a year ago when it was terribly difficult to make people understand that this is a positive development for most of us. But the unhappy situation what we now are facing, has uncovered for everybody that in developed nations in Europe about 30% of the jobs are geographically neutral. You can work from wherever you are. But you can only do your job from wherever you are if you have safe access to data which is very viable that it is also you who is accessing the data. European Union has the legal space for that. But this space of course is not complete.

If we look what Europe needs to do and is also gradually doing is creating the European Data Space, a common data space which would have the rules guaranteeing the data safety. But at the same time having access which I just described. Because in principle there is absolutely no reason why somebody from Estonia cannot work in Germany as a bookkeeper or in Portugal or in Norway if we are going out of the Union but remaining in the European Economic Area. But the access to the data, the safety and control over who had accessed the data. If we achieve this system, we make the European services market truly global.

And we will also radically change our goods market. Because if you think of the goods, something manufactured, then in fact, quite a lot of it is design, engineering work. This does not need to be done on the site. This can be done as a service, wherever, globally. But definitely on the European common market elsewhere. And in principle, maybe in 20 years, all the production will be very much regionalised by the same development. Which means that somebody designs, somebody engineers, and then, the producer is only looking for the closest factory, which is able to print out this kind of good. See, this is a radical change of how we define our economies. This change is already here. Luckily, European Union as a regulator has understood it.

There are few other elements. Artificial intelligence, for example. We need to make sure that our artificial intelligence in the free world and in Europe is able to be as smart as some of our competitor’s AI. The problem nowadays is that we have not been able to create for our AI a legally permissive space to learn in order to be smart enough for us. We need to quickly come to the conclusion that in free world for data safety, but at the same time for artificial intelligence development, we need to define our objectives on how we see companies and governments need to keep data safe. And we should try to do this across all economic sectors and over different generations of technology. Why this is important?

Because the legal cycle nowadays is longer than technological cycle. If we try to regulate technology as it stands today, then in five years from now this legal space is outdated. Hence, we need to define our objective in a technology neutral way for artificial intelligence. We need to define and to say data needs to be kept safe according to these rules. Data also has to be disposed according to these rules. And enterprises and entities gathering the data, they have to fit certain criteria. Both entities and technology itself has to be able to explain the regulators that it is fulfilling these criterias. Luckily, technologies are able to explain themselves to us, mere humans. This is one of the basic principles of AI development in the free world – it has to be able to explain itself to us.

And this way, if we set the objectives and thereafter leave the entities, big businesses or governments to achieve these objectives in a demonstrable way, our AI can learn as quickly as AI which is based on data gathered from totalitarian societies where all these data safety worries do not arise.

It is possible to do if we stop trying to regulate pathways to safety. We should regulate the objectives. What is the difference? Let me turn back to the example of hospitals. When we have all the files on the paper, we say, hospitals have to keep all the files safe. And that is it. That is a regulated objective. We do not try to regulate pathway to this objective. We do not say that this data has to be kept no lower than on fifth floor, in a room, which has this kind of a door, in a safe that is red, in a windowless room. We do not prescribe all these details.

Maybe because of our fear of technology, when we come to regulating technology, we try to describe also the pathway to safety. Which, let’s face it, sounds ridiculous if I try to pose them on analogue world. Yet, for some reason we try to overcome this kind of thinking in technology world. But we need to. This is something we need to do together in Europe.

How to do all this change and how to provide this digital safe space for our citizens so that it will also be not only for smart and learned elites. How to do it in a way that it is supporting the egalitarian natures of our societies? We have seen in last decade many European societies braking heart over the inequality, intergenerational poverty and hopelessness. We must stop this. And digital space, if developed safely, will allow us to do so.

First, digital technologies do not only support the working environment and the market power of the well-learned and educated. There are already and there could be much more people in quite simple jobs who benefit from internet. Let’s look at the warehouse keepers. Very simple job. You need to monitor the temperature, the humidity, the movement of goods. But none of it needs to be done on the spot. You can do it from the distance. So in principle you can monitor several warehouses from your own home or from the Mediterranean beach if you so wish. It gives you quite a lot of market power, because you can sell simultaneously to several companies in several countries seeking the best conditions for you. Provided that not only digital legal space but our labour market legal space allows that.

It can be egalitarian. Take people with disabilities. We have real examples here in Estonia of people who work this way. I know one man who makes bows and arrows. He originally comes from South Africa, but now has settled in a little village in Estonia. His bows and arrows are a world class, but here in Estonia nobody buys them. Closest clients might be about 1000 km away. You can sell your handicraft globally.

200 years ago, the productivity of handcrafters’ was limited by their capacity to sell on the nearby markets. 100 years ago, by capacity of them to agree with souvenir shops. That was already a huge rise of productivity if they were not travelling to the markets themselves. Now the world is their markets.

Similarly, people who are facing hard conditions and cannot exit their home very easily. Maybe because they are people with disabilities, maybe because they live in countries that do not allow women to go out freely on the streets or they simply live in an area where they are afraid of being out late in the evenings. You can work from distance in many jobs without leaving the safety of your home, your town, your country.

It is for us to make sure that digital space also serves those who have by tradition in our society heavier homework burden. Yes, I mean younger women with children. In digital space, you do not have to work from 9 to 5. You do not have to leave your home if the children are sick. You can work when you can and where you can. Alternating your job tasks with your home cause. It is not an ideal world, but it allows people to have better work and life balance if they need it. It also means that women are not left behind on career ladders when they are having children.

Everybody can benefit from internet. Let’s take a very simple example of a person with special needs who likes knitting red socks. The person really does beautiful red socks. 20 or 30 years ago such a person would have been on social benefits because probably in the village where he or she lives, or even in a town, there are not enough takers for red socks. Simply not big enough market for this kind of monotonous product. Nowadays the world is their market. Among millions of people there is definitely a demand for red socks supported by a nice story. In addition, you can sell without ever seeing your clients if this is the person’s wish.

These examples demonstrate that digital can be safe. Digital can be inclusive, digital needs to be supported by a legally permissive environment. We are ahead globally in providing such a legally permissive and safe environment for GovTech and also for private companies. And we have a lot of work to do to make sure that with next technological cycle, we will keep these advantages for European citizens.

Thank you!