Digital Privacy

Estonia, probably one of the states with the best developed IT infrastructure, went further with digitalizing their citizens data than any other European country dared. With their personal ID cards, citizens can access virtually any data the government, insurances and banks have on them online: social security status, bank loans, land register and even doctors prescriptions. It is even possible to register a new born child online. Of course elections are online as well, just like votes in the parliament. All of this is no problem from a data protection and privacy perspective, says President Toomas Hendrik Ilves. Every personal ID card features a certificate, which can be used for secure communication and encryption of data. More importantly, every time data of a person is accessed, the person gets notified and this event is flagged. This way, abuse is minimised because everyone knows at every point who accessed which information. This wouldn’t be possible with data being available only on papers. The state provides the secure infrastructure for communication and for access to the data. But authentication is independent and thus should ensure that everyone’s data is safe.
Recently, Estonia published the source code of the sever-side software of their e-voting system and asked the public to review it for flaws. The developers themselves say it is secure, however there are still many critical voices against this technology (English translation).

Still, the country could be a role model for many countries world-wide and a good example how the power of new technology can be used while minimising possibilities of abuse. Austria, a country where digitising health data to make the health system more efficient, still causes a huge public, ridiculous debate (English translation), should certainly take a look at this small country in northern Europe.