my country was facing the need to rebuild everything from scratch.

After years of Soviet occupation,

Estonia regained its independence, but we were left with nothing.

No infrastructure, no administration, no legal code.

Organizational chaos.

Out of necessity,

the state leaders back then had to make some daring choices.

The ones that our country could afford.

There was a lot of experimentation and uncertainty

but also a bit of luck involved,

particularly in the fact that we could count on a number

of brilliant visionaries,

cryptographers and engineers.

I was just a kid back then.

Today, we are called the most digital society on earth.

I'm from Estonia,

and we've been declaring taxes online since 2001.

We have been using digital identity and signature since 2002.

We've been voting online since 2005.

And for today, pretty much the whole range of the public services

that you can imagine:

education, police, justice, starting a company,

applying for benefits, looking at your health record

or challenging a parking ticket --

that's everything that is done online.

In fact, it's much easier to tell you

what are the three things we cannot yet do online.

We have to show up to pick up our ID documents,

get married or divorced,

or sell real estate.

That's pretty much it.

So, that's why don't freak out

when I tell you that every year

I can't wait to start doing my tax declaration.

(Laughter)

Because all I have to do

is sit on my couch with a mobile phone,

swipe a few pages with prefilled data on income and deductions

and hit submit.

After three minutes,

I'm looking at the tax return amount.

It actually feels like a quite rewarding experience.

No tax advisors,

no collecting receipts,

no doing the math.

And have I mentioned that I have not visited a state office

for almost seven years?

Indeed, one of the features of the modern life

that has no reason to exist anymore,

considering technological possibilities of today,

is the labyrinth of bureaucracy.

We've almost got rid of it completely in Estonia,

in an effort coordinated by the government that has also digitized itself.

For instance, cabinet of ministers' work in e-Cabinet is absolutely paperless.

The central idea behind this development

is transformation of the state role

and digitalization of trust.

Think about it.

In most countries, people don't trust their governments.

And the governments don't trust them back.

And all the complicated paper-based formal procedures

are supposed to solve that problem.

Except that they don't.

They just make life more complicated.

I believe Estonian experience is showing that technology can be the remedy

for getting the trust back,

while creating an efficient,

user-centric service delivery system

that actively responds to citizens' needs.

We did not do it by digitizing bureaucracy as it is.

But by rather agreeing on a few strong, common principles,

redesigning rules and procedures,

getting rid of unnecessary data collection

and task duplication,

and becoming open and transparent.

Let me give you a glimpse

into some of the key e-Estonia design principles today.

First, it is essential to guarantee privacy and confidentiality

of data and information.

This is achieved through a strong digital identity

that is issued by the state

and compatible with everything.

In fact, every Estonian has one.

The identity is doubled with a strong digital signature

that is accepted, used and legally binding

both in Estonia and the European Union.

When the system can properly and securely identify who is using it,

after logging in, it will provide access to the personal data of the citizen

and all the public services within one tool,

and allow to authorize anything by signing digitally.

A second principle, and one of the most transformative,

is called "Once only."

It means that the state cannot ask for the same data

more than once,

nor can store it in more than one place.

For instance,

if you've already provided your birth or marital certificate

to the population registry,

this is the only place where this data is going to be held.

And no other institution will be ever asking for it again.

Once only is a very powerful rule,

as it defines the whole structure of the data collection in a country,

what information is collected

and who is responsible for maintaining it,

making sure we avoid centralization of data,

duplication of data,

and guarantee that it's actually up to date.

This distributed approach also avoids the problem

of the single point of failure.

But since the data cannot be replicated,

or collected more than once,

it means that the design has to keep in mind

secure and robust access to that information at all times,

so the public institution can offer a service.

This is exactly the role of the data exchange platform

called the X-Road

that has been in use since 2001.

Just like a highway,

it connects public sector databases and registries,

local municipalities and businesses,

organizing a real-time, secure and regulated data exchange,

saving an auditable trace after each move.

Here's a screenshot of a live feed

showing all the requests performed on the X-Road

and all the services that it actually facilitates.

And this is the real picture

of all the connections between public and private sector databases.

As you can see,

there is no central database whatsoever.

Confidentiality and privacy are definitely very important.

But in the digital world,

reliability and integrity of information

is just critical for operations.

For instance,

if someone changes your medical health record,

let's say allergies,

without you or your doctor knowing,

treatment could be deadly.

That's why in a digital society, a system like an Estonian one,

when there's almost no paper originals,

there's almost only digital originals,

integrity of data,

data exchange rules, software components

and log files is paramount.

We use a form of blockchain that we invented back in 2007,

way before blockchain even became a thing,

to check and guarantee the integrity of data in real time.

Blockchain is our auditor

and a promise that no access to the data

or data manipulation remains unrecorded.

Data ownership is another key principle in the design of the system.

Aren't you worried by the fact that governments, tech companies

and other businesses around the world

claim data they've collected about you is theirs,

generally refuse to give access to that information,

and often fail to prove how it was used

or shared with third parties?

I don't know, for me it seems like a quite disturbing situation.

The Estonian system is based on the principle

that an individual is the owner of the data collected about him,

thus has an absolute right to know what information is collected

and who has been accessing it.

Every time a policeman, a doctor or any state officer

is accessing personal information of the citizens online,

first they only get to access it after logging in

to the information they're authorized to see to do their job.

And secondly, every time they're making requests,

this is saved in a log file.

This detailed log file is part of the state public services

and allows real transparency,

making sure no privacy violation will remain unnoticed to the citizen.

Now, of course, this is only a simplified summary

of all the design principles that e-Estonia is built on.

And now, government is building up

to get ready for use of artificial intelligence

and building a whole new generation of public services --

proactive services

that would activate seamlessly

based on different life situations that people might be in,

such as childbirth, unemployment or starting a business.

Now, of course,

running a digital society with no paper backup

can be an issue, right?

Even though we trust our systems to be solid,

but one can never be too cautious as we experienced back in 2007,

when the first cyberincident happened,

and it literally blocked part of our networks,

making access to the services impossible for hours.

We survived.

But this event put cybersecurity at the very top of agenda,

both in terms of strengthening the platform and backing it up.

So how do you back up a country-wide system in a small state

where everything is super close?

Well for instance, you can export a copy of the data

outside the country territory

to an extraterritorial space of an embassy.

Today, we have those data embassies

that are holding the most critical digital assets of Estonia,

guaranteeing continuity of operations,

protection of our data,

and most importantly, our sovereignty.

Even in case of a physical attack on our territory.

Some of you might be thinking by now:

Where are the downsides?

Well, going all digital

is administratively, and let's be honest, financially more efficient.

Interfacing primarily with computer systems

might create an impression that the human factor,

elected politicians

and participating in democratic processes

is somehow less important.

And there are also some people

who feel threatened by pervasive technology

that might make their skills obsolete.

So all in all, unfortunately,

running a country on a digital platform

has not saved us from political power struggles

and polarization in the society,

as we have seen in the last elections.

Well, until there are humans involved.

One last question.

If everything is location-independent

and I can access all of the services from anywhere in the world,

why cannot others tap into some of these services,

even if they don't reside within Estonian borders?

Five years ago,

we launched a governmental start-up called e-Residency program

that for today joins tens of thousands of people.

These are businessmen and women from 136 different countries,

who establish their businesses digitally,

who do their banking online,

and who run their companies virtually over e-Estonia platform,

within European Union legal framework,

using an e-identity card similar to mine

and all of that from anywhere in the world.

The Estonian system is location-independent

and user-centric.

It prioritizes inclusiveness, openness and reliability.

It puts security and transparency at its center.

And the data into the hands of the rightful owner,

the person they refer to.

Don't take my word for it.

Try it.

Thank you.

(Applause)