Governments worldwide are trying to create digital ID verification platforms, offering citizens secure access to public services – but many have struggled to deliver workable, popular solutions. At the Government Digital Summit, Matt Ross heard digital leaders from 16 countries debate the way forward
In some countries, said Lauri Lugna, the data links between government databases are reminiscent of city streets in parts of the developing world – where a tangled, chaotic mass of wires droops from the telegraph poles, linked haphazardly to each building by a random assortment of ageing cables. But Lugna, Permanent Secretary at Estonia’s Ministry of the Interior, is lucky: 20 years ago, his predecessors built the country’s ‘X-road’ network.
This enables data to be transfered quickly, efficiently and securely, using centrally-decided protocols and data formats: “And it’s not just for government databases,” added Lugna. “Private sector databases can also make requests for data through the X-road network” – so citizens can, for example, permit their banks to share information with government, supporting Estonia’s very straightforward system of tax declarations.
Lugna’s audience – 27 national and departmental digital leaders from 16 countries, who’d gathered in London for Global Government Forum’s first Digital Summit – were, it’s fair to say, a little jealous of Estonia’s digital set-up. While the X-road provides hard connections, the country’s universal digital identity verification system and its ‘once only’ principle (of which more later) keep information flowing across and beyond government: the Baltic state appears to have cracked a nut that’s proved too tough for many bigger and richer nations.
A need for networks
But countries worldwide will simply have to get bigger nutcrackers – for the ability to rapidly share data is becoming ever more essential to effective government. And that timeliness is important, pointed out Greg Ainslie-Malik, a Machine Learning Architect at knowledge partners Splunk: “How quickly are you able to share that data for the outcome that your partner organisation is trying to achieve?” he asked. For responsive services and those built around the use of real-time data, he added, a relatively short delay can dramatically reduce data’s value: like radioactive materials, data has a “half life”.
As governments begin to introduce machine learning technologies, Ainslie-Malik continued, they’ll also have to improve the accuracy and consistency of their data. “Most organisations have ‘dark data’: they don’t have visibility of all the data they generate,” he pointed out – but without clarity on data’s origin, quality and formatting, machine learning developers struggle to ensure that their systems don’t produce discriminatory decisions. And civil servants also need confidence in their data’s quality, added Lugna, in order to pursue another fruitful application: by using “behavioural science, and putting that on the same table as the data, we can understand the underlying behaviours that we in the public sector are trying to change.”
Estonia’s journey
To be fair to other nations, Estonia enjoyed certain advantages as it created its world-leading digital infrastructure. Having escaped the Soviet Union’s grip in 1989, “we had to build up the system from scratch,” Lugna recalled, “and that gave us the possibility of skipping some stages. For example, in the banking sector we never had cheques: we went straight to payment cards – so we avoided some of the challenges around legacy systems.”
In fact, Lugna explained, Estonia’s e-identity platform has its roots in the systems introduced by banks 20 years ago. “The private sector was giving us identity management solutions,” he recalled. “The government also opened itself up to this way of authenticating citizens, and when the technology evolved the banks closed their systems down and pushed their customers to use [the government’s] mobile ID solution.”
The country also benefited from its small land area and 1.3 million population: the lack of economies of scale makes capital investments expensive, noted Lugna, but reduces the complexity of change programmes. And Estonians were quick to adopt digital services: “In Estonia, the internet is basically a societal right,” he commented. “There is broadband coverage of about 90%.”
Yet Estonia’s digital success owes much to its first generation of post-Soviet civil servants, such as former Secretary of State Heiki Loot – who had the foresight and drive to lay the foundations for its digital journey. These building blocks include the ‘once only’ principle, which bars civil servants from requesting citizens’ data if that information is already held by another government body; the ‘digital by default’ rule, which requires policymakers to integrate every legislative change with digital policies and systems; and ‘trust by design’, the prioritisation of security and public confidence in all of Estonia’s digital activities.
This last principle can put government in uncomfortable positions, noted Lugna, recalling an incident when cryptographers identified a potential weakness in the country’s digital ID system. “We decided that we shouldn’t fix it ‘hush hush’, behind closed doors,” he said, so civil servants went public about the threat. “It was difficult – but trust comes if you are open and explain what you’re doing,” he commented.
Nowadays, said Lugna, 99% of government services are available online – the only major exceptions being marriage, divorce, and property sales. And the “cornerstone” of Estonia’s digital architecture, he added, is its mandatory digital identity system: providing citizens with a secure, single identity running across government, the system supports secure data-sharing between departments – and beyond. “I was looking at my daughter’s school marks today online; that’s a service provided by a private company,” he commented. “If we didn’t have the e-identity and authentication management in place, our digital society would look like the Wild West!”
Transferable lessons
The delegates were impressed by Estonia’s approach. “I wonder whether you think this is scalable to much bigger populations?” asked one. “Or what challenges would exist if you tried to scale it?”
The X-road certainly is scalable, Lugna responded – “though the ICT companies wouldn’t be that happy, because they’re the ones who code all the connections between different databases.” Technically, the digital identity system is also fairly straightforward to replicate – but much of its value lies in its ability to put citizens in control of their own data, and this principle cuts across the laws and accountabilities governing data management in many countries.
