Madis Tapupere: the evolution towards a more personalised, complex, and integrated digital state

Article content

Rare is a glance into the head of the Chief Technology Officer of Estonia. Having been in office for three months, Madis Tapupere agreed to share his ideas on some of the country’s challenges. We discussed the “personal state”, the EU integration and the development of systemic capabilities of a digital state of growing complexity.

The challenges for the state as a whole

How have the first three months in the public sector been?

I am settling in. In some respects, a country is unlike a big company with a complex digital system. What is new compared to the private sector is understanding how many activities are rooted in laws. In a private company, the board can decide instantly and move on. Important changes in the whole country, however, need regulation change. And it takes a lot of energy to change a big system. I am trying to get a feel for the suitable methods for driving change. Finding a balance between autocracy and collaboration is the key. I follow the “narrow waistline” principle: I try to focus on the most important things instead of controlling everything.

What is your vision for your time in office?

Although it is still in formation, I see multiple areas where we need to address the bigger challenges for the state as a whole: first, further development of general state capabilities, such as advancing the “personal state”; second, EU integration and, third, developing systemic capabilities to address business, data and technology management challenges, including cybersecurity.

And then, there is the task of finding a suitable approach to dealing with these topics. For example, the “personal state” aim can be tackled using a startup mindset, but several other challenges are like those of large companies. How can we innovate in the face of growing complexity and backlog? The existing must be preserved and renewed at the same time.

Therefore, in some areas, we need streamlining, but in other areas, we need to simplify the business and the process side, and hopefully, this will free up hands to deal with new capabilities.

Taking the idea of a “personal state” to the next level

What is your attitude towards the idea of a “personal state” – event-based, invisible, personalised, and integrated digital services for the citizen?

As a strategic goal, a “personal state” is valuable. It relies on principles such as citizen-centred and easy-to-use state services and the once-only principle of data clarity and findability prevalent in several countries. However, while some countries focus on goals we have already achieved, such as information exchange between databases, we should take it to the next level by improving the user experience.

I also recognise that the “personal state” idea goes a long way for Estonia. I have already mentioned that good information exchange between state systems is the foundation of our digital state. Event-based and as invisible as possible services have also been in the works for several years. The added values resulting from data usage are more future-looking and, therefore, blurrier. The challenge is providing a cross-country service within a distributed organisation like our country. And this is not a technology challenge, at least initially, but a governance challenge. Each register in Estonia has its own responsibility, as specified in the law. A citizen-centred view requires changing these basic principles.

In short, the “personal state” is the vision and the direction along which we are going, and our immediate task is to understand where the low-hanging fruit is. The criterion for finding them is the value to the citizen.

Giving people more control

What are the main challenges for developing the “personal state”?

The privacy control mechanism is one of the central questions in developing a more person-centred and invisible service. The more personal the state services become, the more means of control must be given to the person. Otherwise, there is a risk of growing resentment, because we already see that the digital state is not universally accepted by everyone. This tendency must not be exacerbated. Rather, we must find ways to ensure citizens are in control when interacting with the digital state. This can be done by developing consent services and data trackers.

Do you feel you understand things when you go to FB privacy settings? Using data in a large system is difficult for developers and users. How do you convey this info to people? How do you empower people to go along with it? These are the pressing challenges we need to address.

We have been taking the first steps in constructing consent management in Estonia. For example, everyone will have an overview of the use of their data at the level. However, as we develop our personal state further, the consent service must also be developed to make the complex world understandable and manageable for people.

Innovators dilemma in integration with the EU

Where do you see the challenges and opportunities for EU digital integration?

I would phrase our biggest issue here as the “innovators dilemma”: what brought us here may not take us further. The prerequisites for Estonia’s success may not be applicable in the wider world, and vice-versa — the solutions of the wider world may not fit well with our digital society. My task is to maintain the prerequisites for our success, such as tightly integrated registries, and fit in other solutions and work methods that address the needs and situations of other European countries.

The Digital Identity Wallet is a good case in point. We have used eID and direct system-to-system integration in Estonia to handle personal data. The wallet introduces a new one whereas the data is carried along in the wallet as certificates. You ask for data directly from the register or transfer them through the wallet certificate. Adopting the Wallet logic in Estonia poses some challenges that must be addressed.

Estonia is developing a wallet as a nationally approved and functional authentication and identity verification method. The next step is to develop its capacity as a platform. We are developing a strategy along with the use cases for this.  We know, for example, that Estonia already supports using a digital driver’s license in the EU and elsewhere. However, making a comprehensive road map of the additional possibilities is too early.

In the bigger picture, I see an analogy with open banking. After forcing the banks to open their APIs, a whole ecosystem of certified startups and fintechs emerged. I suspect a similar pattern will also emerge in conjunction with the Wallet.

Estonia: an evangelist with a sense of empathy

What is Estonia’s role in these developments in the interoperable EU?

Regarding data interoperability at the EU level, we must distinguish between two options. First, where there are specific needs, such as stemming from regulations, the data exchange is built up specifically based on these needs.

Secondly, we are also building the foundation of a more general data exchange.  We are supporting the emergence of a broader data exchange ecosystem in the form of “data spaces”. It is a structured description of workflows, data exchange, and how data is agreed upon and monetised. Estonia is involved in the experiments at the EU level, and the future version of our X-road will integrate in this direction. It is an interesting time of emerging standards and proofs-of-concept, so we are closely monitoring this.

I see Estonia’s role in adding pressure to increase ambition. We have real-life experience of how a well-designed digital state can function. Sure, we must accept that everyone’s ability is not the same, but we can be the ones who say that things are possible if done well. Sort of evangelists in what we believe, but also with a sense of empathy.

Technology as an asset

How to deal with the common problem of all systems: legacy?

We must ensure we direct enough active interest towards managing the legacy. In Estonia, we constantly deal with legacy systems, and it is an accepted justification for current investments. However, there is little cross-national management information on the situation.

One of the sources of difficulties is that “a legacy system” does not have a clear definition. It is at least partly subjective. For example, a way to define a legacy system is “system that works”.

However, legacy needs to be addressed because this allows a country to be clear about its limitations. Strategic choices can be made when there is an understanding of what can and cannot be done. This allows meaningful portfolio management and directing of resources. Instruments for dealing with legacy are diverse: technological innovation, cutting the system into smaller pieces and changing them, or even completely rewriting the business process. In the end, we may even have to shut a system down. We need to ensure the pile of stones is not allowed to get too big so it can no longer be stacked around.

The principle I would like to establish is that technology is an asset. Technology is not only an investment that does something new. It is an asset with characteristics, risks, and costs; therefore, it must be managed so that the risks do not become too high and the costs do not become too high. In this way, we can get the maximum out of our portfolio.

Has digitalisation gone too far?

What is your attitude towards the “twin transitions” approach of aligning digital and sustainable transitions?

We need to take the turn to sustainability as one of the parameters of technological development. Some aspects we already share with it, such as optimisation and resource efficiency.

If we accept that all technology management has a cost and creates complexity, then we can clearly see that, in some places, digitisation has gone too far. We should start at the business process level and pressure our operations to optimise.

This capacity could be improved on the national level. The beginnings are there as the capabilities of service management and service portfolio management are already in place. Activities in this field will continue in the context of the green transition. Having a clear map of the scene is its prerequisite.



Visit us physically or virtually

We host impactful events both in our centre and online for government institutions, companies, and media. You’ll get an overview of e-Estonia’s best practices and build links to leading IT-service providers and state experts to support your digitalisation plans.

Questions? Have a chat with us.

Call us: +372 6273157 (business hours only)

Find us

The Briefing Centre is conveniently located just 2 minutes drive from the airport and 10 to 15 minutes drive from the city centre.

You will find us on a ground floor of Valukoja 8, central entrance behind the statue of Mr Ernst Julius Öpik. Photo of the central entrance.

Valukoja 8
11415 Tallinn, Estonia