The mystery of the non-existent Estonian digital identity blockchain: solved!

Estonian
Credit: sevenMaps7 / Shutterstock.com

Estonia. Land of saunas, shepherds and song festivals. I keep hearing about Estonia all of a sudden, and not for any of these reasons but because of the blockchain. At meetings and conferences, I keep hearing people talking about the Estonian national identity scheme that uses a blockchain. Just recently, for example, in the Harvard Business Review, I read that…

“since 2007 Estonia has been operating a universal national digital identity scheme using blockchain.”

via Blockchain Will Help Us Prove Our Identities in a Digital World

I think this is a misinterpretation of the technical infrastructure of our neighbor to the north. The Estonian national digital identity scheme launched in 2002. Way back in 2007, my colleague Margaret Ford interviewed Mart Parve from the Estonian “Look@World” Foundation in Consult Hyperion’s long standing “Tomorrow’s Transactions” podcast series (available here). Mart was responsible for using the smart ID service (both online and offline) to help Estonia develop its e-society. If you listen carefully to them talking, you will notice that they never mention the blockchain, which is unsurprising since Satoshi’s Nakamoto’s paper on the subject was not published until October 2008. This only the most recent example of what I see to be a virulent strain of blockchainitis, though.

Another Estonian outbreak of the same disease occurred just before Christmas when I was invited along to a blockchain breakfast (seriously) at the Mother of Parliaments.

After a while, the discussion moved on to the Estonian electronic identity system. I expressed some scepticism as to whether the Estonian electronic identity system was on a blockchain. The conversation continued. Then to my shame I lost it and began babbling “it’s not a blockchain” until the chairman, in an appropriate and gentlemanly manner, told me to shut up

From House of Blockchain | Consult Hyperion

As it happens, a few days ago I had breakfast with the new CIO of Estonia, Siim Sikkut. What a nice guy!

I asked him where this “Estonian blockchain ID” myth came from, since I find it absolutely baffling that this urban legend has obtained such traction. He said that it might be something to do with people misunderstanding the use of hashes to protect the integrity of data in the Estonian system. Aha! Then I remembered something… More than decade ago I edited the book “Digital Identity Management” and Taarvi Martens (one of the architects of the Estonian scheme) was kind enough submit a case study for it. Here is an extract from that very case study:

Long-time validity of these [digitally-signed] documents is secured by logging of issued validity confirmations by the Validation Authority. This log is cryptographically secured by one-way hash-function and newspaper-publication to prevent back-dating and carefully backed up to preserve digital history of mankind.

Mystery solved! It looks as if the mention of the record of document hashes has triggered an inappropriate correlation amongst less technical observers and as Siim observed, it may indeed be the origin of the fake news about Estonia’s non-existent digital identity blockchain.

So there we have it, as far as I can see. If there are any other crypto-sleuths out there with alternative theories, I’d love to hear from them.

This article was originally published at Tomorrow’s Transactions

1 Comment

  1. Hm. The paper of Satoshi was published on 1 Nov 2008. Under “https://e-estonia.com/” –> success stories –> year 2008 you’ll find “Estonian government has been testing the technology already since 2008.” So this is really amazing, because the genesis block is dated 3 Jan 2009. Is this sentence on the estonian website also just a myth, or could it be that estonian goverment hiddes behind the pseudonym “Sathosi Nakamoto” – who knows. Regards and thanks for this article — MM

What do you think?

This site uses Akismet to reduce spam. Learn how your comment data is processed.