Mari Pedak has dedicated 22 years of her life as a civil servant for the Estonian government. Under her leadership, several policies regarding Estonian identification and authentication were developed, as well as, a digital identity card was introduced in 2002. She has been continuously taking part in many international projects, providing her expertise in the fields of e-government and e-identity. eGovernance Digest invited Mari for a short interview to share some information about her current work in Ukraine.
What is your career path and how has it led you to become an e-goverance professional?
For many years I was a top official in Estonian government. At first, I was working for local and regional governments and later for the Ministry of the Interior. The Ministry of the Interior in Estonia is responsible for identity management and issuing identity documents. In 2000, I was appointed to the position of Director General of the Citizenship and Migration Board to assist with the implementation of digital identity and Estonian ID-cards. Finland started implementing their ID-cards one year earlier, however, we decided to do several aspects differently and as a result, our model proved more successful. It has been interesting to follow the people who joined our expert group stay vested in the topic of digital identity for years.
Can you talk about your current work?
I am a team leader for a project called EGOV4UKRAINE. Our aim is to develop the infrastructure for public electronic services. Typical examples of the infrastructure for public e-services are interoperability and identification systems, as well as access and databases. Currently, this project is assisting the Ukrainian government to develop more of its infrastructure and the biggest part of our work is developing the interoperability system. We merge our knowledge of the interoperability systems with Ukrainian cryptographic standards. In July, we passed a tender and a contract was signed with a consortium of an Estonian company “Cybernetica” and Ukrainian company “Soft Xpansion”. The first results of their work on the Ukrainian interoperability system are expected to be ready for review by the end of this year. In addition, we cooperate with several other e-government projects in Ukraine and provide consultations on how to develop new e-services.
How do you feel about the tender winners?
As a project leader, I am really happy to see “Cybernetica” as the developer in this project. They have a leading role in cyber security and everything that they have developed is very high quality and security. This means that we can develop not only a good interoperability system, but also a secure system. Additionally, this was our precondition to get local developers involved in the project. Very early on, we understood that it has to be a local partner who is dealing with these issues after the project is complete. Local developers can understand structural aspects of their own country better than anyone else. For instance, in order to deliver new e-services locally, Ukraine is developing administrative service centers (TSNAP) like in Georgia, Azerbaijan and some other countries. In Estonia, we skipped this stage and used a slightly different approach. Thus, we need local experts to adjust our developments specifically for Ukraine.
Having much expertise in electronic identification, how do you see this development in Ukraine?
Two years ago, I was involved in the identity development in Ukraine. Looking at the situation in Ukraine right now, I can say that some changes are in fact happening. Earlier, all certification centers responsible for digital identity issues were not connected and often were using different technology with absolutely no discussion of interoperability. The Ministry of Justice has been working hard and now the certification system is merged and developed according to unified standards. However, there are still certain pitfalls in Ukraine on this ground since electronic identification and digital signature are not separated, thus a digital signature is actually used as identification here. I continue to consult local experts that from a technical point of view there may not be much difference between digital ID and digital signature, however from a legal aspect, it is wrong to identify someone by a mere signature as this may cause potential problems for implementing provisional e-services such as e-health or internet voting.
Is it common for other countries to use digital signatures for means of electronic identification?
In 1999, a European Union regulation was passed called the Electronic Signature Directive and at that stage, there was no clear understanding of defining e-identification in the EU. E-signature was developed as a technical system and many countries developed their legal and technical standards based on this regulation. The 1999/93/EC Directive never actually held much legal ground because if you receive a signature, without an identity to back it up with, at a certain level it is impossible to use this signature. Ukraine was one of those countries, which developed a digital signature and started using it as a means of identification. In 2014, EU passed a new directive on electronic identification and trust services, which requires that by September 2018 all the EU countries have to adapt to its new changes if they haven’t done so already. Unfortunately, I do not see this discussion in Ukraine since everyone is mostly talking about e-signature, public infrastructure, and cryptography. I really do hope that this attitude will change in the nearest future.