THE digital state must be trustworthy and recognise its own limits to our digital selves. We, the digital citizen, must also recognise that, in order for the state to serve us, we must agree some forms of collective data sharing, data that enables the state to function, and to plan and deliver services we require. We will require a digital state that serves the citizen, not the other way round.

The Estonian approach is not tech-led but political. It is a political project and finds its digital pillars in laws passed in 1998. The first is protection of fundamental rights and liberties, as well as personal information and data relating to identity. Secondly, individuals are the owners of their personal information and they control how it is used. The public sector must recognise its processes so that the citizen, businesses and public entities enter their personal information only once, what the Estonians call the “only-once principle”.

Fourthly, the information society is developed in co-operation with public, private and third sectors, as well as any other concerned party, including ICT solutions.

The fifth principle is that the information society has been created for all residents of Estonia, with particular attention paid to the integration of social groups such as citizens with disabilities and others presenting specific needs, to regional development and to support for local initiatives. Finally, and essential to digital statehood, internet access must be guaranteed for everyone.

The former Estonian president Toomas Hendrik Ilves gives an outline of a digital society and what Estonia has tried to achieve: “The most fundamental aspect of digitisation of society is, how governance is turned upside down. Bureaucracy has always been a sequential process. Digitisation allows parallel processing.”

In other words, with political and societal leadership, digitisation exposes the failures of old bureaucracy and enables us to swiftly implement digital change benefit based on our needs.

For example, much of the digitisation required to be both radical and effectual requires work over a period of months, it’s the old and ingrained bureaucratic processes that hold back effective change.

Siim Sikkut, the Estonian government’s chief information officer, is a tad more blunt: “It’s never been about the technology. It’s always been about how we redesign, how we transform and how we operate as a government.”

So how does an independent digital Scotland learn from Estonia, first to highlight what can happen to our data and then recognise that over-centralised information systems, of which we have many, is in fact the problem not the answer, due to their weaknesses and vulnerabilities.

The key is to decentralise your date control and management, so if your data is compromised it doesn’t impact every other citizen and will be easily rectified. Spreading risk is the key to data security in the digital nation and Estonia ensures it doesn’t put all its digital statehood in one digital basket.

So, how does Estonia achieve this principle; that is, a transparent and secure decentralised information system? Well, let’s walk through the pillars of its digital statehood.

The first is X-Road, the junction or crossroads for saving and sharing data, enabling government ministers, public services and enables agreed private partners to share data. This allows consent for the exchange of data, generating inter-operability across government, local authorities, the justice system, health and agreed private partners and all of government.

Secondly, and this will cause some consternation, a digital and mobile identification system, and the use of electronic identity cards or e-ID. I’ll return to this contested principle in a few weeks’ time.

We should note, the digital ID is not compulsory and all services can be accessed in the traditional manner. We should also note that more than 90% of Estonians have chosen to use digital ID.

The X-Road allows data to jump on and off the data bus at any given time and place along the X-Road, with no requirement to travel all the way to a centralised digital terminus.

As the Estonian system is desterilised, using the X-Road a department of government can ask for a file for specific reasons only. It sends the request via the X-Road to another department without bothering you. As you own the data, you can follow each request (or digital bus journey) for information, watch how it is being used, from your child’s report card, to your medical records to a whole host of public records, noting who accessed it, when and where and – critically – you can ask why.

Since its inception, more than 500 million requests have travelled along the X-Road without having to bother the citizen at every turn.

The final pillar is, the official e-service of the Estonian state – a simple point of access or digital portal for all your e-services. It comprises thousands of digital services, with more than 95% of all public services available online.

The joke in Estonia is that “the only things you can’t do online are get married, get divorced and buy a house” – although with the greater use of electronic signatures that’s not that far off.

One of the practical examples of this is the registration of birth, done at the maternity unit moments after birth. It generates a digital ID and you have it the rest of your life and so begins your digital citizenship.

This will, I think, give many of us cause to consider the implications of data and, I suspect, the conflict many of us will have with the issue of state identification processes, if it is an essential pillar of a digital state.

I hope you’ll stay the course as we continue our journey in the weeks ahead to ponder and consider these important ramifications for Scotland.