In 2002, Estonia created the e-state, which gave the Estonian people the possibility to securely communicate with both – public and private sector in the electronic world by using ID card and the X-Road.
In 2014, we opened our e-state to the entire world by creating e-residency. This makes it possible for the residents of other countries to also use Estonian e-services securely. The e-residency programme works through a cooperation between the state and the private sector.
In 2021, we intend to introduce a biometrics-based system, which helps to increase the security of identification and verification of person’s identity. This gives us an even higher level of assurance that people really are who they claim to be.
What is ABIS?
The automated biometric identification system database – ABIS will be a central national database for storing biometric personal data – facial images and fingerprints –, which are currently stored in separate databases and are collected during various state procedures.
The aim of creating the ABIS database is to contribute to secure identity management, ensure public order and security more efficiently, prevent crime, and facilitate the collection of evidence in offence proceedings.
ABIS helps to increase the reliability of identification and identity verification of person’s identity to provide an even better level of assurance that an individual can only have one identity in Estonia.
- To identify people in the case of accidents. If an accident has happened to someone and he or she is unconscious and is not carrying personal identification documents, an ABIS biometrics comparison could in the future be used to promptly determine his or her identity at the hospital and then to contact his or her close ones to let them know what has happened. Health databases could then also be used to determine whether the patient has a chronic disease which should be considered in selecting the right treatment. Thanks to ABIS, doctors can quickly choose the right treatment for the patient and promptly notify the family.
- To detect unlawful stays in Estonia. For instance, when someone has been expelled from Estonia due to a security risk, unlawful employment or a violation of the visa regime and has changed his or her name in another country and obtained documents with that new name and now attempts to re-enter Estonia with the new name. Thanks to an ABIS biometrics comparison, the police can determine the previous identity of the person and decide on his or her entry or stay in the country.
- To conveniently use both state and private sector services. In the course of applying for personal identification documents, people give their personal data, fingerprints and a photo to the state. Today, the bank verifies the identity of clients based on an ID card and a data comparison in the Identity Documents Database. In the future, upon the consent of the clients, the bank would be able to verify their identity based on the biometric data submitted when applying for an identity document. Upon verifying the identity of a person, the bank would only be given a YES/NO answer on whether it is the right person. The bank would not have direct access to the biometric data. Through the verification of identity, the bank obtains assurance that the person who is applying for a bank loan is using the right identity and is not pretending to be someone else.
The Ministry of the Interior has developed a draft act on the amendment of the Identity Documents Act and other acts which includes amendments to 14 acts. The aim of the amendments is to create a legal basis for establishing the ABIS database.
Personal data processing
- The data in the ABIS database will be processed in accordance with all the data protection principles, ensuring the lawful and transparent use of the data. The owner of the data stored in ABIS will be the person himself or herself and according to the Personal Data Protection Act, everyone has the right to know who has accessed their data.
- The ABIS database can only be accessed by officials who have a legal basis and are specifically authorised to do so for the fulfilment of their work tasks arising from the law. Institutions can only use the ABIS data for the fulfilment of their objectives arising from the law on the principle of minimality – data are processed as little as possible and as much as necessary to achieve the objective of conducting the proceedings.
- The ABIS database will not store people’s biographic data, such as name, date of birth, personal ID code, citizenship, etc. Those data will still be stored in the respective proceedings register (e.g. the Identity Documents Register, the Visa Register). This therefore does not create a ‘super database’ which would contain the personalised biometric data of all the people related to Estonia.
The Government of the Republic decided to create the ABIS database in 2017. The ABIS database development project is led by the Police and Border Guard Board, and the IT and Development Centre of the Ministry of the Interior is responsible for the development and management of the system. The state’s partners in the acquisition and development of ABIS are IDEMIA and Cybernetica AS.The Police and Border Guard Board, the Estonian Forensic Science Institute and the Ministry of Foreign Affairs will be the controllers and main users of the database.
The ABIS database will be implemented step by step. In the first half of 2021, the ABIS modality will be implemented for conducting forensic examinations in offence proceedings, and in the first quarter of 2022, ABIS will be introduced for providing support in administrative proceedings.