I know that many Lawfare readers have been waiting with bated breath—the suspense unbearable—to find out what happens next in my quest for Estonian digital residency. (See here, here, here, and here for prior episodes in this drama.) Well, your suffering is at an end. Today, at 2 pm, I rang the doorbell of the Estonian Embassy in Washington and met with Kristjan Kuurme, Third Secretary—Political Affairs, who issued me my card:
The process was easy enough. Kuurme looked briefly at my passport, verifying that the information on it matched the card he was issuing. He then electronically took two fingerprints from me (the index finger of each hand). He then asked me to sign the following document:
That was pretty much it. He then gave me my card in a snazzy blue box, complete with a card reader and a sealed envelope containing my PINs. More on that stuff in a later post. We then sat down and chatted about the e-Residency program, what Estonia is hoping to achieve with it, and who's participating so far. Here's our conversation—complete with Massachusetts Avenue sirens:
One note: Kuurme stressed to me that he is not a subject matter expert on the technology behind the card, and I believe he mispoke on one point that will be of significance to some readers. Where he describes "public key encryption" in the system, I believe he was trying to convey that the systems are open source and the algorithms and software are available for public scrutiny. I will have more to say in the future as well about the security behind the e-Residency program at a conceptual level. I also think it would be valuable for folks steeped in the technical side of cybersecurity to look hard at what Estonia is doing here.
UPDATE: Kuurme emails to correct a minor error in his comments. Estonia, he informs me, introduced its national idenfitication card in 2002, not in the late 1990s.