Fr, 27.01.2023

Another crack in the digital state’s reputation: Estonia has to apologize to the EU

Meinhard Pulk
, ajakirjanik
Another crack in the digital state’s reputation: Estonia has to apologize to the EU
Facebook LinkedIn Twitter
When the development works were tested in October, the results were negative. Now Estonia had to apologize to the rest of Europe.
When the development works were tested in October, the results were negative. Now Estonia had to apologize to the rest of Europe. Photo: Remo Tõnismäe
  • Excessive digitization backfired on us.
  • The Schengen information system is not a priority for the PPA.
  • Läänemets hopes for the EU countries’ understanding.

The inability to complete the development of the Schengen Information System (SIS) in time forced Interior Minister Lauri Läänemets to apologize to both the European Union and the member states of the community a few weeks ago.

The need for the development of the Schengen Information System (SIS) managed by the European Commission (known as SIS Recast) arose in 2018, when three new regulations were agreed upon. This expanded the number of end users of the system and, according to SIS Recast project manager Kaidi Eerik, increased the requirements for the information system's capacity. The countries were granted three years for the development, i.e. the deadline for entry into force was already last December. Estonia did not finish the work last year, nor will it complete it by the new deadline of November 22 this year.

Minister of the Interior Lauri Läänemets wrote a letter last week to Ylva Johansson, Commissioner for Internal Security of the European Commission, and to the interior ministers of the EU and Schengen countries, expressing deep regret, as well as hope for understanding and apologizing for Estonia not being able to complete the development within 2022.

The reason was the system test carried out in October with negative results, to put it mildly: the loss of data was estimated at ten percent, the general quality of the data was not acceptable, and other technical problems were detected. Thus the system is still raw. Läänemets promised the partners that a new test would be carried out by January 9 at the latest.

“Please once again accept my sincere apologies for the delay and the additional challenges caused by the incident to all of us,” Läänemets wrote and thanked the member states and other parties who have helped Estonia find solutions to its problems.

PPA’s interest remains lukewarm

On the one hand, the events can be viewed as yet another failure of Estonia with its reputation of a digital country. But on the other hand, in this case, we are victims of our own high level of digitization – while other countries were able to build systems from scratch, so to speak, Estonia has to integrate innovations with our already existing systems, and this is a much more complicated and time-consuming task.

Who is the scapegoat? Opinions differ. The development work was ordered by the Police and Border Guard Board (PPA), but they were to be carried out by the Information Technology and Development Center of the Ministry of the Interior (SMIT), which in theory should also be responsible for the timely completion of the work. Even if SMIT's work has been delayed, it was emphasized to Postimees that the failures can be attributed to only one case, which does not give grounds to question SMIT's general competence. They have a heavy workload and it is said that out of a hundred jobs, only two or three are behind schedule.

On the other hand, PPA has reportedly signaled within the ministry's area of responsibility that the development process is not a priority for them at the moment. Since IT developments are always carried out in continuous cooperation between the customer and the developer, a certain apathy of the PPA is also an important reason behind the delay in development work.

Taken narrowly from Estonia's point of view, these innovations are also not time-critical, although our protracted action may have a certain foreign policy impact, because in order to implement the regulations and the updated system, all countries must complete their work. “Unfortunately, we are currently among the last three together with Latvia and Portugal, after whom the others will have to wait a little,” Läänemets commented to Postimees.

Increasing administrative burden

As mentioned, the new regulations and the upgraded system will increase the number of end users of SIS.

“For example, the officials responsible for the registration of various security institutions, prisons and weapons will be authorized or have their previous rights expanded. Access to the data of the authorities responsible for vehicle registration will also be expanded,” Eerik said about the effect of the regulations.

Eerik stated that, like any delay, the current one also creates an additional administrative and development burden. "However, in order to ensure the reliability of the system, all possible risks must be mitigated in a timely manner."

She emphasized that before the completion of the system, a wider notification will be made so that the citizens will be aware of the processing of their data by the system. Eerik answered the clarifying question about what kind of data we are talking about: “For example, it will become mandatory to carry out inquiries of fingerprints in SIS, that is, if the query is made to the national databank, it must also be done through SIS. Another example: in the case of missing children, it is possible to add a DNA profile to the warning notice.”

A solution to the transit problem?

In the context of border control, the citizens of Russia, as well as other third countries, who use Estonia only for transit have been a concern in recent months. It has been asked how effectively Estonia can check whether they really only pass through here. In internal security circles, a Schengen-wide entry-exit system is seen as a mitigating measure, which should be ready by May of next year.

“The entry-exit system which is being created, will register the entry, exit and entry ban data of third-country nationals crossing the external borders of the Schengen area,” explained Kaidi Eerik, project manager of SIS Recast.

According to her, the registration will concern third-country nationals who stay in Schengen for a short period of time: 90-180 days. With the help of the new system, it is possible to more efficiently identify at the border the people who have stayed in the country longer than permitted and to see the border crossings at the external border of other Schengen member states, with the help of which the system helps to calculate the already used and remaining time of stay of each passenger.