Abstract

Estonia is an undisputed leader in digitisation of the state. The wide range of digitally accessible public services is not only a convenience for citizens and a budget saver, but also a great challenge for security, including the digital continuity of the state. The threats, which the Estonian authorities and citizens became aware of with the massive cyberattacks in 2007, led decision-makers, among other things, to building a national cloud computing concept, one element of which was to be data embassies, conceived as data centres located outside Estonia, but under its jurisdiction with protection guarantees on a par with those provided by international law for diplomatic missions. The agreement on the hosting of data and information system signed by Estonia with Luxembourg in 2017, in the spirit of the Vienna Convention, has made the idea of a 'data embassy' a reality. This article presents the concept of a data embassy as an important element of Estonia's cybersecurity, while also providing an analysis of the rules encompassed by this agreement as a basis for the operation of an Estonian data centre on Luxembourg's territory.