Podcast 🎧 & blog: What it takes to get AI working in government: Lessons from Estonia
Written by Federico Plantera, Researcher and Journalist
The last time Ott Velsberg appeared on this podcast was early 2022. Popular LLMs had not yet been released. The conversation was about how AI could support data-driven decision-making in government – a topic that felt, at the time, more prospective than operational.
Four years on, with Estonia counting over 220 public sector AI use cases and close to 60 million euros in estimated annual impact, the frame has shifted. So, it is now less about what AI in government could look like and more about what it has taken to get there.
In this episode of the Digital Government Podcast, Ott Velsberg, outgoing Chief Data Officer of the Estonian government and responsible for Estonia’s AI policy, tells us about the path from strategy to working infrastructure. And the long institutional work that makes it possible to coexist with both consent-based data sharing and AI adoption at scale.
The long game on data
Among the developments we could single out from the past four years, the one he returns to with the most attention is the consent service – a mechanism that allows citizens to share government-held data with third parties through a centralised authorisation system. The regulatory basis for it was established in March 2026. “I started working on this at the end of 2018,” Velsberg says.
What the consent service makes possible is fairly concrete. A bank loan application that previously required gathering documents the government already held can now be processed in minutes. Patients can share health data with a private analytics provider without that provider holding it directly. In Velsberg’s framing, the shift is about repositioning the state: “government is the trustworthy kind of manager, holder of data, and we can delegate instead much of the service development to the private sector” – on terms the citizen controls. “Just imagine you as a human in control over the information that the government has, having control over how the private sector is processing your personal data,” he emphasises.
The data tracker tells a similar story about timelines. Citizens use it to see in real time which government systems have accessed their personal data. This year, over 60 information systems are planning to implement it – “something that most were against when I started,” Velsberg recalls. What made any of this possible to build on is less visible than the applications themselves. When he joined the government in 2018, “data management, or data governance as a whole, wasn’t a topic that executives were too keen on, but everyone wanted those shiny applications.” Most organisations did not yet have data governance officers or data stewards. That changed, and so did data quality.
The stakes, in a practical example: “If you want to predict where car traffic accidents will happen, then you need to ensure that the GPS coordinates are correct, because otherwise they will point you in the middle of nowhere. One thing I think we often miss is linking data objectives to business objectives. As a result, we don’t bring the value that is fair to expect.”
Use cases came from a survey
Two of Estonia’s most discussed AI applications emerged from a government satisfaction survey that asked officials what they found most time-consuming and most frustrating. Legislative drafting support and procurement automation, along with briefing notes, game up. Briefing notes accounted for over 33,000 hours a year across just two ministries –“If you put that into money, it’s like 700,000 euros a year just writing briefing notes.” Procurement came up repeatedly: “No one likes to do that. It’s highly technical legislation. Oftentimes, it was cited as taking too much time, and we don’t have enough specialists.”
Procurement documents are now generated from a description of what needs to be procured; legislative applications handle cross-checking, coordination comments, spotting contradictions between Estonian and EU law, catching citation errors before they surface late and expensively. “We plan to save roughly 97 million euros worth of work in the next two years”. But what Velsberg returns to is “the kind of satisfaction with the work that you do. You’re an expert. You don’t want to spend so much time on drafting the right procurement document.” Removing that weight, he argues, is what makes adoption stick in a way that top-down mandates rarely do.
Proactive, on your terms
The Digital State Agenda 2030, anchored to the Estonia 2035 long-term strategy, sets out the country’s vision as “the world’s most free, self-operating, human-controlled AI-using state.” The third pillar of that vision – what the document calls “a free person’s free choice” – is the one Velsberg returns to most. By 2030, the agenda commits to a regulatory and technological framework that gives citizens genuine control over their data, mandates transparency of all public-sector data processing through the Data Tracker, and establishes a legal basis for consent-based data sharing. That last commitment became real in March 2026, when the regulation finally passed after six years of work.
What this enables in practice runs in two directions. The state can reach out to citizens proactively, however, only to the degree they permit. “Citizens can also reach out to the state on their own terms, as the genome portal illustrates: those who choose to donate genomic data can access personalised health risk information, but still, for the very first time, you have to give consent. Yes, I understand – these are predictions, it’s not 100% likely.” In both cases, the level of engagement is determined by what the individual has chosen to authorise. The infrastructure is designed to accommodate the full range, not to prescribe one model.
The gap seems to be between rights that exist on paper and what citizens can actually do with them. “The question that I oftentimes see that governments are failing is ‘how to put those principles in place’, in action.” The GDPR established the right to access personal data held by organisations. In practice, people receive CSV and PDF files. “No one can build a meaningful service on top of that.” The Data Tracker and the consent service are Estonia’s answer to that gap – infrastructure that turns legal commitments into usable interfaces for real oversight and real choice.
What transfers
Asked what other governments can realistically take from the Estonian experience, Velsberg focuses on process rather than tools. The AI accelerator model works because of how support is structured: “I’m taking this mindset that if you are working with an organisation, you go all in, you are as part of their team.” The deployment logic follows a consistent pattern: “find one client that is interested, test, develop and then scale out.” Community-building has grown similarly, as a working group of 15 people has grown to nearly 4,000 annual participants in AI-related activities. On mandate and support: “you need to have the stick, the other end, the carrot” – centralised requirements paired with real capacity, not directives handed down without resources.
“A good strategy gets attention,” Velsberg has written. “Implementation creates value.” Six years for a consent service, a decade for an open data portal, and 60 organisations finally implementing a data tracker, most of them initially opposed. That is what implementation looks like when it is taken seriously – and for governments trying to learn from Estonia, that may be the most useful thing to take away: not the stack, not the legislation, but the realistic expectation of how long it takes, and how much resistance is normal.
This podcast and blog have been prepared within the framework of the project “Implement DGA” supported by the European Union. The information and views set out herein are those of the authors and do not necessarily reflect the official opinion of the European Union or its institutions.
Interested in more?
