Open search
Accessibility

Ukraine builds citizen control into its data infrastructure

Podcast

Written by Federico Plantera, Researcher on tech policy and AI 

Following Estonia’s example, Ukraine is launching a Personal Data Access Monitoring Subsystem embedded in Trembita, the government’s secure data exchange platform.

The mechanism allows every Ukrainian to see who accessed their personal data stored in government registers. It’s a practical implementation of data protection designed not just to comply with regulation, but to shift the balance of power in this domain between citizens and the state. If there is a Big Brother, well, then citizens now get a tool to control it. 

In this episode we host Yurii Kopytin, Senior Expert at the e-Governance Academy, and Hannes Astok, our Executive Director, about what transparency means in practice in Ukraine and, on the side, in Estonia too. 

Choices, between legislation and architecture 

The fundamental problem is simple. “Law alone cannot solve the issue of trust,” says Kopytin. “By law, we can prohibit some access to data, and this means that we will lose some comfort of usage of some services. But it will not help to improve trust.” 

Digital government requires constant data exchange. Public digital services depend on it. But without visibility into how that data is actually used, the relationship remains blind on one end (ours, citizens). “In order for our services to be trusted, we need to be transparent with our citizens,” explains Kopytin. 

The subsystem makes data access visible through logged records. Citizens can review who requested their information and for what stated purpose. When a data request looks suspicious, they can ask questions or file complaints.  

The tool sits within Trembita because that’s where data exchange happens. “Our data is stored in different government registers, and it is used by various authorities and companies to provide services to citizens,” Kopytin explains.

When these entities need access to register data, they go through data exchange platform Trembita. “That’s why we implemented this personal data access monitoring system in Trembita, because it is the main place where the data is transmitted.” 

Is it only possible in Trembita or X-Road? “It’s not technically related to the X-Road or Trembita data exchange platforms only. It’s a concept that could be used in every context,” Astok points out. 

The critical thing is that the government creates a tool to make data requests transparent to citizens. “You need to know who is using your data. It’s your data. You own it.” 

What gets logged 

The system records transaction ID, date and time, the requesting organisation, the providing organisation, the specific registry accessed, the stated purpose, and in many cases the individual employee who made the request. 

“Some data transactions are fully automatic,” notes Kopytin, so employee information isn’t always applicable. But for human-initiated access, the trail is specific. 

If a citizen sees suspicious access, the first step is contacting the organisation directly. If the explanation is unsatisfactory, escalate to the Office of the Ombudsman of Ukraine. 

Astok highlights an important evolution from Estonia’s experience. Initially, Estonians could only see which institution accessed their data. “Now we have updated the data tracker, and also the purpose for that access is now visible.” 

The more context provided automatically, the fewer unnecessary queries citizens need to make. “And all needs to be described in a human manner, so citizens can immediately understand.” 

Not every data query triggers a notification. About 50% of transactions, as Kopytin mentions, are fully automated. “We obviously have no intention of spamming citizens with notifications, that wouldn’t make it comfortable to use the service.” 

But for critical services that directly affect finances, property, or legal status, Ukraine plans to push notifications through Diia app. 

In this case, citizens will receive their push notifications and will understand immediately if something happens with their property rights or something else.” 

Behavioural discipline 

What happens when officials know every access is logged? “You are much more careful,” says Astok. “It doesn’t mean that you need to limit your searches, if it’s legal. However, you must understand that you cannot conduct any search, especially if it is not directly related to your work or the specific task at hand.” 

Take tax authorities. They legitimately need access to income data for verification. But that access must be traceable to specific cases. “If a tax officer is investigating a case, they can only access the data that is related to this case. 

They cannot just access data of people they know on a whim, out of curiosity,” Astok says. 

The same logic applies in hospitals. Doctors can access patient records for those they’re treating. Not celebrity records out of gossip. “Only one’s own practitioners can access a person’s data. This should be the model.” 

Building upon the healthcare sector example, Astok explains that the system requires internal institutional controls as well. 

“When questioned, hospitals must be able to trace down to the specific doctor or nurse who made the request. Anonymous institutional access alone doesn’t create full accountability.” 

Where, in five years? 

Looking ahead to 2030, Astok forecasts several outcomes for Ukraine based on Estonian experience.

“Most probably, the number of illegal queries will be diminishing remarkably.” There will likely be public cases in which citizens catch unauthorised access, and officials face consequences. And awareness will rise on both sides.

“Both citizens and government officials are taking the matter (personal data usage/requests) much more seriously.” 

According to Kopytin, the goal in Ukraine, rather than perfect compliance, is to build a different relationship between the government and citizens, where citizens are the data owners and the government must ask to access it.

One where misuse can be detected and addressed rather than remaining invisible. “We can now say with confidence that when misuse happens, we are able to see it, and we are prepared to respond,” Kopytin emphasises.  

Connecting to the subsystem is mandatory for any public institution in Ukraine that processes personal data via Trembita.

Hundreds of institutions are now preparing. A snapshot of transparency by design – and ultimately, transparency by default. 

Interested in more?  

Listen to all Digital Government Podcast episodes >>> https://ega.ee/digital-government-podcast/ 

e-Governance Academy Foundation

General contact
Client relations & partnerships 
Press inquiries
Address
Ahtri 6, 10151, Tallinn, Estonia
eGA logo
logoegov
NCSI logo
Tallinn Cyber Diplomacy Summer School logo white
KonwCyber
logo-iso-9001

2026 © All rights reserved.