Status: Free

Obstacles to Access: 2 (0-25)
Limits on Content: 2 (0-35)
Violations of User Rights: 6 (0-40)
Total Score: 10 (0-100)

Population: 1.3 million
Internet Users/Penetration 2006: 690 thousand / 52 percent
Internet Users/Penetration 2008: 852 thousand / 64 percent
Mobile Phone Users/Penetration 2006: 1.7 million
Mobile Phone Users/Penetration 2008: 1.9 million
Freedom of the Press (2008) Score/Status: 16 / Free
Digital Opportunity Index (2006) Ranking: 24 out of 181
GNI Per Capita (PPP): $19,800
Web 2.0 Applications Blocked: No
Political Content Systematically Filtered: No
Bloggers/Online Journalists Arrested: No


Estonia ranks among the most wired and technologically advanced countries in the world. The first internet connections in the country were introduced in 1992 in Tallinn and Tartu academic facilities. According to Estonia's president, the country's status as an "e-country" is due in large part to the disastrous condition of the country's infrastructure in 1991 following nearly 50 years of Soviet control.1 In an effort to integrate Estonia into the global economy, the government initiated a program entitled Tiger Leap that aimed to computerize and connect all Estonian schools with the internet by 2000. This program helped to build competence and awareness about information and communication technologies (ICTs). Today, with such a high level of computer literacy and connectivity, focus has shifted from basic concerns such as access, quality, and cost of internet services to discussions about security, anonymity, the protection of private information, and citizens' rights on the internet. These issues are closely tied to the most serious threat to internet freedom in Estonia, namely, the cyber attacks against various Estonian communication infrastructures in late April and early May 2007.

Obstacles to Access

The number of internet and mobile phone users in Estonia has grown rapidly in the past 15 years. The internet is regularly accessed by two-thirds of Estonian's population, or approximately 852,000 people;2 58 percent of households have internet access, and virtually all of them (90 percent) have a broadband connection.3 There are also 1.9 million mobile phone subscribers – 600,000 more than Estonia's population. The first public WiFi covered area was launched in 2001, and since then the country has developed a system of 2.5G and 3G mobile data networks that enable widespread wireless broadband access. In August 2008, the government announced that by 2009 the country would have 2,000 free certified WiFi covered areas meant for public use, including cafés, hotels, motels, and even gas stations.4 In addition, the countrywide wireless internet service based on CDMA technology – which propagates very well due to the use of a low radio frequency – has been deployed and priced to compete with fixed broadband access. Municipalities in rural areas have been subsidizing local wireless internet deployment efforts, and the country's regulatory framework enables local start-ups to provide service with low barriers to entry. Estonians use the internet for a large variety of activities, including search engines (85 percent of users), e-mail (83 percent of users), local online media, news portals, social networking sites, instant messaging, and internet voice communication solutions.5 Additionally, 83 percent of the population uses the internet for online banking – the second highest percentage in the European Union.6 Estonian Public Broadcasting delivers all radio channels in real time over the internet, including audio archives of its radio and television programs, at no charge to users. Emphasis on communication and social media services are an increasing trend. YouTube, Facebook, LinkedIn, Orkut and many other global streaming media and social networking sites are widely available and used.

Data communication has not been the subject of telecommunications service monopoly. The Estonian Electronic Communications Act was created to help develop and promote a free market and fair competition in electronic communications services.7 Today there are over 200 operators that provide a variety of data communication services in Estonia. In 2008, there were eight mobile phone companies, including Elisa, Tele2, and EMT, and numerous major internet-service providers (ISPs), including EENET and Eunet. ISPs and other communications providers are required to register with the Estonian Technical Surveillance Authority (ETSA), a branch of the Ministry of Economic Affairs and Communications, although there is no registration fee.8

Limits on Content

Limits on internet content and communication in Estonia are among the lowest in the world. Nevertheless, due in part to Estonia's thorough privacy laws, there are some instances of content removal. Most of these cases are related to civil court orders concerning cases where inappropriate comments or comments unrelated to the posted article were made. This practice also applies to online comments in forums or on web pages where no registration is needed, although IP addresses can be monitored. Generally, users are informed as to the media portals' privacy policy and regulations for commenting and are expected to follow the instructions. In 2008, the debate over self-censoring or pre-publication censorship took center stage in a court case where the victim of unflattering and largely anonymous comments to a news story filed suit claiming that web portals must be responsible for comments made by readers and must edit them before they become public.9 Web portals say that this is impossible, since they do not have the capacity to monitor and edit all comments made on their sites. The Estonian courts have ruled in favor of the plaintiff, thereby making web portals responsible for all comments posted, but the ruling is being appealed.10

There are over 40,000 active Estonian language blogs on the internet, including an increasing number of group, project, and corporate blogs. The vibrancy of the blogosphere and its activities are frequently covered by traditional media, particularly when blog discussions surround civic activity. The fact that so many Estonians are both computer literate and connected to the internet has created a unique opportunity for the Estonian government. In addition to hosting virtual trade fairs and an online embassy, the Estonian president's office has its own YouTube Channel, complete with messages released exclusively on YouTube.11 Estonia has the largest functioning public key infrastructure in Europe, based on the use of electronic certificates maintained on the national ID card.12 More than 80 percent of the population possesses the ID card that enables both electronic authentication and digital signing. Relevant legislation is in place, giving the digital signature equal power with the handwritten one and imposing a responsibility on public authorities to accept digitally signed documents. Estonian ID cards have been used to facilitate electronic voting during parliamentary elections in 2007, and they will be used again in 2009 municipal and European Parliament elections.13 In 2008, over 86 percent of citizens filed their taxes over the internet, making the online services offered by the tax department the most popular public e-service.

In April 2007, blogs and SMS messaging played an important role in the protests over the removal of a Soviet war monument. While it was known that the Estonian government would remove the monument, no official announcement had been made. When the police cordoned off the area and covered the monument, word quickly spread via mobile phone, SMS, and the internet, and within a few hours the crowd had grown to several thousand.14 Two days of rioting followed, mostly by ethnic Russians. However, as the physical violence receded, an unprecedented wave of cyber attacks against the Estonian government began. These "dedicated denial of service" (DDoS) attacks affected all of the government's websites, Estonia's largest bank, and several sites of daily newspapers. Because of Estonia's level of connectivity, even simple transactions like reading e-mail, online banking, and paying for a parking space were impossible. Officials were finally forced to block access to Estonian sites from IP addresses outside of Estonia in an effort to stop the attacks.15 Throughout the three-week period of unrest, internet appeals and SMS messages continued to call for protests against the Estonian government.16

Violations of Users' Rights

Freedom of speech and freedom of expression are strongly protected by Estonia's constitution and by its membership in the European Union (EU). Anonymity is allowed, and discussions on anonymity and the respectful use of the internet have been widespread. Internet access at public access points can be obtained without prior registration. In 1996, Estonia enacted the Personal Data Protection Act (PDPA) which protects an individual's personal data from collection and dissemination for public use. Any data that is considered sensitive – political opinions, religious or philosophical beliefs, ethnic or racial origin, sexual behavior, health, criminal convictions, etc. – cannot be processed without the consent of the individual. The Data Protection Inspectorate (DPI) is the supervisory authority for the PDPA with an objective of "state supervision of the processing of personal data, management of databases and access to public information."17 However, as a member state of the European Union, Estonia is under pressure to implement the EU Data Retention Directive that requires ISPs and other telecommunications providers to retain customer data for a period of no less than six months and no longer than two years. The EU adopted the Directive in March 2006. However, Estonia chose to postpone the implementation of the Directive for 36 months.18 At the time of this report, the postponement was still in place.

There have been no physical attacks against bloggers or online journalists in Estonia, but online discussions are sometimes inflammatory. Following instances of cyber bullying, sexual harassment, and misuse of social media, discussions and public awareness campaigns were launched to raise parental involvement and increase child protection on the internet. Awareness of the importance of the security of ICTs both in private and business use has been raised significantly after cyber attacks took place against Estonia in May 2007. Recently, the Cooperative Cyber Defence Centre of NATO was established in Estonia to improve cyber defense interoperability and to provide cyber defense support for all NATO members.19 Tartu University and Tallinn University of Technology have also announced that they are launching the world's first Master's program in cyber defense.20

1 "Estonia Became Internet Savvy "Thanks" to Occupation," Baltic News Service, April 15, 2008.

2 ITU,

3, accessed December 2008.

4 "Estonia to have 2,000 public WiFi by 2009," Estonian Review,, accessed March 25, 2009.

5, accessed February 2009.

6 "Estonians tend to avoid e-shopping – survey," Baltic News Service, February 8, 2008.

7 Ministry of Economic Affairs and Communications,, accessed March 26, 2009.

8 Estonian Technical Surveillance Authority, Commencement of Provision of Communications Service,, accessed March 26, 2009.

9 "Big businessman goes to war against web portals," Baltic Business News, March 18, 2008,

10 "Delfi plans to appeal against the ruling favoring Vjacheslav Leedo," Baltic News, June 30, 2008,

11 "Estonia launches embassy in virtual world Second Life," Agence France Presse, December 4, 2007, and



14 Global Voices Online, "A Russia Rebellion,", accessed March 24, 2009.

15 "Estonia hit by Moscow cyber war," BBC, May 17, 2007,

16 "Estonia launches probe into Internet call for armed uprising," Agence France Presse, May 3, 2007.

17 EPIC Human Rights Report,, accessed March 24, 2009.

18 DIRECTIVE 2006/24/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL, Official Journal of the European Union,, March 24, 2009.

19 NATO Transformation Network,

20 "Estonian universities to launch Master's programmes in cyber defence," Estonian Review, October 10, 2008.

This is not a UNHCR publication. UNHCR is not responsible for, nor does it necessarily endorse, its content. Any views expressed are solely those of the author or publisher and do not necessarily reflect those of UNHCR, the United Nations or its Member States.