Digital societies, which are dependent on information and communication technologies, must face up to a number of major challenges. One challenge is the issue of working out how to protect all the data that might become vulnerable in the event of a cyberattack. In this context, the concept of e-embassies is an innovation in diplomatic relations that ensures the hosting of sensitive data in a friendly country combined with guarantees of immunity. In 2015, Estonia's e-embassy was a world first in Luxembourg. Six years later, the e-embassy of Monaco has found its way to the Grand Duchy – it was officially launched in July 2021.
E-embassies – sensitive data kept safe from cyberattacks
The purpose of this new diplomatic approach is to save a country's sensitive data at a data centre in another, friendly, country. This means that the terms 'e-embassy' and 'data embassy', which both refer to this innovative concept in diplomatic relations, are synonyms.
Data is hosted with guarantees of immunity and privileges similar to those of a traditional embassy because the founding agreements between countries take account of the 1961 Vienna Convention on Diplomatic Relations. It is nevertheless a totally new concept in international law: as is the case for actual embassies, the data centres constitute sovereign territory of the country that owns the data.
The data saved in these virtual embassies are copies of a country's most sensitive and confidential data, or even digital twins of a country's 'cloud'. Thus in a world in which cyberattacks are on the increase, e-embassies will help protect vital data and services that are essential to the smooth running of a country, thereby reducing the potential impact of a cyberattack.
Estonia and Monaco – digital diplomacy in the Grand Duchy
Estonia's 'data embassy' in the Grand Duchy has been a world first. The launch of the e-embassy project dates back to 2015; the agreement between the two countries was signed in 2017. Since 2018, an extension of the Estonian Government's 'cloud' has been hosted at LuxConnect's certified Tier IV data centre.
Estonia, hailed by the World Bank as the world's most advanced digital society, had its first experience in cyberconflict in 2007, when a number of attacks succeeded in simultaneously downing 58 Estonian websites, including those of the Government, most newspapers, and several banks. Although no information was lost during the attack, it gave considerable impetus to the idea of ensuring the functioning of services and the continuity of data via 'data embassies' located outside the country.
A few months later, in December 2018, the Grand Duchy and Monaco signed a partnership on digital innovation that included a section on saving sensitive data in a data centre with guarantees of immunity in line with the model of Estonia's e-embassy. It has become strategically important for the Principality of Monaco to protect data from the risks of cyberattack and natural disaster – guarantees that are impossible to set up in a State covering an area of no more than 2km2.
Following the signing of a bilateral agreement on 15th July 2021, the Monaco e-embassy on Luxembourg soil was officially born. Today, two and a half years after initiating the process, Monaco and Luxembourg have finalised the storage of the Principality's sensitive data. Following this agreement between the two countries, Luxembourg now hosts a digital twin of the Monegasque sovereign cloud in Bissen, thereby applying the recommended security standard of 120km between two storage locations.
The Grand Duchy - a pole of excellence in the field of digital technologies and data security
The Grand Duchy has two great advantages for implementing these innovative projects.
Firstly, a telecom network hyperconnected to primary Internet access centres in other countries. The Digital Economy and Society Index (DESI) for 2020 confirms the excellence of the Grand Duchy's technological environment: the Grand Duchy is ranked 3rd in Europe in terms of connectivity. In this context, the launch of the national 5G strategy in 2018 is a demonstration of the firm intention to consolidate the country's role in this field.
The Grand Duchy also has a great deal of experience in cybersecurity. 2016 saw the inauguration of LuxConnect's DC1.3 data centre, with its 5,500m2 of available IT space; it is certified to the Uptime Institute's Tier 11 and Tier IV. Whereas a data centre normally has a single Tier level, a Tier IV data centre has redundant components and distribution circuits so there is no IT impact in the event of a breakdown (it is said to be 'fault tolerant'). These days, the Grand Duchy is a leader in terms of Tier IV certified data centres.