President Kersti Kaljulaid promulgated the personal database systems establishment act (ABIS) passed by the Riigikogu on 15 June and said it is not against the constitution.
However, Kaljulaid said society-wide discussions need to be had on the use of data in the future.
"As our digital state evolves, the state's databases, processing and architecture will become of higher quality, which in turn will create new opportunities for data use. However, there is no broader societal consensus on how and what a state can continue to do with the data that belongs to each individual in the third decade of the 21st century," she said.
This "undermines trust between the state and the citizens," she added.
Kaljulaid said she had spoken to leaders of several parliamentary parties, legal experts and responsible ministers about the bill and the issues that have arisen due to its creation.
She said she would be happy if analysis and implementation followed "important and fundamental changes" and called on ministries to carry this out after implementation.
She also appealed to the Riigikogu for the parliamentary parties to agree on principles to follow when creating and shaping e-government legislation in the future. Additionally, for them to analyze the compliance of laws passed with these principles.
The Riigikogu passed the law on June 15 and 56 members voted for it and 38 were against it.
The act streamlines biometric data, with one database doing the job of several, once the act enters into force. Critics say the data would be used excessively or could be accessed too easily.
EKRE was against the adoption of the law and brought the work of the Riigikogu to a standstill trying to fight it. The party hoped the president would not give assent to the law.
As head of state, Kaljulaid signs into effect acts passed by the Riigikogu. She also has the right to challenge them by returning them to the Rigiikogu for amendment or can take the issue to the Supreme Court should this not resolve the matter.
What is the ABIS act
ABIS is a legal basis for establishing a database for an automated biometric identification system. There are currently several databases in use in Estonia which contain biometric personal data and are at present under various ministries' areas of administration. The objective of the ABIS database is to increase the reliability of identification by using the datasets to create a central database.
The creation of the database and the resulting capability to compare biometric data will have a positive impact on the state's internal security as it will help law enforcement bodies resolve criminal offenses.
The processing of data in the ABIS database will follow all data protection principles and ensure that data is used lawfully and transparently. The owner of the data stored in ABIS is the person whom it concerns and pursuant to the Personal Data Protection Act, the owner has the right to know who has viewed their information.
Access to ABIS will be granted only to officials who have the legal right and specific authorization in accessing the database, for the purpose of fulfilling their statutory duties. Data relating to ABIS is to be processed as little as possible, and only to the extent required for achieving the objectives of proceedings, it is reported.
Editor: Helen Wright