As I understand it, in Estonia it's itself a microprocessor and it's an encryption device, so it verifies my identity.
By the way, on Estonia, the biggest sales pitch—and I know Mr. Kent might have been worried about it—when they came to our committee was that they said there's been no identity theft since they implemented this system—no identity theft. Why? Because if they lose the digital ID, the certificate can easily be revoked, so nobody can use that digital ID to access services in faking to be someone else.
If those are the three building blocks, and if you don't have a clear answer to any...and you say those all sound positive, the overarching question is, are there other layers we should be building in to make sure we have privacy by design built into digital government services, as Estonia does it? Is Estonia missing something or should we do what Estonia does?