With the backing of the Government Office, Estonia’s recently-launched “eesti.ai” AI guidance strategy has proposed assigning digital IDs to autonomous AI agents in the interest of accountability.
With a digital ID, the actions of automated AI agents could be tracked, verified and audited. Agents that work as digital assistants and coding partners now often have broad permissions, from potentially opening an organization’s gate to attackers to being trusted with individual purchases and financial moves. This act by Estonia is the first concrete government proposal of its nature, and comes as the debate about whether or not computers should be making executive or management decisions is moving from theoretical to very real.
AI agent proposal centers on rights and responsibilities
The plan from the advisory board is not yet complete, but in the broadest strokes would assign a digital ID to AI agents that possess certain high levels of decision-making capability and permissions. While some private initiatives (mostly backed by major cybersecurity and tech firms) to create a DNS equivalent for AI agents have been proposed, this is the first government proposal that appears to be very close to action.
Estonia also has a regulatory focus that these private projects thus far lack. There is a heavy focus on not just tracing actions via digital IDs to assign responsibility, but also protecting personal rights in cases where an individual might have to delegate permissions and authority to an AI agent in a way that could have legal consequences for them.
The digital ID would not be the same as an AI agent possessing a standard national identification number, or having the same rights as a person. The proposed ID instead is more like a tracking number that is not only used for identifying what an AI agent has done, but a log of what permissions each agent has been given that could potentially be harmful (such as financial transactions, submission and publishing of documents, and code editing).
The proposal is a natural outgrowth as the eesti.ai project, just launched at the beginning of 2026, has already placed AI agents with the kind of permissions that need tracking in government customer service systems and in schools in the country. Estonia is also one of the first nations to have moved all of its government services online, a project that it finished up with in December 2024.
Will digital ID for AI become necessary?
AI agents handling business matters directly with other AI agents has not yet become common enough to prompt priority regulation. But some industry observers are certain that this will happen in time, forcing the rest of the world to weigh a similar digital ID scheme.
The limiting factors at the moment, aside from general public trust in the idea and not seeing any of the services as necessary, is the fact that early features available now are primarily convenience tools for individuals: things such as automated booking of travel, management of subscription and bill-paying, and mailbox cleanup, all easy to forego. The business world is far ahead in integration of AI agents with core services such as coding, digital security guards and lab assistants that contribute to medical research and discovery.
But thus far, regulation has been very slow to keep pace with adoption. No other government is as close to moving in this way as Estonia. Argentina is in the draft process of creating laws to register businesses made up of AI agents as “non-human corporations,” but at this point this would not require each agent to have a unique digital ID.
It very much remains to be seen how this will shake out on a nation-by-nation basis. The digital ID efforts that are farthest along at present focus on using the existing DNS infrastructure to label AI agents with SVCB, TXT, and TLSA records. Sam Altman’s former “Worldcoin” project, now called “World,” has also debuted a toolkit that allows AI agents to prove that they are managed by a human before access to a platform is granted. But to a great degree these efforts are more focused on agent-to-agent operability and more easily identifying malicious bots.
Philipp Pointner, Chief of Digital Identity at Jumio, sees this as a first step that other countries will have to grapple with legislatively before very long: “Estonia’s decision to assign digital identification numbers to AI agents is setting a precedent on how we must audit what agents can do on behalf of an individual. With AI assistants having the ability to open accounts, book travel, and make purchases on behalf of a human user, the traditional parameters of identity verification and compliance frameworks like KYC (Know Your Customer) are disrupted.
“Digital identity systems are evolving beyond simply verifying the identity of a human user,” Pointner adds. “We are moving toward an era of ‘Know Your Agent’ where traditional KYC processes must adapt to verify an AI assistant has the appropriate permissions and authority to act on that person’s behalf. Estonia’s initiative recognizes that digital trust requires identity systems that can distinguish between human identity and agent authority. By creating these auditable permissions for agents, security and user control can be preserved, which will become a foundational requirement if agentic AI is going to operate safely at scale.”
Estonia also has some unique advantages in terms of immediate implementation of a digital ID system. The country has made information technology a primary focus of its economy since it built a keyless signature blockchain for its government well over a decade ago. In addition to gradually moving all of its government services online between 2012 and 2024, it has also implemented online voting in national elections. The country also actively courts online businesses for “e-residency” in a process that can be handled entirely remotely.
