Do you really think that [operational deviance] describes an everyday state of affairs?
In a sense, it does. Shipping accidents including foundering happen literally every day. When they do, we almost always find that the vessels have been operated complacently in one way or another that chronically invades the safety margin. There's rarely any difference in perceived safety between operating something well outside the safety margin and operating well within it. That's the danger.
When we studied non-passenger shipping operations for the 20th century, we found that shipping early in the century incurred a certain accident rate. We expected that the explosion in navigation, communication, and electronic controls in the mid-to-late 20th century would have reduced the accident rate—that was the intent, anyway. What we found was that the accident rated remained unchanged. The additional margin provided by advancements in engineering was being used to increase production efficiency.
For example, ships naturally slow down when they enter hazard areas because they can't know precisely where they are and precisely where the hazards are. Going slow increases their capacity to avoid danger. But it delays their arrival; this is not favorable. With the ability to know their own position more precisely, and the ability to locate and avoid hazards, ships can go much faster, but with more at stake now if they're somehow wrong. Rather than reduce the effect of hazard and decrease the accident rate, the industry chose to accept the same accident rate in exchange for greater production efficiency. This is because production metrics generally
are incremental.
The normalization of risk is a prong in the same fork as the normalization of deviance. The normalization of risk says, "This thing is always this dangerous, no matter what we do." We then apply a somewhat amoral calculation to what we think our responsibilities are. Driving on the motorway incurs a certain inevitable risk, we say. Oh, we have airbags now? That means I can drive a little faster while maintaining the same risk I demonstrated I could tolerate before airbags. When we say we want safety at all costs, we deceive ourselves. The receipts show we generally emphasize safety only temporarily in the wake of a prominent accident, whereafter the tolerance of risk drops back down to an invariant baseline.
The normalization of deviance says, "I didn't wreck my car
today, so I must be driving safely." Or conversely, "I know the Check Engine light is on, but my car seems to be running fine so it can't be a big deal." And we press on. A month later we're standing by the side of the road, bonnet up, cursing what "suddenly" has happened to us.
P2015 on my car is an indication that a certain control is malfunctioning. The control enhances efficiency, but is not related to safety. The root cause, however, was rodents chewing on the vacuum lines the control relies upon for power. Astutely you should be wondering about what else the rodents are chewing on, so that you don't suddenly lose hydraulic pressure or coolant through chewed-upon weak spots in those similarly tasty rubber hoses: spots that suddenly burst when you're going 100 km/h down the freeway. Simply saying
de minimis, "Well, my car runs fine if a little less efficiently," is a perfectly typical normalization of deviance that is an absolute disaster when applied to high-risk technology.
We fail on a daily basis to note how lucky we are because the safety margin is intentionally nonlinear and nonincremental, and our default is
de minimis thinking. That's a fancy way of saying what I said above: the only observation that differs across the boundary of the safety margin is often the benign instrumentation that tells us we've crossed it. There may be other signs, such as having to hammer home the bolts that hold key components in place. But production pressure favors
de minimis Band-Aid remedies: the bolt is in the right place
now, so we must be safe, right? It favors exceptionalist thinking :—
my ship won't sink, will it?
My plane won't crash, will it? That misalignment was trying to tell us a story, just like the vacuum-hose breach was trying to tell us a story. Being disinterested in the story so long as the car runs or the visor closes or the plane can land safely with a door plug missing is usually attractive, but rarely wise.