1. Risk and safety are causally connected?

Risk and safety overlap as terms in ordinary language. Some seek to formalize the said relationships—e.g., increasing safety barriers reduces risk of component or system failure. In contrast, I come from a field, policy analysis and management, that treats safety and risk to be very different. Indeed, one of the founders of my profession (Aaron Wildavsky) made a special point to distinguish the two.

The reasons are many for not assuming that “reduce risks and you increase safety” or vice-versa:

However it is estimated, risk is generally about a specified harm and its likelihood of occurrence. But safety is increasingly recognized, as it was by an international group of aviation regulators, to be about “more than the absence of risk; it requires specific systemic enablers of safety to be maintained at all times to cope with the known risks, [and] to be well prepared to cope with those risks that are not yet known.”. . .In this sense, risk analysis and risk mitigation do not actually define safety, and even the best and most modern efforts at risk assessment and risk management cannot deliver safety on their own. Psychologically and politically, risk and safety are also different concepts, and this distinction is important to regulatory agencies and the publics they serve. . . .Risk is about loss while safety is about assurance. These are two different states of mind.“

(Danner and Schulman, 2018)

The differences for me come with the failure scenarios—risks with respect to this set of granularities as distinct from safety with respect to that set.

---

2. Interdisciplinary focus?

It’s de rigueur to call for more interdisciplinary research on risk and safety management in large critical infrastructures.

Yet such calls not only must surmount the standard-normal qualitative v. quantitative, reductionist v. holistic, and positivist v. post-positivist methodological divides. They must also address not only regulatory, political, and psychological differences (as in the above quote), but also societal, economic, historical, sociological, and cultural differences. And why stop there, case by case?

I’ve never read a call, routine as they are, for an interdisciplinarity granular enough to tell how to answer the preceding.

---

3. Control risk? Control safety?

In ordinary language, it is common enough to conflate “manage” and “control.” That will not do for policy and management complexity.

Control is when the system’s input variance, process variance and output variance are rendered low and stable. Think of the nuclear reactor plant. Guns, guards and gates are used to ensure outside inputs are controlled; processes within the nuclear station are highly regulated by government to ensure few or no mistakes are made (operations and procedures that have not been analyzed beforehand are not permissible); and the output of the plant – its electricity – is kept constant, with regulated low variance (nuclear power is often considered “baseload,” on top of which are added other types of electricity generation).

One defining feature of the Anthropocene is that critical systems having low input variance/low process variance/low output variance are fewer and fewer because of increasing political, economic, social and etcetera unpredictabilities.

For example, electricity generation sources—and very important ones—now face high and higher input variability. Think of climate change, citizen and consumer unrest, regulatory failures and other external impacts on the inputs to energy production. Such have posed the challenge of managing what can no longer be controlled (if ever controllable).

In response, operational processes inside a good number of power plants have had to become more varied (this reflecting the so-called law of requisite variety), with more options and strategies to process and produce what still must be a low-variance output: namely, electricity at a regulated frequency and voltage.

So what?

When it comes to underwater petroleum exploration and production, by way of another example, alarms produced by autonomous systems can and do often turn out to be false alarms occurring under already turbulent task conditions at sea. Indeed, operating at a higher level of autonomy and having to cope with indiscriminate false alarms may no longer permit the real-time operators to revert, just-in-time, to lower levels of autonomy, e.g., managing via more manual operations, as and when nothing else works. Changes in safety have risk implications, but not necessarily symmetrically the other way round.

---

4. Building to macro systems from micro data or micro foundations?

Discussions of macro-safety and macro-risk have long been rooted in appeals to micro-foundations for both. Yet such systems approaches have been called into question across a variety of academic fields.

Consider the repeatedly disappointing efforts in building up macroeconomic models from separate subsystem models or in grounding macroeconomics in microeconomics. It’s been said that no economist in his or her right mind would ever rely on the microfoundational Dynamic Stochastic General Equilibrium (DSGE) models of the economy developed and tinkered with over decades. (See also the disappointing history of “lifecycle modeling” for endangered and at-risk species.)

But is there an integrating mechanism at work between micro and macro? I’m not sure that even those detailed analyses revolving around the labor-augmenting rather than -substituting nature of AI software recognize that humans are the only “integrated comprehensive model” we have for some time to come. Especially when it comes to both the safety management and the risk management of such systems.

---

          5. Are risk and safety even distinguished with sufficient granularity?

More than a year ago a joint statement was issued by the Center for AI Safety: “Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war.” Famously, it was signed by more than 350 AI experts and public figures.

Now, of course, we cannot dismiss the actual and potential harms of new and morphing artificial intelligence.

But, just as clearly, these 350 people must be among the last people on Earth you’d turn to for pandemic and nuclear war scenarios of sufficient granularity with respect to risks, safety and their differences against which to appraise their AI crisis scenarios.

---

Sources.

Danner, C., and P. Schulman (2019). “Rethinking risk assessment for public utility safety regulation.” Risk Analysis 39(5): 1044-1059.

Roe, E. (2020). “Control, Manage or Cope? A Politics for Risks, Uncertainties and Unknown-Unknowns.” Chapter 5 in The Politics of Uncertainty: Changes of Transformation (eds. Ian Scoones and Andy Stirling). Routledge, UK.

Schor, J.B. (2021). “Dependence and heterogeneity in the platform labor force.” A policy brief for the Governing Work in the Digital Age. Hertie School, Berlin.

Storm, S. (2021) “Cordon of Conformity: Why DSGE models are not the future of macroeconomics.” International Journal of Political Economy 50(2): 77-98 (DOI: 10.1080/08911916.2021.1929582).

Utne, I.B., I. Schjølberg, and E. Roe (2019). “High reliability management and control operator risks in autonomous marine systems and operations.” Ocean Engineering 171(1): 399-416.

I know of few other tv series I’d recommend as highly. It can be found on viki.com and it is equivalent in quality to the fine European art house film. Its two leads are a center of gravity that draws you in beginning to end.

On the contrary, almanacs were one of the most successful genres of the period. At their highest point in the 1660s, sales averaged between 350,000 and 400,000 annually in England, out-selling all other types of books. . . . The suggestions astrologers offered in their printed almanacs for dealing with impending health threats were not ultimately directed at government authorities. To take a modern analogy, almanac prognostications functioned more like WHO press releases containing guidance for the public than reports with advice for state administrators. . . .

M. Pfeffer (2024). “Astrology, plague, and prognostication in early modern England: A forgotten chapter in the history of public health.” Past & Present 263 (1): 81–124 (accessed online at https://academic.oup.com/past/article/263/1/81/7044244)

Appealing to prediction in the midst of collectively-evident turbulence should be read symptomatically in just the above way.

Who owns this landscape? –
The millionaire who bought it or
the poacher staggering downhill in the early morning
with a deer on his back?

Who possesses this landscape? –
The man who bought it or
I who am possessed by it?

False questions, for
this landscape is
masterless
and intractable in any terms
that are human.

Lines from Norman MacCaig’s A Man In Assynt (accessed online at https://www.scottishpoetrylibrary.org.uk/poem/man-assynt-extract/)

Although not first thought of as such, critical infrastructures are a key institutional mechanism for the distinguishing and dispersing social values.

Critical infrastructures instantiate social values not abstractly but as differences taken into account when societal reliability and safety matter now. These differences—more properly, differentiated knowledge bases about and orientations to reliability and safety at the event and system levels—are reconciled by infrastructure control rooms (where they exist) in real time and in the name of ensuring high reliability (including safety), then and there.

I

Trust is a good example of how a social value is specified and differentiated by infrastructures. Broader discussions about “trust requires shared values” miss the fact that team situation awareness of systemwide reliability operators is much more about knowledge management, distributed cognition, and keeping a shared bubble of system understanding than it is about “trust” as a singularly important social value.

For that matter, distrust is as core as trust. One reason operators are reliable is that they actively distrust the future will be stable or reliable in the absence of the system’s vigilant real-time management. There has been much less discussion of the positive function of distrust as a social value. In contrast, “distrust” often takes the adjective, “polarizing.”

II

So too for “dread.” Widespread social dread–as in the societal dread that drives the reliability management of very hazardous infrastructures–is almost always taken to be negative. Here too, though, dread has a positive function.

Every day, nuclear plant explosions, airline crashes, financial meltdowns, massive water-supply collapse—and more—are avoided that would have happened had not operators and managers in these large systems prevented their occurrence.

Why? Because societal dread is so intense that these events must be precluded from happening on an active basis. (It might be better to say that we don’t know “societal dread” unless we observe how knowledgeable professionals operate and manage complex critical infrastructures.)

There is such fear of what would happen if large interconnected electricity, telecommunications, water, transportation, financial services and like did fail that it is better to manage them than not have them. We’ve structured our lives to depend on these systems, at least for right now.

III

All of us of course must wonder at the perversity of this. But that is the function of this dread, and distrust for that matter, isn’t it? Namely: to push us further in probing what it means to privilege social and individual reliability and safety over other values and desires. We are meant to ask: What would it look like in world where such reliability and safety are not so privileged?

For the answer to that question is altogether too evident: Most of the planet already lives in that world of unreliability and little safety. We’re meant to ask, precisely because the answer is that clear.

“Prynne presents a body of work of staggering audacity and authority such that the map of contemporary poetry already begins to look a little different.” Roger Caldwell, TLS

I’m new to Prynne’s poetry and haven’t yet gotten a knack for how to read and interpret the more recent ones. This means I, more than not, don’t have a clue about the author’s intention (which shouldn’t matter anyway, so some say).

Which also means I get to interpret his lines far more in my own terms than others might like. Take the following stanza:

Indefatigable, certainly impracticable, chronic                                                                                                                                                                                                                                                                                                                                                                    unretractable, spree; indistinguishable                                                                           epiphenomenal dink-di flunk, rhetic;                                                                                   insurmountable,  unaccountable,                                                                                     incommensurate, providentially,                                                                                                          turn up your nose as we suppose,                                                                                     environmentalism, fiddle-de-dee.

Whatever this means to others, to me it’s a clear example of how many advocates for and against environmentalism overstate their case through argument by adjective and adverb.

Or consider a different stanza:

Casting out terror leaves a vacant spot,                                                                                             your care-free jubilation to out-jest                                                                                                     these heart-struck injuries, mimic new disasters;                                                                             they crowd like fresh battalions, eager spies                                                                                     trying our patience, good out-runs the best.

I interpret “casting out terror leaves a vacant spot” to mean that once we lose widespread social dread over large sociotechnical disasters like nuclear plant explosions, we vacate any notion of reliably managing such extremely hazardous systems.

There are, of course, those who celebrate such an eventuality–think of them as eager spies for the other side. But the loss of reliable infrastructures also does injury and harm to many more other people. Indeed, new disasters arise (imagine the effects of a society no longer fearful of jet planes dropping like flies from the air). The new disasters would “crowd like fresh battalions” and “try our patience” by way of increased calls for different policy and management interventions.

But note Prynne’s “good out-runs the best” as a consequence. For many trained in policy analysis, such as myself, the best is the enemy of the good. That is, better to have good enough when the best is not achievable.

The notion that the best is achievable, even in (especially in?) disasters, highlights a state of affairs not often publicized. Namely, disasters are a way to get rid of legacy infrastructures and components that, under other circumstances, one is precluded from doing so because of existing regulation and law. These would be suspended during the emergency.

My readings too far-stretched, you think? For me, Prynne’s words read as if they are the only ones left legible on the surface of a thick, many-layered palimpsest. A lot has been effaced or scored away below. My point here is that those very same words are also left undissolved on policy palimpsests with which I am familiar. I thank the poet for such permeable texts.

---

Source.

J.H. Prynne (2024). Poems 2016 – 2024. Bloodaxe Books, UK (pages 508, 536).

Indeed, the concept of wartime itself suggests a processual and extendable temporality, rather than a straightforward binary. This is the case since the division between wartime and peacetime is never as clear cut as any formal cessation of hostilities or signing of a treaty would suggest.

World War I clearly did not end with the Armistice, and neither did it cease with the signing of the Versailles Treaty. For some, the World War has never really ended at all given that its promises of meaningful forms of (particularly racial and gender) equality as recompense for serving one’s country have still failed to materialize. The war had an enormous impact both upon the fabric of the earth and natural resources, while its legacy for the ways such categories as state, democracy, representation and capitalism, have become fixed parts of Euro-American political thinking, has been equally profound.

It might therefore be productive to think about the Anthropocene as a form of ‘deep-war time’, both practically and intellectually. This means considering the Anthropocene as an ongoing battle over what it means to think across both planetary and global perspectives, and across the arc spanning World War I and into the present.

D. Kelly (2022). Wartime for the Planet? Journal of Modern European History (DOI: 10.1177/16118944221113281; excerpted above without embedded footnotes)

Emergencies are one thing, like that for the climate. But not all emergencies are wars.

If the Anthropocene is recast as its own wartime, then how is this war different from all the other wars, namely, as massive engines of unpredictable, unimaginable and ungovernable contingencies?

Why ever would we say “wartime” better captures there being no real boundary between war and peace, when the Anthropocene is also about neither human war nor human peace only?

Undertake a thought experiment: Assume that the politician and the policymaker for the California Delta get exactly what they want. They—we—get that first-ever waterway, the never-before governance structure, and uniquely comprehensive ecosystem planning and management. The dreams of Delta carver and modeler are fulfilled unconditionally. Lasting governance, environmental restoration and water conveyance infrastructure in the Delta have been achieved.

Oops, say again? What’s that lasting mean?

What are the consequences of unprecedented construction, governance and environmental initiatives now here to stay into the foreseeable future? Who pays for establishing path dependencies that really do last, well, indefinitely?

Had we heeded that universal caution—Be careful what you wish for!—then one question to always ask is: Who should be the first to pay for what turn out to be long-lasting (irreversible?) interventions that achieved only what was initially wished for them, regardless of subsequent needs?

The danger in stopping short by organizing around probabilities and consequences of large infrastructure failure is the notion that the two are independent of each other. You don’t realize what you have before you may well be little more than unforeseen contingencies associated with a chaotic afterwards. Its causality is the last thing you understand and your risk management framework misleads you in thinking otherwise. In reality, to equate system uncertainties and unknown-unknowns with systemic risk is the disaster to forestall rather than hasten unintentionally.

Or to put the point in positive terms. When an experienced county emergency manager told us, “Floods are complex events, they have many variables,” it wasn’t helpful to tell him, as some did, that he’d be better off first simplifying those events for the purpose of risk modeling. To assume he needed to first understand the flooding better ignored that he was already managing the complexity there. The complexity sands away any shield of photo-clarity and reveals the contingencies and exigencies in action underneath.

So what? Infrastructure reliability managers are in an important sense like that top-most weathervane made to take lightning strikes outside so to protect the house underneath. More, such protection against dangers is a public good, and is what we expect from leaders, regulators and policymakers.

The idea that current capitalist pathologies arise because the capitalism of markets and productivity has disappeared. The idea that Amazon Inc. should be broken up because of its monopoly power and anti-competitive practices, as professed by a think tank whose goal is nothing like a competitive market society. The idea of Eurocommunist parties that the working class isn’t to be praised but contested by, among others, middle class workers.

Time after time, making human behaviour more predictable for the client of prediction (the manager, the police officer) often means making life and work more unpredictable for the target of prediction (the employee, the urban citizen).

https://journals.sagepub.com/doi/10.1177/20539517231171053

Meanwhile I’ll be plotting to outwrite it; I want to be the first human being to imitate ChatGPT perfectly.

https://www.theguardian.com/books/2023/may/20/m-john-harrison-i-want-to-be-the-first-human-to-imitate-chatgpt-wish-i-was-here?utm_term=6469c17386bac9427580944744a8948a&utm_campaign=Bookmarks&utm_source=esp&utm_medium=Email&CMP=bookmarks_email

Large proportions of the Chinese collection are perhaps copies in the eyes of those collectors and dealers, who believe that authentic African art has become largely extinct due to diminishing numbers of active traditional carvers and ritual practices. However, the ideological structure and colonial history of authenticity loses its effects and meanings in China, where anything produced and brought back from Africa is deemed to be “authentically African”.

https://www.tandfonline.com/doi/full/10.1080/13696815.2021.1925089