We live in a world where the obvious solution to problems of trust and security is to increase control at the cost of hindering the ability of other people to do things that they need to do. Most notably, at present, this tendency has been displayed to a massive degree in the public health concerns over COVID-19, where we have seen attempts to control the wearing of face masks, the social distancing of people, the hours that restaurants and stores can be open, the distance between people singing at church or whether they will be allowed by the state to assemble at all. All of this has predictably caused backlash and a widespread disobedience to those rules that are seen as being too inconvenient, or pointless, or needlessly tyrannical. Yet we would be mistaken if we thought that this was only a problem when it came to governments. The use of bureaucratic controls as a means of dealing with the uncertainty of life, while it is certainly a problem in the public sphere, is by no means limited to that, but is fully present within the private sphere as well. And this aspect of bureaucratic control that seeks to improve security for one party without concern for how those controls affect others is itself an important aspect of a great deal of what ails our society and makes it hard for things to get done as they ought to.
When I was a graduate school student in Engineering Management, I took an entire course on the ISO system and its efforts at using controls as a means of ensuring quality. The thought process, which springs from a particularly defective European way of thinking, is that by rigorously controlling change and uncertainty and documenting everything to the high heavens that one can ensure that the result will be one of high quality. This is not the case. A great deal of my own particular job consists of pulling commission statements from various back offices for insurance carriers and processing them so that the information can be added to our own databases and then used to pay agents, figure out the profitability of various corporate strategies, and so on. Getting the data, though, is by no means an easy task. In an effort to increase controls, carriers frequently change the template of their commission statements, provide less and less information so as to lower the risk of breaches, and especially make it very difficult to obtain Excel or .csv files which can actually be used to directly figure out data, instead preferring .pdf files that must be broken down to get the useful data in them. This is grossly inefficient, and frequently the reports are not well designed and require a substantial amount of manual effort to clean up the data so that it is usable. No sane person would think that this was a good idea, but sane people are not those who design bureaucratic controls.
We see a similarly insane process when it comes to getting into back offices in the first place. It was once thought sufficient to have a password that one used to get in, but as many people have recognized, this is not secure. Frequently, therefore, more and more carriers are adopting two-step verification processes that involve some kind of numerical code being sent to an e-mail address. Then the problem is that not all the people who need to use the back office have access to the e-mail address where the codes are sent, and since the verification codes have a time limit of as few as five minutes, getting into these back offices can be an immense chore when someone has to babysit the account and send information to someone else who needs it. The desire to control and limit the amount of accounts that have access to information and the need for similar levels of access by multiple departments, each of whom uses part of the back office and needs access to the whole, leads to ridiculous levels of difficulty in people being able to gain the access necessary. This is complicated even further when accounts get locked because of incorrect passwords or only one person can be in an account at the same time or when websites have cache issues with browsers that are seldom updated because of slow corporate updates and so on and so forth.
The amount of controls that are problematic is immensely high. Some of these controls are related to IT and the desire to preserve the security of computers that have access to corporate networks. Having problems with my dual monitor screens flickering out frequently, I researched how to fix this only to find that the relevant power settings for the display were not available for me to change. Other controls are related to the way that all parties involved in given processes are pressured by internal and external auditing demands in our intense regulated world to implement controls that make it more difficult for things to be done, all in the name of increased security. Hardly anyone stops to think about what they are trying to do and what others need to be able to do when these controls are designed and implemented, and as a result we all seek to control uncertainty by making it vastly more difficult for people to get anything done, even as we tout our efforts at reliability engineering, missing the entire point about what needs to be done. Where communication is poor, and it is frequently poor, these problems multiply because people sign contracts without ever thinking about how certain aspects of the business operate, until those people bring up questions and difficulties that they are having because no one told them what was going on. Because our attempts at control revolve around our thoughts about what we need, we frequently kneecap the ability of other to do what they need to do because we simply are not thinking of their needs at all. And so as our desire to control increases, our lives do not actually manage to improve because we create difficulties for other people that frequently require our attention and time and concern.